urlscan.io logo urlscan.io
SecurityTrails logo

www.hawtcelebs.com Open in urlscan Pro
2606:4700:3034::6815:3bda  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.hawtcelebs.com/
Effective URL: https://www.hawtcelebs.com/
Submission: On February 25 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 145 IPs in 11 countries across 148 domains to perform 991 HTTP transactions. The main IP is 2606:4700:3034::6815:3bda, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hawtcelebs.com. The Cisco Umbrella rank of the primary domain is 144010.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2021. Valid for: a year.
This is the only time www.hawtcelebs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 2606:4700:303... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
30 2606:4700::68... 13335 (CLOUDFLAR...)
2 9 68.71.249.118 20093 (ZEROLAG)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
11 23.54.69.74 16625 (AKAMAI-AS)
4 2600:9000:21e... 16509 (AMAZON-02)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
28 2607:f8b0:400... 15169 (GOOGLE)
18 142.250.80.2 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
7 2606:4700::68... 13335 (CLOUDFLAR...)
7 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
2 151.101.129.194 54113 (FASTLY)
6 2620:116:800b... 14618 (AMAZON-AES)
7 8 68.67.160.75 29990 (ASN-APPNEX)
12 14 8.28.7.82 62713 (AS-PUBMATIC)
29 68 142.250.65.194 15169 (GOOGLE)
3 3 8.28.7.83 62713 (AS-PUBMATIC)
2 2 8.28.7.84 62713 (AS-PUBMATIC)
1 7 150.136.25.38 31898 (ORACLE-BM...)
3 2600:9000:21e... 16509 (AMAZON-02)
2 2600:9000:21e... 16509 (AMAZON-02)
1 23.200.205.171 16625 (AKAMAI-AS)
69 52.4.33.45 14618 (AMAZON-AES)
1 46.105.201.240 16276 (OVH)
13 45 68.67.179.77 29990 (ASN-APPNEX)
3 69.166.1.14 27630 (AS-XFERNET)
3 34.231.139.54 14618 (AMAZON-AES)
2 21 147.75.38.124 54825 (PACKET)
1 6 75.101.138.186 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
3 51.89.99.21 16276 (OVH)
1 67.202.114.216 32748 (STEADFAST)
1 13.225.230.103 16509 (AMAZON-02)
1 192.99.8.28 16276 (OVH)
7 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
23 2607:f8b0:400... 15169 (GOOGLE)
2 13.225.231.199 16509 (AMAZON-02)
1 34.235.189.191 14618 (AMAZON-AES)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
1 104.18.28.199 13335 (CLOUDFLAR...)
1 2607:f8b0:402... 15169 (GOOGLE)
14 34.194.11.208 14618 (AMAZON-AES)
7 2607:f8b0:400... 15169 (GOOGLE)
3 3.135.27.102 16509 (AMAZON-02)
30 70.42.32.255 13789 (INTERNAP-...)
1 67.202.105.32 32748 (STEADFAST)
26 2607:f8b0:400... 15169 (GOOGLE)
1 2 142.250.80.70 15169 (GOOGLE)
6 142.251.35.162 15169 (GOOGLE)
3 31 23.54.68.240 16625 (AKAMAI-AS)
1 2600:1400:d::... 20940 (AKAMAI-ASN1)
4 184.29.174.104 16625 (AKAMAI-AS)
1 67.202.105.34 32748 (STEADFAST)
4 146.75.30.132 54113 (FASTLY)
3 3 75.126.248.142 36351 (SOFTLAYER)
2 2 34.237.23.137 14618 (AMAZON-AES)
6 7 63.251.86.51 10913 (INTERNAP-BLK)
1 35.212.101.174 15169 (GOOGLE)
3 3 199.187.193.181 47043 (SMARTADSE...)
5 5 34.192.182.23 14618 (AMAZON-AES)
4 4 52.54.42.45 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
20 199.127.204.162 26120 (RHYTHMONE)
62 2606:4700:10:... 13335 (CLOUDFLAR...)
18 178.250.2.131 44788 (ASN-CRITE...)
10 34.225.229.107 14618 (AMAZON-AES)
19 52.45.17.150 14618 (AMAZON-AES)
10 52.204.71.133 14618 (AMAZON-AES)
10 185.184.10.30 203690 (RTB-HOUSE...)
2 12 172.98.26.125 399668 (E-PLANNING-)
22 2606:4700:303... 13335 (CLOUDFLAR...)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
1 104.18.14.222 13335 (CLOUDFLAR...)
3 3 67.202.105.22 32748 (STEADFAST)
7 11 23.209.184.224 16625 (AKAMAI-AS)
1 6 104.18.99.194 13335 (CLOUDFLAR...)
1 2 13.225.230.112 16509 (AMAZON-02)
15 19 107.178.246.49 15169 (GOOGLE)
19 20 15.197.193.217 16509 (AMAZON-02)
2 2 35.168.167.24 14618 (AMAZON-AES)
3 35.172.145.162 14618 (AMAZON-AES)
5 5 54.175.156.64 14618 (AMAZON-AES)
1 1 54.242.17.112 14618 (AMAZON-AES)
1 34.117.239.71 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
10 16 35.190.60.146 15169 (GOOGLE)
2 169.44.76.76 36351 (SOFTLAYER)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.102.128.115 15169 (GOOGLE)
4 13.225.230.85 16509 (AMAZON-02)
1 159.203.161.83 14061 (DIGITALOC...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 51.210.112.63 16276 (OVH)
2 3 107.178.254.65 15169 (GOOGLE)
11 11 64.74.236.255 22075 (AS-OUTBRAIN)
6 8 15.254.13.75 16509 (AMAZON-02)
1 35.75.69.76 16509 (AMAZON-02)
1 2 2600:9000:21e... 16509 (AMAZON-02)
3 3 35.207.24.140 15169 (GOOGLE)
16 16 35.211.178.172 19527 (GOOGLE-2)
6 6 216.200.232.249 30419 (MEDIAMATH...)
1 74.119.119.150 19750 (AS-CRITEO)
1 2 35.211.168.6 19527 (GOOGLE-2)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 3 34.231.251.31 14618 (AMAZON-AES)
1 3.222.216.235 14618 (AMAZON-AES)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
3 4 69.173.151.100 26667 (RUBICONPR...)
1 2 192.132.33.46 18568 (BIDTELLECT)
17 18.206.84.102 14618 (AMAZON-AES)
2 3 52.0.156.250 14618 (AMAZON-AES)
3 3 192.35.249.127 11742 (SPOTX-IAD)
6 8 34.98.64.218 15169 (GOOGLE)
13 13 184.72.151.10 14618 (AMAZON-AES)
17 20 54.175.87.114 14618 (AMAZON-AES)
1 1 44.200.208.73 14618 (AMAZON-AES)
6 6 52.4.173.16 14618 (AMAZON-AES)
6 10 199.127.204.142 26120 (RHYTHMONE)
5 5 2600:9000:21e... 16509 (AMAZON-02)
5 2620:1ec:c11:... 8068 (MICROSOFT...)
2 68.71.249.120 20093 (ZEROLAG)
2 4 3.220.13.84 14618 (AMAZON-AES)
2 4 23.200.197.46 16625 (AKAMAI-AS)
1 4 3.15.117.250 16509 (AMAZON-02)
2 3 34.232.140.51 14618 (AMAZON-AES)
1 3 34.235.23.231 14618 (AMAZON-AES)
1 2620:100:a001::3 19750 (AS-CRITEO)
1 2620:100:a001... 19750 (AS-CRITEO)
1 104.123.160.80 16625 (AKAMAI-AS)
4 2600:9000:21e... 16509 (AMAZON-02)
4 4 51.81.106.33 16276 (OVH)
1 1 202.241.208.57 4694 (IDCF IDC ...)
17 104.244.36.20 7415 (ADSAFE-1)
9 2620:100:a001::4 19750 (AS-CRITEO)
2 54.208.89.215 14618 (AMAZON-AES)
1 74.119.119.147 19750 (AS-CRITEO)
2 2607:f8b0:400... 15169 (GOOGLE)
2 4 2620:100:a001::c 19750 (AS-CRITEO)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
5 5 207.198.113.169 13768 (COGECO-PEER1)
1 1 52.54.192.111 14618 (AMAZON-AES)
1 1 35.227.252.103 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 74.119.119.137 19750 (AS-CRITEO)
2 74.119.119.149 19750 (AS-CRITEO)
1 1 2600:1f18:612... 14618 (AMAZON-AES)
1 1 35.186.193.173 15169 (GOOGLE)
3 74.119.119.139 19750 (AS-CRITEO)
1 1 38.67.14.224 174 (COGENT-174)
1 1 81.222.128.213 20597 (ELTEL-AS)
1 1 52.0.47.207 14618 (AMAZON-AES)
1 15.235.42.103 16276 (OVH)
1 13.225.230.58 16509 (AMAZON-02)
1 1 104.16.108.154 13335 (CLOUDFLAR...)
1 1 34.206.33.80 14618 (AMAZON-AES)
1 40.71.11.141 8075 (MICROSOFT...)
6 7 52.7.51.190 14618 (AMAZON-AES)
1 1 2600:9000:21e... 16509 (AMAZON-02)
1 1 64.58.232.176 13649 (ASN-VINS)
1 64.58.232.180 13649 (ASN-VINS)
2 2 2600:1f18:1c9... 14618 (AMAZON-AES)
1 1 199.127.207.190 26120 (RHYTHMONE)
7 7 151.101.130.49 54113 (FASTLY)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
16 51.222.239.230 16276 (OVH)
11 74.119.119.73 19750 (AS-CRITEO)
6 6 96.46.186.58 7979 (SERVERS-COM)
1 1 141.226.224.48 200478 (TABOOLA-AS)
4 20 69.166.1.10 27630 (AS-XFERNET)
1 1 199.38.167.128 54312 (ROCKETFUEL)
3 3 35.211.141.197 15169 (GOOGLE)
2 2 198.148.27.140 19189 (PULSEPOINT)
1 2606:4700:303... 13335 (CLOUDFLAR...)
40 41 51.195.5.40 16276 (OVH)
8 36 52.223.22.214 16509 (AMAZON-02)
8 151.101.193.108 54113 (FASTLY)
4 4 34.102.163.6 15169 (GOOGLE)
8 8 2620:1ec:21::14 8068 (MICROSOFT...)
4 7 2600:1f18:4e9... 14618 (AMAZON-AES)
4 12 52.46.130.91 16509 (AMAZON-02)
4 4 52.5.237.191 14618 (AMAZON-AES)
1 1 13.225.230.92 16509 (AMAZON-02)
4 4 52.44.71.104 14618 (AMAZON-AES)
4 23.54.68.197 16625 (AKAMAI-AS)
1 3 3.233.247.233 14618 (AMAZON-AES)
1 1 50.16.197.56 14618 (AMAZON-AES)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 173.231.178.82 29791 (VOXEL-DOT...)
2 2 54.211.80.174 14618 (AMAZON-AES)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
4 4 3.234.149.51 14618 (AMAZON-AES)
4 8 8.28.7.81 62713 (AS-PUBMATIC)
4 4 34.237.228.240 14618 (AMAZON-AES)
4 4 178.250.0.163 44788 (ASN-CRITE...)
8 8 185.167.164.49 198622 (ADFORM)
12 13 13.225.230.63 16509 (AMAZON-02)
4 4 104.36.115.109 62713 (AS-PUBMATIC)
1 1 69.175.41.2 32475 (SINGLEHOP...)
1 142.250.80.98 ()
991 145
17    2606:4700:3034::6815:3bda (United States)

ASN13335 (CLOUDFLARENET, US)
www.hawtcelebs.com
5    2607:f8b0:4006:80d::200a (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
30    2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
9    68.71.249.118 (United States)

ASN20093 (ZEROLAG, US)
udmserve.net
1    2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)
waust.at
11    23.54.69.74 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-69-74.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
4    2600:9000:21ec:d400:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
bid.underdog.media
5    2606:4700:10::6816:3ac7 (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
1    2607:f8b0:4006:80f::2008 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2607:f8b0:4006:816::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
28    2607:f8b0:4006:80e::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
18    142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net
securepubads.g.doubleclick.net
6    2607:f8b0:4006:81d::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
7    2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)
api.demand.supply
7    2607:f8b0:4006:80f::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2607:f8b0:4006:81f::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
2    151.101.129.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
6    2620:116:800b:21:2d66:77a6:9085:a5fa (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
8    68.67.160.75 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
14    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
68    142.250.65.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
cm.g.doubleclick.net
3    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
7    150.136.25.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
underdog.technoratimedia.com
3    2600:9000:21ec:4c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2600:9000:21ec:e000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
1    23.200.205.171 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-205-171.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
69    52.4.33.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-33-45.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
45    68.67.179.77 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
3    69.166.1.14 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
3    34.231.139.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-139-54.compute-1.amazonaws.com
hb.emxdgt.com
21    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
6    75.101.138.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-138-186.compute-1.amazonaws.com
d.adroll.com
2    2607:f8b0:4006:820::200e (Queens, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    51.89.99.21 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3163187.ip-51-89-99.eu
t.dtscout.com
1    67.202.114.216 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
1    13.225.230.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-103.jfk51.r.cloudfront.net
ob.cheqzone.com
1    192.99.8.28 (Canada)

ASN16276 (OVH, FR)
PTR: ns523448.ip-192-99-8.net
s4.histats.com
7    2607:f8b0:4006:806::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2607:f8b0:4006:822::200a (Queens, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
23    2607:f8b0:4006:81e::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    13.225.231.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-231-199.jfk51.r.cloudfront.net
d1lax2pddqj38d.cloudfront.net
1    34.235.189.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-189-191.compute-1.amazonaws.com
apis.quantcast.mgr.consensu.org
2    2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
obs.cheqzone.com
1    104.18.28.199 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
1    2607:f8b0:4023:1407::9c (Columbus, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
14    34.194.11.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-11-208.compute-1.amazonaws.com
ads.adaptv.advertising.com
7    2607:f8b0:4006:808::2004 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    3.135.27.102 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-27-102.us-east-2.compute.amazonaws.com
pd.sharethis.com
30    70.42.32.255 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
log.outbrainimg.com
sync.outbrain.com
1    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
ic.tynt.com
26    2607:f8b0:4006:816::2006 (Queens, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.80.70 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f6.1e100.net
ad.doubleclick.net
6    142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
googleads4.g.doubleclick.net
31    23.54.68.240 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-240.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
1    2600:1400:d::6878:d289 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
4    184.29.174.104 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-174-104.deploy.static.akamaitechnologies.com
t.sharethis.com
1    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
de.tynt.com
4    146.75.30.132 (Ashburn, United States)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
3    75.126.248.142 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 8e.f8.7e4b.ip4.static.sl-reverse.com
um.simpli.fi
2    34.237.23.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-23-137.compute-1.amazonaws.com
sync.srv.stackadapt.com
7    63.251.86.51 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
1    35.212.101.174 (Washington, United States)

ASN15169 (GOOGLE, US)
PTR: 174.101.212.35.bc.googleusercontent.com
cs.chocolateplatform.com
3    199.187.193.181 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
5    34.192.182.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-182-23.compute-1.amazonaws.com
match.sharethrough.com
4    52.54.42.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-42-45.compute-1.amazonaws.com
cs.emxdgt.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
20    199.127.204.162 (United States)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
62    2606:4700:10::6816:2460 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
18    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
10    34.225.229.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-229-107.compute-1.amazonaws.com
btlr.sharethrough.com
19    52.45.17.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-17-150.compute-1.amazonaws.com
prebid.ad.smaato.net
10    52.204.71.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-71-133.compute-1.amazonaws.com
tlx.3lift.com
10    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
12    172.98.26.125 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
22    2606:4700:3030::6815:5286 (United States)

ASN13335 (CLOUDFLARENET, US)
px.vliplatform.com
9    2606:4700:10::ac43:15e3 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.vlitag.com
tag.vlitag.com
1    104.18.14.222 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-tc.33across.com
3    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
dp2.33across.com
dp1.33across.com
11    23.209.184.224 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-184-224.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
6    104.18.99.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    13.225.230.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-112.jfk51.r.cloudfront.net
map.go.affec.tv
19    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
20    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    35.168.167.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-167-24.compute-1.amazonaws.com
usermatch.krxd.net
3    35.172.145.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-145-162.compute-1.amazonaws.com
beacon.krxd.net
5    54.175.156.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-156-64.compute-1.amazonaws.com
match.prod.bidr.io
1    54.242.17.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-242-17-112.compute-1.amazonaws.com
cms-xch.33across.com
1    34.117.239.71 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 71.239.117.34.bc.googleusercontent.com
cms-xch-chicago.33across.com
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
16    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    169.44.76.76 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 4c.4c.2ca9.ip4.static.sl-reverse.com
i.simpli.fi
1    2606:4700::6812:b4f (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
2    34.102.128.115 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 115.128.102.34.bc.googleusercontent.com
g.algbid.app
4    13.225.230.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-85.jfk51.r.cloudfront.net
tags.crwdcntrl.net
1    159.203.161.83 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: lb4.ny1.dtscdn.com
t.dtscdn.com
1    2606:4700:3032::ac43:dc33 (United States)

ASN13335 (CLOUDFLARENET, US)
a.dtssrv.com
2    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-3.cloudy.ovh
pixel.onaudience.com
3    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
11    64.74.236.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
8    15.254.13.75 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-254-13-75.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    35.75.69.76 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-69-76.ap-northeast-1.compute.amazonaws.com
sync-jp.im-apps.net
2    2600:9000:21ec:6a00:1a:609a:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
aa.agkn.com
3    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
16    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
6    216.200.232.249 (United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    35.211.168.6 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 6.168.211.35.bc.googleusercontent.com
sofia.trustx.org
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    34.231.251.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-251-31.compute-1.amazonaws.com
ps.eyeota.net
1    3.222.216.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-216-235.compute-1.amazonaws.com
id.geistm.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
4    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
17    18.206.84.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-84-102.compute-1.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
3    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadus.exelator.com
3    192.35.249.127 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
8    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
13    184.72.151.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-151-10.compute-1.amazonaws.com
pixel.advertising.com
20    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    44.200.208.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-200-208-73.compute-1.amazonaws.com
sync.hgrtb.com
6    52.4.173.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-173-16.compute-1.amazonaws.com
ice.360yield.com
10    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
usermatch.targeting.unrulymedia.com
5    2600:9000:21ec:9e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
5    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    68.71.249.120 (United States)

ASN20093 (ZEROLAG, US)
PTR: underdogmedia.com
edge.udmserve.net
4    3.220.13.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-13-84.compute-1.amazonaws.com
fw.adsafeprotected.com
4    23.200.197.46 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-197-46.deploy.static.akamaitechnologies.com
sync.teads.tv
4    3.15.117.250 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-15-117-250.us-east-2.compute.amazonaws.com
sync.sharethis.com
3    34.232.140.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-140-51.compute-1.amazonaws.com
tag.crsspxl.com
3    34.235.23.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-23-231.compute-1.amazonaws.com
ml314.com
1    2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)
rtb.va.us.criteo.com
1    2620:100:a001::12 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
1    104.123.160.80 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-123-160-80.deploy.static.akamaitechnologies.com
tags.bkrtx.com
4    2600:9000:21ec:8600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    51.81.106.33 (New York, United States)

ASN16276 (OVH, FR)
PTR: ns106714.ip-51-81-106.us
c.us1.dyntrk.com
1    202.241.208.57 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
17    104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com
dt.adsafeprotected.com
9    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
2    54.208.89.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-89-215.compute-1.amazonaws.com
p.tvpixel.com
1    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
2    2607:f8b0:4006:81f::200a (Queens, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
5    207.198.113.169 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    52.54.192.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-192-111.compute-1.amazonaws.com
fksnk.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    74.119.119.137 (United States)

ASN19750 (AS-CRITEO, US)
PTR: pix.va1.vip.prod.criteo.com
pix.us.criteo.net
2    74.119.119.149 (United States)

ASN19750 (AS-CRITEO, US)
csm.us.criteo.net
1    2600:1f18:612b:4232:6e00:7b23:6545:3513 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
google.partners.tremorhub.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
3    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    38.67.14.224 (United States)

ASN174 (COGENT-174, US)
aep.mxptint.net
1    81.222.128.213 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad13.adriver.ru
ssp.adriver.ru
1    52.0.47.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-47-207.compute-1.amazonaws.com
ads.yieldmo.com
1    15.235.42.103 (Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-002.roqad.pl
wt.rqtrk.eu
1    13.225.230.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-58.jfk51.r.cloudfront.net
audex.userreport.com
1    104.16.108.154 (None, )

ASN13335 (CLOUDFLARENET, US)
dmp.truoptik.com
1    34.206.33.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-33-80.compute-1.amazonaws.com
px.surveywall-api.survata.com
1    40.71.11.141 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.cintnetworks.com
7    52.7.51.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-51-190.compute-1.amazonaws.com
aorta.clickagy.com
1    2600:9000:21ec:7200:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
1    64.58.232.176 (United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
1    64.58.232.180 (United States)

ASN13649 (ASN-VINS, US)
ib.mookie1.com
2    2600:1f18:1c96:4102:9564:adc9:18c4:669c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.tidaltv.com
1    199.127.207.190 (United States)

ASN26120 (RHYTHMONE, US)
dt-secure.videohub.tv
7    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
rtd-tm.everesttech.net
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
16    51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net
onetag-sys.com
11    74.119.119.73 (United States)

ASN19750 (AS-CRITEO, US)
ssp-sync.criteo.com
6    96.46.186.58 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
20    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    199.38.167.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    35.211.141.197 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 197.141.211.35.bc.googleusercontent.com
m.fg8dgt.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    2606:4700:3031::6815:29fd (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
41    51.195.5.40 (France)

ASN16276 (OVH, FR)
PTR: p17.id5-sync.com
id5-sync.com
36    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
8    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
8    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
7    2600:1f18:4e9:5a07:56c0:bbbc:18e0:97e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
12    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    52.5.237.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-237-191.compute-1.amazonaws.com
ads.creative-serving.com
1    13.225.230.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-92.jfk51.r.cloudfront.net
cm.smadex.com
4    52.44.71.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-71-104.compute-1.amazonaws.com
ssp.disqus.com
4    23.54.68.197 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-197.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    3.233.247.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-247-233.compute-1.amazonaws.com
um2.eqads.com
1    50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com
loadm.exelator.com
2    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    173.231.178.82 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    54.211.80.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-80-174.compute-1.amazonaws.com
pm.w55c.net
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
4    3.234.149.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-149-51.compute-1.amazonaws.com
sync.ipredictive.com
8    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    34.237.228.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-228-240.compute-1.amazonaws.com
rtb.gumgum.com
4    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.eu.criteo.com
8    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
13    13.225.230.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-63.jfk51.r.cloudfront.net
api.intentiq.com
4    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    69.175.41.2 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: sovrn-193627-chi03-placeholder
ce.lijit.com
1    142.250.80.98 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
101 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
ad.doubleclick.net — Cisco Umbrella Rank: 167
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
353 KB
96 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 2363
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 654
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
23 KB
62 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 9708
sync.quantumdex.io — Cisco Umbrella Rank: 2699
10 KB
61 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 350
ib.adnxs.com — Cisco Umbrella Rank: 210
acdn.adnxs.com — Cisco Umbrella Rank: 547
186 KB
59 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
ade.googlesyndication.com
1 MB
46 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 532
eb2.3lift.com — Cisco Umbrella Rank: 356
18 KB
44 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 736
dis.criteo.com — Cisco Umbrella Rank: 619
rtb.va.us.criteo.com — Cisco Umbrella Rank: 5501
ads.us.criteo.com — Cisco Umbrella Rank: 2241
cat.va.us.criteo.com — Cisco Umbrella Rank: 2852
gum.criteo.com — Cisco Umbrella Rank: 355
mug.criteo.com — Cisco Umbrella Rank: 3197
ssp-sync.criteo.com — Cisco Umbrella Rank: 1860
dis.eu.criteo.com — Cisco Umbrella Rank: 6400
60 KB
41 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 493 Failed
68 KB
37 demand.supply
live.demand.supply — Cisco Umbrella Rank: 28082
api.demand.supply — Cisco Umbrella Rank: 50568
40 KB
36 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1281
widget-pixels.outbrain.com — Cisco Umbrella Rank: 1643
odb.outbrain.com — Cisco Umbrella Rank: 1501
sync.outbrain.com — Cisco Umbrella Rank: 717
mv.outbrain.com — Cisco Umbrella Rank: 3517
192 KB
35 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 543
image2.pubmatic.com — Cisco Umbrella Rank: 752
image4.pubmatic.com — Cisco Umbrella Rank: 738
ads.pubmatic.com — Cisco Umbrella Rank: 429
image6.pubmatic.com — Cisco Umbrella Rank: 582
simage2.pubmatic.com — Cisco Umbrella Rank: 552
31 KB
31 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
dsum.casalemedia.com — Cisco Umbrella Rank: 1042
38 KB
27 advertising.com
ads.adaptv.advertising.com — Cisco Umbrella Rank: 1058
pixel.advertising.com — Cisco Umbrella Rank: 307
sync.adaptv.advertising.com Failed
8 KB
26 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 700
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 821
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 2868
3 KB
26 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
724 KB
25 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 671
static.adsafeprotected.com — Cisco Umbrella Rank: 502
dt.adsafeprotected.com — Cisco Umbrella Rank: 465
191 KB
24 smaato.net
prebid.ad.smaato.net — Cisco Umbrella Rank: 3853
s.ad.smaato.net — Cisco Umbrella Rank: 659
7 KB
23 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1414
sync.go.sonobi.com — Cisco Umbrella Rank: 811
27 KB
22 vliplatform.com
px.vliplatform.com — Cisco Umbrella Rank: 16782
11 KB
21 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 2036
sync.crwdcntrl.net — Cisco Umbrella Rank: 662
bcp.crwdcntrl.net — Cisco Umbrella Rank: 629
62 KB
21 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1014
6 KB
20 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
11 KB
19 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 357
7 KB
17 hawtcelebs.com
www.hawtcelebs.com — Cisco Umbrella Rank: 144010
602 KB
16 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 265
8 KB
16 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 283
id.rlcdn.com — Cisco Umbrella Rank: 548
2 KB
16 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 865 Failed
9 KB
15 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 561
btlr.sharethrough.com — Cisco Umbrella Rank: 1093
3 KB
14 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
2 KB
14 vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 19174
tag.vlitag.com — Cisco Umbrella Rank: 23525
assets.vlitag.com — Cisco Umbrella Rank: 21091
1011 KB
13 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1622
15 KB
12 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 266
7 KB
12 criteo.net
static.criteo.net — Cisco Umbrella Rank: 638
pix.us.criteo.net — Cisco Umbrella Rank: 2251
csm.us.criteo.net — Cisco Umbrella Rank: 2287
84 KB
12 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 6090
8 KB
12 creativecdn.com
prebid-us.creativecdn.com — Cisco Umbrella Rank: 8725
creativecdn.com — Cisco Umbrella Rank: 585
2 KB
11 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 523
7 KB
11 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 425
stags.bluekai.com — Cisco Umbrella Rank: 447
6 KB
11 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 10029
t.sharethis.com — Cisco Umbrella Rank: 5820
sync.sharethis.com — Cisco Umbrella Rank: 2516
17 KB
11 udmserve.net
udmserve.net — Cisco Umbrella Rank: 3148
edge.udmserve.net — Cisco Umbrella Rank: 26429
17 KB
10 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 4060
log.outbrainimg.com — Cisco Umbrella Rank: 2231
3 KB
9 openx.net
u.openx.net — Cisco Umbrella Rank: 636
us-u.openx.net — Cisco Umbrella Rank: 322
rtb.openx.net — Cisco Umbrella Rank: 1330
1 KB
8 adform.net
c1.adform.net — Cisco Umbrella Rank: 529
4 KB
8 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 439
3 KB
8 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 187
7 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 598
ce.lijit.com — Cisco Umbrella Rank: 696
5 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
imasdk.googleapis.com — Cisco Umbrella Rank: 407
ajax.googleapis.com — Cisco Umbrella Rank: 250
186 KB
7 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
rtd-tm.everesttech.net — Cisco Umbrella Rank: 1872
1 KB
7 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2029
8 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
255 KB
7 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 1568
cs.emxdgt.com — Cisco Umbrella Rank: 801
1 KB
7 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1041
underdog.technoratimedia.com — Cisco Umbrella Rank: 49501
2 KB
6 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1448
4 KB
6 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1432
3 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 387
3 KB
6 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 497
958 B
6 33across.com
cdn-tc.33across.com — Cisco Umbrella Rank: 12907
dp2.33across.com — Cisco Umbrella Rank: 7703
cms-xch.33across.com — Cisco Umbrella Rank: 2652
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 1338
dp1.33across.com — Cisco Umbrella Rank: 3676
2 KB
6 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1329
627 B
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 829
pixel.quantserve.com — Cisco Umbrella Rank: 374
cms.quantserve.com — Cisco Umbrella Rank: 927
21 KB
6 gstatic.com
fonts.gstatic.com
120 KB
5 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 542
3 KB
5 bing.com
c.bing.com — Cisco Umbrella Rank: 212
1 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 444
2 KB
5 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 981
beacon.krxd.net — Cisco Umbrella Rank: 371
1 KB
5 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 691
i.simpli.fi — Cisco Umbrella Rank: 3055
3 KB
4 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 978
881 B
4 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 882
2 KB
4 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 6709
1 KB
4 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3024
3 KB
4 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 1554
754 B
4 turn.com
d.turn.com — Cisco Umbrella Rank: 754
ad.turn.com — Cisco Umbrella Rank: 653
2 KB
4 dyntrk.com
c.us1.dyntrk.com — Cisco Umbrella Rank: 3349
3 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 792
1 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 480
3 KB
4 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1160
loadm.exelator.com — Cisco Umbrella Rank: 891
4 KB
4 rubiconproject.com
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 935
token.rubiconproject.com — Cisco Umbrella Rank: 593
pixel.rubiconproject.com — Cisco Umbrella Rank: 288
3 KB
4 underdog.media
bid.underdog.media — Cisco Umbrella Rank: 15547
327 KB
3 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 2780
933 B
3 fg8dgt.com
m.fg8dgt.com — Cisco Umbrella Rank: 3745
893 B
3 ml314.com
ml314.com — Cisco Umbrella Rank: 1357
1 KB
3 crsspxl.com
tag.crsspxl.com — Cisco Umbrella Rank: 4123
1 KB
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 469
2 KB
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 845
2 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 740
1 KB
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 388
d.agkn.com — Cisco Umbrella Rank: 487
2 KB
3 pippio.com
pippio.com — Cisco Umbrella Rank: 692
1 KB
3 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1193
1 KB
3 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 6696
ic.tynt.com — Cisco Umbrella Rank: 4079
de.tynt.com — Cisco Umbrella Rank: 1078
10 KB
3 cheqzone.com
ob.cheqzone.com — Cisco Umbrella Rank: 7383
obs.cheqzone.com — Cisco Umbrella Rank: 4740
20 KB
3 dtscout.com
t.dtscout.com — Cisco Umbrella Rank: 13733
10 KB
3 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2040
apis.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 4296
45 KB
3 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 770
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 704
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1259
1 KB
2 ad4m.at
ad4m.at — Cisco Umbrella Rank: 1613
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 516
1 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 977
671 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 683
s.tribalfusion.com — Cisco Umbrella Rank: 1640
1 KB
2 tvpixel.com
p.tvpixel.com — Cisco Umbrella Rank: 1191
773 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 648
1 KB
2 trustx.org
sofia.trustx.org — Cisco Umbrella Rank: 2323
1 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1400
812 B
2 algbid.app
g.algbid.app — Cisco Umbrella Rank: 15163
127 B
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1178
245 B
2 affec.tv
map.go.affec.tv — Cisco Umbrella Rank: 4244
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 768
955 B
2 cloudfront.net
d1lax2pddqj38d.cloudfront.net
763 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 17271
s4.histats.com — Cisco Umbrella Rank: 14990
5 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1485
54 KB
1 smadex.com
cm.smadex.com — Cisco Umbrella Rank: 2711
530 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 6826
713 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 615
756 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 725
356 B
1 videohub.tv
dt-secure.videohub.tv — Cisco Umbrella Rank: 4882
553 B
1 mookie1.com
ib.mookie1.com — Cisco Umbrella Rank: 1493
981 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1301
513 B
1 cintnetworks.com
c.cintnetworks.com — Cisco Umbrella Rank: 8343
565 B
1 survata.com
px.surveywall-api.survata.com — Cisco Umbrella Rank: 2561
783 B
1 truoptik.com
dmp.truoptik.com — Cisco Umbrella Rank: 1925
621 B
1 userreport.com
audex.userreport.com — Cisco Umbrella Rank: 3194
433 B
1 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 9208
350 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 633
466 B
1 adriver.ru
ssp.adriver.ru — Cisco Umbrella Rank: 12204
342 B
1 mxptint.net
aep.mxptint.net — Cisco Umbrella Rank: 5144
722 B
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 5424
521 B
1 tremorhub.com
google.partners.tremorhub.com — Cisco Umbrella Rank: 7867
640 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197
5 KB
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 3888
613 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1249
1 KB
1 bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 3117
16 KB
1 hgrtb.com
sync.hgrtb.com — Cisco Umbrella Rank: 1681
320 B
1 geistm.com
id.geistm.com — Cisco Umbrella Rank: 4394
158 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1393
452 B
1 im-apps.net
sync-jp.im-apps.net — Cisco Umbrella Rank: 2632
203 B
1 dtssrv.com
a.dtssrv.com — Cisco Umbrella Rank: 22013
661 B
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 15369
407 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 1758
650 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 401
1 KB
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 2230
122 B
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1135
63 KB
1 amung.us
whos.amung.us — Cisco Umbrella Rank: 14961
145 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
37 KB
1 waust.at
waust.at — Cisco Umbrella Rank: 48212
6 KB
0 britepool.com Failed
px.britepool.com Failed
0 clrstm.com Failed
sync.tag.clrstm.com Failed
0 netmng.com Failed
google2waycm.netmng.com Failed
0 impdesk.com Failed
pix.impdesk.com Failed
0 powerlinks.com Failed
px.powerlinks.com Failed
991 148
Domain Requested by
68 cm.g.doubleclick.net 29 redirects googleads.g.doubleclick.net
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
bcp.crwdcntrl.net
eb2.3lift.com
52 sync.quantumdex.io assets.vlitag.com
sync.quantumdex.io
ssum-sec.casalemedia.com
46 c2shb.pubgw.yahoo.com bid.underdog.media
assets.vlitag.com
45 ib.adnxs.com 13 redirects bid.underdog.media
googleads.g.doubleclick.net
assets.vlitag.com
acdn.adnxs.com
41 id5-sync.com assets.vlitag.com
36 eb2.3lift.com 8 redirects assets.vlitag.com
eb2.3lift.com
30 live.demand.supply www.hawtcelebs.com
live.demand.supply
28 pagead2.googlesyndication.com live.demand.supply
securepubads.g.doubleclick.net
www.hawtcelebs.com
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
26 s0.2mdn.net www.hawtcelebs.com
s0.2mdn.net
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
23 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
23 c2shb.ssp.yahoo.com bid.underdog.media
22 px.vliplatform.com
21 sync.outbrain.com widgets.outbrain.com
21 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
um2.eqads.com
21 prebid.a-mo.net 2 redirects bid.underdog.media
assets.vlitag.com
20 sync.go.sonobi.com 4 redirects sync.quantumdex.io
sync.go.sonobi.com
20 ups.analytics.yahoo.com 17 redirects
20 match.adsrvr.org 19 redirects bid.underdog.media
20 targeting.unrulymedia.com assets.vlitag.com
19 pixel.tapad.com 15 redirects sync.go.sonobi.com
19 prebid.ad.smaato.net assets.vlitag.com
18 bidder.criteo.com assets.vlitag.com
static.criteo.net
18 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
www.hawtcelebs.com
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
www.googletagservices.com
17 dt.adsafeprotected.com c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
17 www.hawtcelebs.com 1 redirects www.hawtcelebs.com
16 x.bidswitch.net 16 redirects
16 onetag-sys.com assets.vlitag.com
sync.quantumdex.io
15 idsync.rlcdn.com 9 redirects sync.go.sonobi.com
14 ads.adaptv.advertising.com bid.underdog.media
14 image8.pubmatic.com 12 redirects sync.go.sonobi.com
13 api.intentiq.com 12 redirects sync.go.sonobi.com
13 pixel.advertising.com 13 redirects
12 s.amazon-adsystem.com 4 redirects eb2.3lift.com
ssum-sec.casalemedia.com
12 pbjs.e-planning.net 2 redirects assets.vlitag.com
11 ssp-sync.criteo.com static.criteo.net
11 b1sync.zemanta.com 11 redirects
10 prebid-us.creativecdn.com assets.vlitag.com
10 tlx.3lift.com assets.vlitag.com
10 btlr.sharethrough.com assets.vlitag.com
10 useast.quantumdex.io assets.vlitag.com
10 assets.vlitag.com tag.vlitag.com
10 widgets.outbrain.com www.hawtcelebs.com
widgets.outbrain.com
9 static.criteo.net assets.vlitag.com
ads.us.criteo.com
static.criteo.net
9 bcp.crwdcntrl.net tags.crwdcntrl.net
bcp.crwdcntrl.net
ssum-sec.casalemedia.com
9 ssum-sec.casalemedia.com 1 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
9 log.outbrainimg.com widgets.outbrain.com
9 udmserve.net 2 redirects www.hawtcelebs.com
bid.underdog.media
8 c1.adform.net 8 redirects
8 image6.pubmatic.com 4 redirects ads.pubmatic.com
8 px.ads.linkedin.com 8 redirects
8 acdn.adnxs.com assets.vlitag.com
8 sync.crwdcntrl.net widgets.outbrain.com
bcp.crwdcntrl.net
8 dpm.demdex.net 6 redirects widgets.outbrain.com
bcp.crwdcntrl.net
8 secure.adnxs.com 7 redirects
7 pr-bh.ybp.yahoo.com 4 redirects ssum-sec.casalemedia.com
sync.go.sonobi.com
7 aorta.clickagy.com 6 redirects bcp.crwdcntrl.net
7 ap.lijit.com 6 redirects
7 www.google.com tpc.googlesyndication.com
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
7 www.googletagservices.com tag.vlitag.com
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
7 c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 adservice.google.com securepubads.g.doubleclick.net
7 api.demand.supply live.demand.supply
6 ads.betweendigital.com 6 redirects
6 stags.bluekai.com 6 redirects
6 us-u.openx.net 4 redirects googleads.g.doubleclick.net
6 ice.360yield.com 6 redirects
6 sync.mathtag.com 6 redirects
6 p.adsymptotic.com 1 redirects eb2.3lift.com
6 googleads4.g.doubleclick.net www.hawtcelebs.com
6 d.adroll.com 1 redirects bid.underdog.media
6 underdog.technoratimedia.com bid.underdog.media
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
www.hawtcelebs.com
6 fonts.gstatic.com fonts.googleapis.com
5 pixel-sync.sitescout.com 5 redirects
5 c.bing.com widgets.outbrain.com
eb2.3lift.com
5 s.ad.smaato.net 5 redirects
5 match.prod.bidr.io 5 redirects
5 tags.bluekai.com 1 redirects de.tynt.com
widgets.outbrain.com
tags.bkrtx.com
bcp.crwdcntrl.net
5 match.sharethrough.com 5 redirects
5 fonts.googleapis.com www.hawtcelebs.com
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
cdnjs.cloudflare.com
4 simage2.pubmatic.com 4 redirects
4 rtd-tm.everesttech.net 4 redirects
4 dis.eu.criteo.com 4 redirects
4 rtb.gumgum.com 4 redirects
4 sync.ipredictive.com 4 redirects
4 ads.pubmatic.com sync.quantumdex.io
4 usermatch.targeting.unrulymedia.com sync.quantumdex.io
4 ssp.disqus.com 4 redirects
4 ads.creative-serving.com 4 redirects
4 ad.mrtnsvr.com 4 redirects
4 gum.criteo.com 2 redirects static.criteo.net
4 c.us1.dyntrk.com 4 redirects
4 static.adsafeprotected.com c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
4 sync.sharethis.com 1 redirects
4 sync.teads.tv 2 redirects googleads.g.doubleclick.net
4 fw.adsafeprotected.com 2 redirects www.hawtcelebs.com
4 sync.1rx.io 4 redirects sync.go.sonobi.com
4 tags.crwdcntrl.net t.dtscout.com
cdn-tc.33across.com
tags.crwdcntrl.net
4 cs.emxdgt.com 4 redirects
4 t.sharethis.com pd.sharethis.com
t.sharethis.com
4 bid.underdog.media www.hawtcelebs.com
udmserve.net
bid.underdog.media
3 ad.turn.com 3 redirects
3 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
3 m.fg8dgt.com 3 redirects
3 sync-tm.everesttech.net 3 redirects
3 mug.criteo.com gum.criteo.com
3 ml314.com 1 redirects bcp.crwdcntrl.net
3 tag.crsspxl.com 2 redirects
3 sync.search.spotxchange.com 3 redirects
3 loadus.exelator.com 2 redirects widgets.outbrain.com
3 ps.eyeota.net 2 redirects widgets.outbrain.com
3 rtb.mfadsrvr.com 3 redirects
3 pippio.com 2 redirects widgets.outbrain.com
3 beacon.krxd.net widgets.outbrain.com
bcp.crwdcntrl.net
3 ssbsync.smartadserver.com 3 redirects
3 um.simpli.fi 3 redirects
3 pd.sharethis.com t.dtscout.com
t.sharethis.com
3 t.dtscout.com waust.at
t.dtscout.com
3 hb.emxdgt.com bid.underdog.media
3 apex.go.sonobi.com bid.underdog.media
3 pixel.quantserve.com www.hawtcelebs.com
3 rules.quantcount.com secure.quantserve.com
3 image2.pubmatic.com 3 redirects
2 pm.w55c.net 2 redirects
2 cm.adgrx.com 2 redirects
2 ad4m.at ssum-sec.casalemedia.com
2 bh.contextweb.com 2 redirects
2 pixel.rubiconproject.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 csm.us.criteo.net ads.us.criteo.com
2 ajax.googleapis.com s0.2mdn.net
2 p.tvpixel.com c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
2 edge.udmserve.net bid.underdog.media
2 mv.outbrain.com widgets.outbrain.com
2 sync.targeting.unrulymedia.com 2 redirects
2 u.openx.net 2 redirects
2 bttrack.com 1 redirects widgets.outbrain.com
2 creativecdn.com 2 redirects
2 sofia.trustx.org 1 redirects widgets.outbrain.com
2 aa.agkn.com 1 redirects widgets.outbrain.com
2 pixel.onaudience.com 2 redirects
2 g.algbid.app www.hawtcelebs.com
2 i.simpli.fi
2 spl.zeotap.com
2 usermatch.krxd.net 2 redirects
2 map.go.affec.tv 1 redirects
2 dp2.33across.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 odb.outbrain.com widgets.outbrain.com
2 ad.doubleclick.net 1 redirects c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
2 obs.cheqzone.com ob.cheqzone.com
2 d1lax2pddqj38d.cloudfront.net www.hawtcelebs.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 tag.vlitag.com services.vlitag.com
tag.vlitag.com
2 quantcast.mgr.consensu.org www.hawtcelebs.com
quantcast.mgr.consensu.org
2 image4.pubmatic.com 2 redirects
2 secure.quantserve.com udmserve.net
quantcast.mgr.consensu.org
2 confiant-integrations.global.ssl.fastly.net udmserve.net
confiant-integrations.global.ssl.fastly.net
2 services.vlitag.com www.hawtcelebs.com
services.vlitag.com
1 ade.googlesyndication.com
1 ce.lijit.com 1 redirects
1 loadm.exelator.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 cm.smadex.com 1 redirects
1 id.a-mx.com assets.vlitag.com
1 p.rfihub.com 1 redirects
1 sync.taboola.com 1 redirects
1 d.turn.com 1 redirects
1 token.rubiconproject.com bcp.crwdcntrl.net
1 dt-secure.videohub.tv 1 redirects
1 ib.mookie1.com bcp.crwdcntrl.net
1 global.ib-ibi.com 1 redirects
1 d.agkn.com 1 redirects
1 c.cintnetworks.com bcp.crwdcntrl.net
1 px.surveywall-api.survata.com 1 redirects
1 dmp.truoptik.com 1 redirects
1 audex.userreport.com bcp.crwdcntrl.net
1 wt.rqtrk.eu bcp.crwdcntrl.net
1 ads.yieldmo.com 1 redirects
1 ssp.adriver.ru 1 redirects
1 aep.mxptint.net 1 redirects
1 ius.ctnsnet.com 1 redirects
1 google.partners.tremorhub.com 1 redirects
1 pix.us.criteo.net ads.us.criteo.com
1 cdnjs.cloudflare.com ads.us.criteo.com
1 rtb.openx.net 1 redirects
1 fksnk.com 1 redirects
1 s.tribalfusion.com c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 cat.va.us.criteo.com ads.us.criteo.com
1 tg.socdm.com 1 redirects
1 cms.quantserve.com c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
1 tags.bkrtx.com pd.sharethis.com
1 ads.us.criteo.com c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
1 rtb.va.us.criteo.com www.hawtcelebs.com
1 id.rlcdn.com 1 redirects
1 sync.hgrtb.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 id.geistm.com widgets.outbrain.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com widgets.outbrain.com
1 sync-jp.im-apps.net widgets.outbrain.com
1 a.dtssrv.com t.dtscout.com
1 t.dtscdn.com t.dtscout.com
1 idpix.media6degrees.com
1 dp1.33across.com 1 redirects
1 cms-xch-chicago.33across.com
1 cms-xch.33across.com 1 redirects
1 cdn-tc.33across.com de.tynt.com
1 cdn.jsdelivr.net assets.vlitag.com
1 cs.chocolateplatform.com c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
1 de.tynt.com cdn.tynt.com
1 code.createjs.com s0.2mdn.net
1 ic.tynt.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.tynt.com waust.at
1 apis.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 imasdk.googleapis.com tag.vlitag.com
1 s4.histats.com s10.histats.com
1 ob.cheqzone.com widgets.outbrain.com
1 whos.amung.us waust.at
1 s10.histats.com www.hawtcelebs.com
1 widget-pixels.outbrain.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 sync.technoratimedia.com 1 redirects
1 www.googletagmanager.com www.hawtcelebs.com
1 waust.at www.hawtcelebs.com
0 px.britepool.com Failed sync.go.sonobi.com
0 sync.tag.clrstm.com Failed bcp.crwdcntrl.net
0 google2waycm.netmng.com Failed c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
0 pix.impdesk.com Failed c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
0 sync.adaptv.advertising.com Failed c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
0 px.powerlinks.com Failed widgets.outbrain.com
991 233
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2021-04-21 -
2022-04-20		 a year crt.sh
udmserve.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-08-21		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
underdog.media
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-08-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
quantcast.mgr.consensu.org
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2021-05-04 -
2022-05-09		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
histats.com
R3		 2022-01-21 -
2022-04-21		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-03 -
2022-08-01		 a year crt.sh
*.a-mo.net
R3		 2021-12-28 -
2022-03-28		 3 months crt.sh
adroll.mgr.consensu.org
Amazon		 2021-09-10 -
2022-10-09		 a year crt.sh
*.dtscout.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-28 -
2022-11-27		 a year crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2020-05-21 -
2022-05-21		 2 years crt.sh
*.cheqzone.com
Amazon		 2022-01-22 -
2023-02-20		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
sharethis.com
Amazon		 2021-07-21 -
2022-08-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
cert1.a1.atm.aqfer.net
R3		 2022-01-20 -
2022-04-20		 3 months crt.sh
chocolateplatform.com
GTS CA 1D4		 2022-02-17 -
2022-05-18		 3 months crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.ad.smaato.net
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-11-24 -
2022-04-26		 5 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
dstillery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-04-09 -
2022-05-10		 a year crt.sh
g.algbid.app
GTS CA 1D4		 2022-02-19 -
2022-05-20		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.dtscdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-04 -
2022-12-04		 a year crt.sh
*.im-apps.net
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.geistm.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.va.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-15 -
2022-04-16		 3 months crt.sh
*.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-09		 3 months crt.sh
*.bkrtx.com
DigiCert SHA2 Secure Server CA		 2022-02-07 -
2023-02-06		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.adsafeprotected.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-26 -
2022-06-17		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.tvpixel.com
Amazon		 2021-12-15 -
2023-01-12		 a year crt.sh
*.us.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-06 -
2022-05-04		 3 months crt.sh
*.rqtrk.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-06-18 -
2022-06-18		 a year crt.sh
*.userreport.com
Amazon		 2022-01-19 -
2023-02-17		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.cintnetworks.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-04 -
2022-11-04		 a year crt.sh
*.ml314.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.e-planning.net
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh

This page contains 85 frames:

Primary Page: https://www.hawtcelebs.com/
Frame ID: 71EE47AF62897991FF401445BCD7D9BA
Requests: 454 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html
Frame ID: A7E4CD7BD5489157F3CFAF3FF1A7905C
Requests: 1 HTTP requests in this frame

Frame: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 35AAB8FE3D75EBB263772CBF9FB2A423
Requests: 1 HTTP requests in this frame

Frame: https://d1lax2pddqj38d.cloudfront.net/pix.gif
Frame ID: F3ECC9BF25E30CB2C5DA69408AFEC5BA
Requests: 1 HTTP requests in this frame

Frame: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2CF68C80E0C7ED69133DCAC6A32E20ED
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4E247617501EF1F2C250DFC2F1376B6F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CF3D4F8B5A878C205D45C99CBFFBE57E
Requests: 2 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01645757340B9D37ECAF08DCD9DE1
Frame ID: 43B582CD010F8E20E3A19046C04A8892
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSwAEQhL23Ahj9x7--ATAB&v=APEucNXn_lUgDDD7BxF9VaWUn4CoZ0DoAH3_hYVliH-JoRFZWny0DqNgqep69z6Z1U5Zi1CU0VWlM1lHL2ftgrz33oCWF-m_-Q
Frame ID: B1F170BDB80D3F048B86BCD1135DD742
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2088215109561221120/RRW_EVG_300x600.html
Frame ID: CBE3B7EF75A184559E5D1670B3A2320B
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6D9B2E4BD2306A32E8A365CACB00DE2C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C1DD4173B43B034331FB16954B7557FB
Requests: 3 HTTP requests in this frame

Frame: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4B537A49FBE93E24681EF47E92389F68
Requests: 14 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.858.22963&cid=c010&cls=C
Frame ID: C21B1C4729BCFDDB007FC3C274518D8B
Requests: 1 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: 64F046AC030DCE88915402EAA739DB6D
Requests: 3 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=118982117215969&ret=html&random=1645757340
Frame ID: 66B13F328B0097332461460B607F767C
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=f9aa7d49-234c-44ee-959a-dfcb03ef529f
Frame ID: BEA146B1D4CD826A05B8FCC4F5E64A8F
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: B1FB0D325FF99FA2B25655AD945C8D43
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 5A1C85DB0C737A1B8C7D0012A648F5D5
Requests: 37 HTTP requests in this frame

Frame: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 180DE18FD03A9875B6D1544A4DDD128A
Requests: 26 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTEg1T0-fX2tuNIEOUqw1QaWN5YD8vmOxnToUvnUjIvuLpaPAlpHXI_DXk1x81W7ovgsGkL9GXMRoC6MUjn7FDNqGKfCF1TfTrtkpsaRcZIFmciSafj6YyY1G8ckQPkj6nz6_XNRJxx0y_-CRovGo-Espi1tPr0kjaEDbU7Bq2BJyN2-CRpL0Q-Wc2fSjyEWUpgIz65Te6PZzEXv8CktOpt35t_rEyeGrpXZ6x74-tR-ZZHhH6nBxrrgYQC3s-zLuOYFOvZ66Gy_qrBx5ySWU6J4Xp1wAp0ceWfk-RXtx11u4v9ABeacOYq5vexIRiqjzo1vHyIdfMX1Pncem6Sfjfz-RJ17UT2A8yNvdgTpdn61e2C3Li0Axf2TTR43lOHw&sig=Cg0ArKJSzBhhSehl5ym8EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 552783FC035BF0196469ED9E7BBA7A89
Requests: 2 HTTP requests in this frame

Frame: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2D54DD48181E0F2E340EDE78B663F01B
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxjJ4b6-ATAB&v=APEucNUGST--5JYdefJ8egEYkFIkPzbe9lcPNL6KvAIS0mNNxjeCqDaTnnGteuXeZO9Noc-iGocr84FKm3Jj7P3aTX-5uLEXue9vJdU2GxSR1_2-94I-t70
Frame ID: 9859DE0F290F1585D221D06145A6E4E8
Requests: 5 HTTP requests in this frame

Frame: https://t.sharethis.com/1.858.22963/a/US/t_.js?cid=c010&cls=C
Frame ID: 06FFD98AD8BB79B02759F7CF2C9BE0D1
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E67D924EE1A2942F7D797179DEECC109
Requests: 9 HTTP requests in this frame

Frame: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 60E98DEE5CA9A27BEE1A6DE8304B9FA4
Requests: 10 HTTP requests in this frame

Frame: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5BD633A717EB8843D43065ABB327ACD3
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxit6L6-ATAB&v=APEucNUmui-boBxaEyS4YJyL_sAmrIduoUWs9wgHhgy79hXS3mEjuurA8u371FkhA_t8UKj8LXbiq8E5YVtSE6ov7Ift8nCTRGCj8qwMKKoLnd3ozu6x6oo
Frame ID: EA1E56BBF25C5C475366FA3BA88A6D15
Requests: 5 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 2997C1C77C60E1C3EA5D0F441321C9A1
Requests: 2 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: C329476FD978B25BCDD4A8B66318181D
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YhhDnQAATXoKwxwUAAdDOYl3wyDaalxuagroXw&u=%7CQDj83vHWx0wXbtjzFAkzAL%2BuWMtKkp%2Fqh4uzMXc1cnI%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRK0-mK9eySrGdwSHSu897btvMBogid8AEIo2RE9h5UXo4MSYUWSbCD_Cy3hGzRL1RFaxQbQhKjVM4eA6w18k_IevvKblVS1NxBWjyYeGGBvW6nzxYfPWlAzNpJ-bMouWZgSCenxD0uAp8yQpRjfSvJvoJOKhENTiVfVlGrH-7Fjq9u1VD9rjusajBLCT26q-EUEj1DAg_PtPG-0nkR701huzeTQIYfLZEV_udPIJHzLhMLlEYRTzhT_sfQ2ytI4ERHaWbfLXW3uQVCwG8ak2zwOyoJc8S9JgMuL525ZISq0MWRqpbGWktD-uyKSFvWm9-eMGX0j6S3FjP8IEtzNLOxnNCZwy3tb13KeyVjh-3nqPpfxoluFf6vhFmMUIjNZExhYwWOIcKNzmioJAtz6sybiIlU5DEGS-A4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtA3vnUMYYvqaAZS4jAa5hp2QCpyB77Bc0papqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0oAGs3f7oA8gBCeACAKgDAaoEpQJP0CiGxNmDm-Q3BgDa9MSA8_cQ9njJI-PQKgpIV8vQYt83GbrdtuWgSd90EYYMN3uUcRR0cj5z6WkWg5FPg8YjtyzL3CDmwZnvu8r2-j_b65M4CUVGJ2U7ai7ywAF3BhEulvM_A233QJiH5emKRK8Ztm4LwVy92T0tmjVWe5nuQdkKZ9iCOFee85RlYGlj0ZC0O9zcxw5Tk2hLe_OW-QcYS3CawMERBCSvDQoXgw2qKIbYkI09TofyDDf_361R3aPdWQlRyuzHJTWfyFOqP_Fab0D9K7HkY8pRCTF5ArEisLwmltgxvwiIU0y1qJFS6oBjV-nFlkOHoHhzoPLeVnhKmp9GCpXIsDIeEEX5TVL1u6pGCMehTwmfQ_fhO9x6DuC7kuCKjeAEAYAG9Yvlv-nKwfkXoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0Njgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NhBVDM7qN07Uaeq5kubbf4NeJxA%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: A32E47B11ACD6F4074FCCEE86A3EDD0A
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A5C49CB9B8CBF4E5D0D0B4B31677488A
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: A14C76C264B7746093CFC8927AC3B21A
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y.html
Frame ID: 8E6B929E3143B60F5E6EB8FFB6002F85
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 761B513A8B0E231515C2D931DF0A6C95
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: D526B2AF2DB6F342FC91EB9404A88403
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img.html
Frame ID: F8E8CC95F213C5880CAFDE3AC87F1A91
Requests: 8 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEMTnHL2U-pGr6qGIXQZDMpU&google_cver=1
Frame ID: AA34561CA74382065F6764940B2454E3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7067A8241A2038B14DEC2C419D12792E
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.hawtcelebs.com&gdpr=0&gdpr_consent=
Frame ID: 0FC008AC7BACEAB226F5FC36E9FE844B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C346D9BC4F17C18E647C1022A125AA6C
Requests: 3 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Frame ID: 52D6A61110CB1918C2A3312A58A1CDBE
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9A4532598E6FB3A45867F0196AD2EDBB
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 28E6B8917E2A7E10D8DBCD271DDF23A6
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1645757341672
Frame ID: 703771741940670F18347F776F1A8649
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CD2A55E7A95382B36F2667BB410C1C4C
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: D486A0BB6F0308FEB0D2EB50A025B2A5
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7EB47C5F6B3FB93B4E2E504744DDC4CC
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: CA31F127DC756F495289C525AE380A61
Requests: 11 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 718A410F7FCB82054BCCD0186A3935C0
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: BC4E2C2A419BF8A4D5F5ACF71AFA9C2D
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1645757342635
Frame ID: 094CFA9293F09B64FC2458402EE20539
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B4EBA3D7FEF10C1DE11CC8BC7058B30C
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 54B4EDD02B1DD8F385CA36FE4E479EB0
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1645757343957
Frame ID: E911A6F5C73F74262F5BFC727492A768
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 1502B8E043C8F93BDDAEF90271C75AE9
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9337A035CAD584059B5A3D8E86B86FCB
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0A997C4ABE2B52FF0A6FA52AC3741EAC
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: A99755A454C1689ACECC5398A4CD9B10
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 8FA0BA93C5B5A0FAAC03B386C37C8FBF
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6D441AD271D5F90DB0D2D9D743470DF7
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1645757341594
Frame ID: CEACD6129C98AEE98E2BAB31A71F964F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 29786881416170AE1DF3B0E8DF145EE1
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 6A6BA9417183AC14A12D631B79620BF1
Requests: 9 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: E70C31717E8FCBB1D7B7CBCB1B1EF409
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 265690BC5238A929980BA92A26593161
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 11347DB74498A16490C92225D53E692C
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: EAEAC28A48C44CE0FC126FBC487DDB13
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 9E8101FA9BB749C436654C8CA0F88526
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: CC6F874E49A9E1463E61D0A809E7497D
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 75C077E91D7DF49D18230C9A9D3B86C2
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 8325F0604D9062AEE841DE0640A7E1A5
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: A6C0626010950EDE4E69007B0896233A
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 2BF4ACA616E89FF7148AEBC815E9877F
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 0709FCAD37D00F6C6A371E53F34A475C
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 53565E352F0DA5818B5776F7012862F2
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 516EBA0B821A1A14D8B1C8016FA291D9
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 4F51AA6596B8E17F6452314B54621F98
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 5E715ED3080E9E262B787143DC45A25D
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 7370664B6DCC45DEA401F89AD7419855
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 55AF0211F350343B636701916263D45D
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 62CB7EA529FAC97D0D088C92CF8AEE8D
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: A70DE9C017F2D95483B1BB66058FAEBF
Requests: 7 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: C4B914A7898CB1EA2D26F440F738750C
Requests: 2 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs
Frame ID: 3CF43BD92D5574EA3A3EB9D95F63F04E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HawtCelebs – Latest Celebrities Pictures

Page URL History Show full URLs

  1. http://www.hawtcelebs.com/ HTTP 301
    https://www.hawtcelebs.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

991
Requests

74 %
HTTPS

25 %
IPv6

148
Domains

233
Subdomains

145
IPs

11
Countries

6186 kB
Transfer

12106 kB
Size

320
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.hawtcelebs.com/ HTTP 301
    https://www.hawtcelebs.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.06320343 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.06320343 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=6237531769661368453;cb=0.06320343
Request Chain 55
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.06320343 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.06320343&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OERENjNENDUtMDk4Ri00QkExLUIyRDUtOUVBREE1NDZCQjM5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D8DD63D45-098F-4BA1-B2D5-9EADA546BB39;cb=0.06320343 HTTP 302
  • https://udmserve.net/udm/fetch.pix?pmid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39;cb=0.06320343
Request Chain 56
  • https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]%3Bcb%3D0.06320343 HTTP 307
  • https://udmserve.net/udm/fetch.pix?dt=1;sncr=7A8646F843FF4D139B6FFA938E055A12;cb=0.06320343
Request Chain 136
  • https://udmserve.net/udm/img.fetch?sid=14863;tid=11;dt=7;p=1;rri=1645757339258_041248_5.181.234.158;mid=47740;zzz=1;version=inpage24-confiant;cb=0.38795850893710515;session=1;style=slider;vis=visible;traffic_info=%7B%7D; HTTP 302
  • https://d1lax2pddqj38d.cloudfront.net/pix.gif
Request Chain 186
  • https://ad.doubleclick.net/ddm/trackimp/N1032331.3665442DV360/B24920970.286076327;dc_trk_aid=479976795;dc_trk_cid=140170567;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1032331.3665442DV360/B24920970.286076327;dc_pre=CKHen-3rmfYCFeG6swodZPEEag;dc_trk_aid=479976795;dc_trk_cid=140170567;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIbJHQZEsFjAxcuDIDt0MwA&google_cver=1
Request Chain 199
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhhDnC-gZ8XRz901.0T3uAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIbJHQZEsFjAxcuDIDt0MwA&google_cver=1&google_hm=2
Request Chain 200
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJW2k5sIkAwuat9S51GHxm8&google_cver=1
Request Chain 201
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzNzUzMTc2OTY2MTM2ODQ1Mw%3D%3D
Request Chain 213
  • https://um.simpli.fi/gp_match?google_gid=CAESEHuOt-ZaOMIDcm7KS5JEPQk&google_cver=1&google_push=AYg5qPJ6AsCoDCyNk80bRmkVUb0gTu1wOog1HHEp1DYJMpwk3OVP704iYckX7qjRcG0J4k-ORRt7dqV-I2eC0Z7sfW7b_I6QBokY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1D6054FD4F7741E7A2A9A9482C6BE4F4&google_push=AYg5qPJ6AsCoDCyNk80bRmkVUb0gTu1wOog1HHEp1DYJMpwk3OVP704iYckX7qjRcG0J4k-ORRt7dqV-I2eC0Z7sfW7b_I6QBokY
Request Chain 214
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEFgSkEEHYMTMCw4HmfHbaIw&google_cver=1&google_push=AYg5qPLb_NPGLXWXUjlS4_olYXO4onpZ7kslmZoTG85BBJLA1sIxZbuZU_NCboEs-5l4thmu6zcwBJvc4U-xw347EDtXWHERsPbB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=PzQeaXNuQax-wZLus3eL7gW16p4&google_push=AYg5qPLb_NPGLXWXUjlS4_olYXO4onpZ7kslmZoTG85BBJLA1sIxZbuZU_NCboEs-5l4thmu6zcwBJvc4U-xw347EDtXWHERsPbB
Request Chain 215
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI4NUH1B_nwjtfCP4xd_Vws&google_cver=1&google_push=AYg5qPLH-vWkPeYCVIasFl8WIiTmICYqN1tU_7BDsH3BZxxxbKP7NzaQ9pgRc66Yk29PKYFn8aMYWa0ull_8yF0ZNBFq2HbqbIEk HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI4NUH1B_nwjtfCP4xd_Vws&google_cver=1&google_push=AYg5qPLH-vWkPeYCVIasFl8WIiTmICYqN1tU_7BDsH3BZxxxbKP7NzaQ9pgRc66Yk29PKYFn8aMYWa0ull_8yF0ZNBFq2HbqbIEk&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLH-vWkPeYCVIasFl8WIiTmICYqN1tU_7BDsH3BZxxxbKP7NzaQ9pgRc66Yk29PKYFn8aMYWa0ull_8yF0ZNBFq2HbqbIEk&google_hm=5a5b510f7270cdb4bc7b94b8
Request Chain 217
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEO-ydwF4Rl65fhDzjY6VbOI&google_cver=1&google_push=AYg5qPIg-a75XqACfuUsTJRTiXriGsyOjfjB04GUgolXuKIkgfKlcOv4qfTLvhJMCCIacsyzL-yVU4QDgmh-DTthXD7UePU9-HkT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIg-a75XqACfuUsTJRTiXriGsyOjfjB04GUgolXuKIkgfKlcOv4qfTLvhJMCCIacsyzL-yVU4QDgmh-DTthXD7UePU9-HkT&google_hm=MTc5MjM1MjA2NTUxMTg3NjkzNQ%3D%3D
Request Chain 218
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESELEBu9n8Ap13h74hLA_WM-g&google_cver=1&google_push=AYg5qPLvIRW28U2penR1oszSjws8KXbZP5Ve_eFccEWyWYHzzqQHLeKoD4CDR7ROSqGJYZbZfK3yeozn9ZqBe487PljTMRNPNPDg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MmZjODkxZDUtMWQ4ZS00YWY5LWE4ZDQtNTRlZTFhOTFhMmI0&google_push=AYg5qPLvIRW28U2penR1oszSjws8KXbZP5Ve_eFccEWyWYHzzqQHLeKoD4CDR7ROSqGJYZbZfK3yeozn9ZqBe487PljTMRNPNPDg
Request Chain 219
  • https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEKgaD5foxw333W9Riyfv5nA&google_cver=1&google_push=AYg5qPKUAH3_nNDtWLMVPG5kbb5pH7k5Wv9frFRRc8PrvgCggHIgMtFnl4O0FlHMeSyeYRkFyNnTM0I9sIVcbPNAqfK1-yVRUyx6IQ HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Demx_eb%26google_hm%3DNzc3MjE2NDU3NTczNDA1MDk0NjJhNg%3D%3D&b64_redirect=aHR0cHM6Ly9jbS5nLmRvdWJsZWNsaWNrLm5ldC9waXhlbD9nb29nbGVfbmlkPWVteF9lYiZnb29nbGVfaG09TnpjM01qRTJORFUzTlRjek5EQTFNRGswTmpKaE5nPT0=&ssp=google_ob HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=6237531769661368453&redirect=https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=Nzc3MjE2NDU3NTczNDA1MDk0NjJhNg==&b64_redirect=aHR0cHM6Ly9jbS5nLmRvdWJsZWNsaWNrLm5ldC9waXhlbD9nb29nbGVfbmlkPWVteF9lYiZnb29nbGVfaG09TnpjM01qRTJORFUzTlRjek5EQTFNRGswTmpKaE5nPT0=&ssp=google_ob HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=Nzc3MjE2NDU3NTczNDA1MDk0NjJhNg==
Request Chain 237
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.08936603806633237&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&e_pubcid=483b11f3-554f-467d-b1b6-a457cb60b834 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2c995/1/www.hawtcelebs.com/ROS?ct=1&r=pbjs&rnd=0.08936603806633237&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&e_pubcid=483b11f3-554f-467d-b1b6-a457cb60b834
Request Chain 246
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.08936603806633237&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&e_pubcid=483b11f3-554f-467d-b1b6-a457cb60b834 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2c995/1/www.hawtcelebs.com/ROS?ct=1&r=pbjs&rnd=0.08936603806633237&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&e_pubcid=483b11f3-554f-467d-b1b6-a457cb60b834
Request Chain 266
  • https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=7;p=1;rri=1645757339939_304575_5.181.234.158;mid=43264;zzz=1;version=inpage24-confiant;cb=0.38421654308585484;refresh=2;style=reel;vis=visible;traffic_info=%7B%7D HTTP 302
  • https://d1lax2pddqj38d.cloudfront.net/pix.gif
Request Chain 274
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=1---&random=1645757340502.9&r=true HTTP 302
  • https://tags.bluekai.com/site/27519?id=118982117215969&ret=html&random=1645757340
Request Chain 275
  • https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=&_puuid=CoIKTGIYQ5yFY%2BEpFDI4Ag%3D%3D&us_privacy=1---&_rand=1645757340502.1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=&_puuid=CoIKTGIYQ5yFY%2BEpFDI4Ag%3D%3D&us_privacy=1---&_rand=1645757340502.1&_expected_cookie=02ade0c5e2fec8a0123abae08b6b8b04
Request Chain 276
  • https://map.go.affec.tv/map/3a/?pid=CoIKTGIYQ5yFY%2BEpFDI4Ag%3D%3D&us_privacy=1---&ts=1645757340502.2 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D6218439cbea1e30001761ed0%26chc%3Dtt%26floc%3D%26redirect_url%3D HTTP 302
  • https://map.go.affec.tv/map/an/6237531769661368453?ch=6218439cbea1e30001761ed0&chc=tt&floc=&redirect_url=
Request Chain 277
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKTGIYQ5yFY%2BEpFDI4Ag%3D%3D&us_privacy=1---&random=1645757340502.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKTGIYQ5yFY%2BEpFDI4Ag%3D%3D&us_privacy=1---&random=1645757340502.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=99c9dfe3-7960-4e03-b3d1-bfa17a067259%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=99c9dfe3-7960-4e03-b3d1-bfa17a067259%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&ttd_puid=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2Chttps%3A%2F%2Fusermatch.krxd.net%2Fum%2Fv2%3Fpartner%3Dtapad HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1969&partner_device_id=Ors1sVLa&partner_url=https://beacon.krxd.net/usermatch.gif?partner%3Dtapad%26partner_uid%3D$%7BTA_DEVICE_ID%7D HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=tapad&partner_uid=99c9dfe3-7960-4e03-b3d1-bfa17a067259
Request Chain 278
  • https://match.prod.bidr.io/cookie-sync/33across?us_privacy=1---&33random=1645757340502.4 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/33across?us_privacy=1---&33random=1645757340502.4&_bee_ppp=1 HTTP 303
  • https://cms-xch.33across.com/match?bidder_id=85&external_user_id=AAB7gk7EMIcAAH15dBe-JQ HTTP 301
  • https://cms-xch-chicago.33across.com/match?bidder_id=85&external_user_id=AAB7gk7EMIcAAH15dBe-JQ
Request Chain 280
  • https://dp2.33across.com/ps/?pid=1205&random=1645757340502.6&r=true HTTP 302
  • https://idsync.rlcdn.com/405716.gif?partner_uid=211593676261687
Request Chain 282
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKTGIYQ5yFY%2BEpFDI4Ag%3D%3D&us_privacy=1---&random=1645757340502.10&r=true HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=77879352771725&seg_code=33x&random=1645757340
Request Chain 310
  • https://pixel.onaudience.com/?partner=137085098&mapped=51A01645757340B9D37ECAF08DCD9DE1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=279b1110fb6e7a95
Request Chain 319
  • https://idsync.rlcdn.com/420046.gif?partner_uid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQEdkdndFeTFMMFktNm9pWWhuMmlNaW12eFRzODJoZXQ3Q0tiUjZNQmN6OWF4VjZqRi1lNjNpZVJ2T3B3bXRsejAQABoNCJ2H4ZAGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=8a9e7e204c7feaf3eb3f904b02031014efbc083454de85cf98bd4be009f5f128791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA4YTllN2UyMDRjN2ZlYWYzZWIzZjkwNGIwMjAzMTAxNGVmYmMwODM0NTRkZTg1Y2Y5OGJkNGJlMDA5ZjVmMTI4NzkxNDI2YjU0MTdkY2UyMRAAGgwInYfhkAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA4YTllN2UyMDRjN2ZlYWYzZWIzZjkwNGIwMjAzMTAxNGVmYmMwODM0NTRkZTg1Y2Y5OGJkNGJlMDA5ZjVmMTI4NzkxNDI2YjU0MTdkY2UyMRAAGgwInYfhkAYSBAgCEABCAEoA&google_gid=CAESEJBpAxM8Q2CpFRDwfLxFS04&google_cver=1 HTTP 307
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity HTTP 302
  • https://pippio.com/api/sync?pid=709973&it=1&iv=Ors1sVLa
Request Chain 321
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&puid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&s=2&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=-zZOh2qE_czCLWu3mVLK&gdpr=0&us_privacy=1---
Request Chain 322
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=6237531769661368453&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Request Chain 323
  • https://dpm.demdex.net/ibs:dpid=133726&dpuuid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&gdpr=0&gdpr_pd=1&gdpr_consent=
Request Chain 325
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152
Request Chain 328
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=7f12fdf6-dbca-4e69-8ddc-f74474ff6005
Request Chain 329
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Doutbrain%26bsw_param%3Dbf9fd540-38fe-45ee-94d0-583b2d0001e1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=30076218-439d-4700-9dda-44f2b86092d3&expires=30&ssp=outbrain&bsw_param=bf9fd540-38fe-45ee-94d0-583b2d0001e1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 331
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPbZ5qW9mDmLNJ9E64puiYU&google_cver=1 HTTP 302
  • https://sofia.trustx.org/sync?tp_id=1&tp_uid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&ssp_custom_data= HTTP 302
  • https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&ssp_custom_data=
Request Chain 332
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7068473956751636630
Request Chain 334
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0 HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Request Chain 336
  • https://creativecdn.com/cm-notify?pi=outbrain HTTP 302
  • https://creativecdn.com/cm-notify?pi=outbrain&tc=1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=pUAYEdLnUbTBvBavmqfc&pi=outbrain&tc=1
Request Chain 337
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L01TFFPO-27-11SK
Request Chain 340
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0 HTTP 302
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&xl8blockcheck=1 HTTP 302
  • https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Request Chain 341
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Request Chain 342
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&__user_check__=1&sync_id=7cb95844-95e5-11ec-8924-154f9acf0203 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=spotx&uid=7cb957e4-95e5-11ec-8924-154f9acf0203&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Request Chain 343
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0%2526uid%253D%2523PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT&piggybackCookie=CAESEDKlDYCWUZf7SJLEiLdqqqM&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1D6054FD4F7741E7A2A9A9482C6BE4F4 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0%26uid%3D8DD63D45-098F-4BA1-B2D5-9EADA546BB39 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&uid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39
Request Chain 344
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=openx&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&uid=fe252f6a-c861-4a6c-a5a4-cc8072a4b8cc
Request Chain 345
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
Request Chain 346
  • https://sync.hgrtb.com/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dmediaforce_custom%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0%26uid%3D%7BUSER_ID%7D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&uid=c2550f1a-f263-4602-bee7-8a8fdb84d8b2
Request Chain 347
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0%0A HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=emx&uid=6237531769661368453brt77721645757340509462a6&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Request Chain 348
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=69497fcd-ba32-4b2d-834f-7b33fea6ad08&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Request Chain 349
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%24%7BUSER%7D%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&zcc=1&cb=1645757341497 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=472131473 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/7ab8afa3-6b9b-4d24-b1ff-11dd1b864152 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6f4993e5-bce2-4471-87d3-66cd3254ac34-005?redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3DRX-6f4993e5-bce2-4471-87d3-66cd3254ac34-005%26obUid%3D%24D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-6f4993e5-bce2-4471-87d3-66cd3254ac34-005&obUid=$D
Request Chain 350
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=f60fa51f&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Request Chain 351
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0%26gdpr%3D$GDPR_APPLIES%26gdpr_consent%3D$CONSNT_STRING HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smart&uid=1792352065511876935&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
Request Chain 352
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A&gdpr=0&gdpr_consent=
Request Chain 354
  • https://id.rlcdn.com/711945.gif?cparams=obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0 HTTP 307
  • https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Request Chain 390
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIiquuE_leaGRlrV8tQbqo&google_cver=1&gdpr=0
Request Chain 391
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI1YmQ1YTctN2VmOC0yOTM0LWQzMmItYzQ5NDAwZmRiMTg3
Request Chain 392
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOKx3JLeeKA5iURGcmwcVf4&google_cver=1&gdpr=0
Request Chain 393
  • https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjRlY2I1NDEtYjBiZS00MzIyLWIwZDgtNjhiOTU3YjVhNWY4
Request Chain 395
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/ttd?uid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&gdpr=0&gdpr_consent=
Request Chain 396
  • https://idsync.rlcdn.com/386076.gif?partner_uid=ZGIABGIYQ5wAAAAJVZ0CAw%3D%3D&gdpr=0&gdpr_consent= HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=1bf2790b-7ac8-41f0-99b2-1edef3841e3f
Request Chain 397
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/eyeota?uid=2z1kG8sVWY0E9a8_OwliUHdl9_r3rRjBv9muxsTweptg&gdpr=0&gdpr_consent=
Request Chain 398
  • https://tag.crsspxl.com/c.gif?t=50173&r=https%3A%2F%2Fp.nexac.com%2Fe%2Fsr%2Fa-1625%2Fs-3300%2Fs-3300.xgi%3Fcb%3D%7BCPCB%7D HTTP 302
  • https://tag.crsspxl.com/c.gif?cc=1&t=50173&r=https%3A%2F%2Fp.nexac.com%2Fe%2Fsr%2Fa-1625%2Fs-3300%2Fs-3300.xgi%3Fcb%3D%7BCPCB%7D HTTP 302
  • https://sync.sharethis.com/crosspixel?uid=7426497872870003229&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3DCPX12%26google_cm%26cb%3D1645757341430 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=CPX12&google_cm&cb=1645757341430/ZGIABGIYQ5wAAAAJVZ0CAw== HTTP 302
  • https://tag.crsspxl.com/m.gif?id=&cb=1645757341430/ZGIABGIYQ5wAAAAJVZ0CAw==&google_gid=CAESEDKGmA3fF-HoH7x1-7t8y2Q&google_cver=1
Request Chain 399
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGIABGIYQ5wAAAAJVZ0CAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3625379462841368613 HTTP 307
  • https://ml314.com/csync.ashx?fp=f0d7c2ae351f02d8b586e3161b8b7ab9d3277b1ba7eb45aad44b97aa83f1e12cf4cb09cee1a4f8eb&person_id=3625379462841368613&eid=50082
Request Chain 400
  • https://tags.bluekai.com/site/59574?id=ZGIABGIYQ5wAAAAJVZ0CAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
  • https://sync.sharethis.com/oracle?uid=hmISw1Ze999g3hCi&BK_SWAP_DEST=5957
Request Chain 413
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIiquuE_leaGRlrV8tQbqo&google_cver=1&gdpr=0
Request Chain 414
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI1YmQ1YTctN2VmOC0yOTM0LWQzMmItYzQ5NDAwZmRiMTg3
Request Chain 415
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOKx3JLeeKA5iURGcmwcVf4&google_cver=1&gdpr=0
Request Chain 416
  • https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjRlYzQwN2QtYTk2Yy00NjM1LTllMDctYjZlNzRjNjNmMGNl
Request Chain 431
  • https://fw.adsafeprotected.com/rfw/st/904480/59616675/4.js?adContainerId=brand_safety_nUMYYtDkBZavNfvskNgJ&cbFunctionName=goog_wrapCb_nUMYYtDkBZavNfvskNgJ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.hawtcelebs.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:5c400c75-17ed-378a-4476-88378025a091,c:5chsxS,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6b6c9f846c-lfx5j,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.0,am:sp,cc:0.0.300.0,piv:0,obst:0,th:0,reas:r.h,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:sYpU5jB+11%7C12%7C13%7C14%7C151%7C152%7C153%7C1541%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i*.904480-59616675%7C1i1%7C1j1%7C1k%7C1l1%7C1l2%7C1m,idMap:1i*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:26,oid:7cad3c62-95e5-11ec-9cb6-4a527d518f3f,v:19.8.289,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_nUMYYtDkBZavNfvskNgJ&cbFunctionName=goog_wrapCb_nUMYYtDkBZavNfvskNgJ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Request Chain 435
  • https://um.simpli.fi/gp_match?google_gid=CAESEGo44BA3rAYMuFlo7eK_BE4&google_cver=1&google_push=AYg5qPLSh4IlmNtpk07YtNb5N2MEy8MyjR2xkFavXuLN-z6vhwo5jDym1C9I13k1IAGZ3BCZE0l3B6zT6wBtZOSFambfacau8Z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1D6054FD4F7741E7A2A9A9482C6BE4F4&google_push=AYg5qPLSh4IlmNtpk07YtNb5N2MEy8MyjR2xkFavXuLN-z6vhwo5jDym1C9I13k1IAGZ3BCZE0l3B6zT6wBtZOSFambfacau8Z8
Request Chain 437
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEGGbgp-RTISBwqpsFp3Q3nU&google_cver=1&google_push=AYg5qPJjtgHPkS6q3OsK6WgkF1lL4hfdcNDx5UnR1WWs4S5_X2LwUZIXuSu_N4ncqLMMNMutzmP-FoGbVFFSvyPS8Fi_Y9zA6Qs HTTP 302
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEGGbgp-RTISBwqpsFp3Q3nU&google_cver=1&google_push=AYg5qPJjtgHPkS6q3OsK6WgkF1lL4hfdcNDx5UnR1WWs4S5_X2LwUZIXuSu_N4ncqLMMNMutzmP-FoGbVFFSvyPS8Fi_Y9zA6Qs&prevuid=06030002_6218439d8c50f&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AYg5qPJjtgHPkS6q3OsK6WgkF1lL4hfdcNDx5UnR1WWs4S5_X2LwUZIXuSu_N4ncqLMMNMutzmP-FoGbVFFSvyPS8Fi_Y9zA6Qs&google_hm=MDYwMzAwMDJfNjIxODQzOWQ4YzUwZg%3D%3D
Request Chain 438
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEBlCa3LK7cbKUXWIafYEajo&c_param1=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
Request Chain 439
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESECKpqUu_HaywLAqpL4oOPlM&google_cver=1&google_push=AYg5qPKShnz6K2YK_n1bjY16a_o5uC7_QA1vdsMozJHIVxdbBQEHppEkh7ZH_FfMq940czW0x8CvFX5EP_oTlp3HyKIP3Isywg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPKShnz6K2YK_n1bjY16a_o5uC7_QA1vdsMozJHIVxdbBQEHppEkh7ZH_FfMq940czW0x8CvFX5EP_oTlp3HyKIP3Isywg&google_hm=WWhoRG5jQ281dVlBQUl3RHlwa0FBQUFB
Request Chain 440
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEO1eXJriEImjccxt6MO2G94&google_cver=1&google_push=AYg5qPLDIkRv_6K9kijUK8rV1loBDPzJzzDMc-WPKf5mQMvLGcZFVVvbDtDs7iedtMaqph2jHKTySiNVL1fQQXeCcpNbmvvo9Eia HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=fxL99tvKTmmN3PdEdP9gBQ==&no_redirect=1&google_push=AYg5qPLDIkRv_6K9kijUK8rV1loBDPzJzzDMc-WPKf5mQMvLGcZFVVvbDtDs7iedtMaqph2jHKTySiNVL1fQQXeCcpNbmvvo9Eia
Request Chain 460
  • https://fw.adsafeprotected.com/rfw/st/904480/59616658/4.js?adContainerId=brand_safety_nUMYYqmGE6CBoPMPysiz-A0&cbFunctionName=goog_wrapCb_nUMYYqmGE6CBoPMPysiz-A0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.hawtcelebs.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:41c325b9-c60f-b543-be1b-add61f823207,c:5chsBm,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6b6c9f846c-v26fw,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.0,am:sp,cc:0.0.160.0,piv:0,obst:0,th:0,reas:r.h,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:sYpU5n8+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j*.904480-59616658%7C1j1%7C1k%7C1l1%7C1l2%7C1m%7C1n%7C1o,idMap:1j*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:23,oid:7cbb4617-95e5-11ec-90df-d23755f3757a,v:19.8.289,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_nUMYYqmGE6CBoPMPysiz-A0&cbFunctionName=goog_wrapCb_nUMYYqmGE6CBoPMPysiz-A0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
Request Chain 473
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGIABGIYQ5wAAAAJVZ0CAw%3D%3D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.858.22963%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=53303855 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=TnkwU3dCb1E5OTlUdU9DaQ%3D%3D HTTP 302
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEMTnHL2U-pGr6qGIXQZDMpU&google_cver=1
Request Chain 494
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIDZhC6LAwxwfrK1egEAvS0&google_cver=1&google_push=AYg5qPKTIBfI8rSFROYhMFaTl2PxrnyXyys62YoAd1JMtJZc1GikR4vPQXPg3cXYuZIoO7gXYvJW_cE4v4umZbr9QuZUwiZov-w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKTIBfI8rSFROYhMFaTl2PxrnyXyys62YoAd1JMtJZc1GikR4vPQXPg3cXYuZIoO7gXYvJW_cE4v4umZbr9QuZUwiZov-w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIDZhC6LAwxwfrK1egEAvS0&google_cver=1&google_push=AYg5qPKTIBfI8rSFROYhMFaTl2PxrnyXyys62YoAd1JMtJZc1GikR4vPQXPg3cXYuZIoO7gXYvJW_cE4v4umZbr9QuZUwiZov-w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKTIBfI8rSFROYhMFaTl2PxrnyXyys62YoAd1JMtJZc1GikR4vPQXPg3cXYuZIoO7gXYvJW_cE4v4umZbr9QuZUwiZov-w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 495
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEDpvD4K6smLoehxq6F2c16Y&google_cver=1&google_push=AYg5qPJj_PqnjZOyyT7LScgKb1m4OlEZcAgjWhGgfdN5Dek5qG1OnH1CzdJkOV5Pf58RzpLeu4STbAyYkfgrb2URddWAJ2G8BSg HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEDpvD4K6smLoehxq6F2c16Y&google_cver=1&google_push=AYg5qPJj_PqnjZOyyT7LScgKb1m4OlEZcAgjWhGgfdN5Dek5qG1OnH1CzdJkOV5Pf58RzpLeu4STbAyYkfgrb2URddWAJ2G8BSg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Fk2my_LlQ3qT9qCD7KNwrmIYQ54
Request Chain 496
  • https://fksnk.com/cs/google?google_gid=CAESEGvYdZbLY-WGH7uP-o7lRyw&google_cver=1&google_push=AYg5qPJowwo2XUJxvLgswD1b9D-17ZfSv4Grsdwtvwshkr5hqCIuk1lvqPgEyXGmOH9XtvrJfAUiNKZOYYCAR9T48dd1OPG2Hzc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Mzg0ODAyNTg3NDg2MTBDNA==
Request Chain 498
  • https://rtb.openx.net/sync/dds?google_gid=CAESEH_0vmFqjLyjcmg3RSQeSSc&google_cver=1&google_push=AYg5qPKIuYHypbH1kht0LIXN8hwIg8XqsNHUbwxwCmEjmCxZ8vP827UPNm_NjUo9WDIRm0IRAeC44icBaHbeBOPe08ZkYvoqtw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKIuYHypbH1kht0LIXN8hwIg8XqsNHUbwxwCmEjmCxZ8vP827UPNm_NjUo9WDIRm0IRAeC44icBaHbeBOPe08ZkYvoqtw&google_hm=kWKMUR4Jzr4gv9KaGQZFXQ==
Request Chain 499
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEIgqju86Llf2Pu6KuAkB59g&google_cver=1&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
Request Chain 500
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEB7jxCtUfCP_BYknXsMRLnc&google_cver=1&google_push=AYg5qPJPrPnYkFu3QY2lxqrbgFT_hBrvMPs70qrd7KyQPTAZZTGFPTKgRfrfvWKBkiv4UG4IyalG18xK2VfjhbSDwA3S4f82OT81 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEB7jxCtUfCP_BYknXsMRLnc&google_cver=1&google_push=AYg5qPJPrPnYkFu3QY2lxqrbgFT_hBrvMPs70qrd7KyQPTAZZTGFPTKgRfrfvWKBkiv4UG4IyalG18xK2VfjhbSDwA3S4f82OT81&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA3Y2I3ZWFlZS05NWU1LTExZWMtYmM1NC0wMjQwZjg1ZDA3YjE%3D&google_push=AYg5qPJPrPnYkFu3QY2lxqrbgFT_hBrvMPs70qrd7KyQPTAZZTGFPTKgRfrfvWKBkiv4UG4IyalG18xK2VfjhbSDwA3S4f82OT81
Request Chain 519
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEGGbgp-RTISBwqpsFp3Q3nU&google_cver=1&google_push=AYg5qPK_yd16fIiE6EM_S91Xn-QGm_SykqfNmJrU_t2qjIIFqgMaNw_hf8US6Eo4Le17MezYYINzKlSkE98Dp0geXrrj2oezIED8 HTTP 302
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEGGbgp-RTISBwqpsFp3Q3nU&google_cver=1&google_push=AYg5qPK_yd16fIiE6EM_S91Xn-QGm_SykqfNmJrU_t2qjIIFqgMaNw_hf8US6Eo4Le17MezYYINzKlSkE98Dp0geXrrj2oezIED8&prevuid=06030002_6218439d8c50f&knw=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AYg5qPK_yd16fIiE6EM_S91Xn-QGm_SykqfNmJrU_t2qjIIFqgMaNw_hf8US6Eo4Le17MezYYINzKlSkE98Dp0geXrrj2oezIED8&google_hm=MDYwMzAwMDJfNjIxODQzOWQ4YzUwZg%3D%3D
Request Chain 521
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEIgqju86Llf2Pu6KuAkB59g&google_cver=1&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
Request Chain 522
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEHAjjo6iS3uHF89dlVmdAqE&google_cver=1&google_push=AYg5qPL1DNbhe7ho77sneo0xuoNznO062b6O64zGmuhNlCC_gHAxz_v_IGSVLXWKAuEzibVBkd-i8uOI9Hf0tmYGAq1SgR_yQNQk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZTBjM2VkN2U0YTFmNGZkYjhhZmQzNjM4MWUzOWRiZjc%3D&UIDF=CAESEHAjjo6iS3uHF89dlVmdAqE&google_cver=1&google_push=AYg5qPL1DNbhe7ho77sneo0xuoNznO062b6O64zGmuhNlCC_gHAxz_v_IGSVLXWKAuEzibVBkd-i8uOI9Hf0tmYGAq1SgR_yQNQk
Request Chain 523
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEOQzANwJXCXUR5_HR8MoOio&google_cver=1&google_push=AYg5qPIUa94Gj4HPUE7p9RsqcxiAZSdz5FS25USJQ2evfCEPp2Sl1UF_2M3lpW-Jvishz_B7Ex0XLbHa2mqJyatlaP7Z_oA8ufk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AYg5qPIUa94Gj4HPUE7p9RsqcxiAZSdz5FS25USJQ2evfCEPp2Sl1UF_2M3lpW-Jvishz_B7Ex0XLbHa2mqJyatlaP7Z_oA8ufk&google_hm=KRfnHTdsSia7dA7bu5zzqp4
Request Chain 524
  • https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEA8Cgm4tgnlzh0gzNxGIebE&google_cver=1&google_push=AYg5qPIuQwsHiccLCjSayERZYtOseWsHdQLAmt4CVOV7rbu-CL4ReryFpfDOFrfi2P5uZJBPtHCB-ARIPbSHoHGzM8VTk8z3YaJVAg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=Nzc3MjE2NDU3NTczNDA1MDk0NjJhNg==
Request Chain 527
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=hawtcelebs.com&sn=ChromeSyncframe&so=0&topUrl=www.hawtcelebs.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=vPpgi3xwSVpDOVAzTVAyVmtoeVRTQk9GN0dWS2FQZmxpZE9GaDZ4Zjh0VWtKbjJrbnRNVUtCSm9KVGxKMTlab3ZMenVEelY0NHR4MS9uSHVrdWpGQlY5VVl1S1dRTUJYbDVPeG4zZkFQYTV1RlY3Nk9qRVRVMS9mVmZxM01sZUt2SnR6NURneWVsbXFFVllkY25wQk9aSFRzRHJqWGhlU2FiMGlScHQzbVNndUJ3WGVjd0dBWVNmTVNxTkVSUldvYVdaNlp3ZWZnaVNDQkIvdkdWR3ZyUW1TbXpLV2FuWkZxcHY2N0VsSG1GTGlzMWVQWXBOREZjN2dHeUl5eUZqUDZrLzlKWlc5ckxnay9uQWxJU2oyUzEzTVVPQT09fA&cppv=2
Request Chain 532
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEHC3JE2pzr8HYWHsDmSq-jw&google_cver=1&google_push=AYg5qPL_kwIsVvzXxNTdSFEvORmDXhjRhuiYhlYiXPSMf974LUMCoyrglNiDAWahsrEz8CgQGDfI5QgL0bGaZ2rRoDFx6RWsNdgAxg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AYg5qPL_kwIsVvzXxNTdSFEvORmDXhjRhuiYhlYiXPSMf974LUMCoyrglNiDAWahsrEz8CgQGDfI5QgL0bGaZ2rRoDFx6RWsNdgAxg&google_hm=UjFENTMxX0VCRDJFOTg3Xzk3NjY0QzBG
Request Chain 533
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEJMr8U5VCwOhTxjbedeXpy8&google_cver=1&google_push=AYg5qPJ3esiqsROij11aiCI3vGxR252V7CWRpQoF0-igQk9wfiTuoEMg1HnI1wV1nq3k-ipyGD5aIN-hY057FDzH81PqWyif8DJGqg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJ3esiqsROij11aiCI3vGxR252V7CWRpQoF0-igQk9wfiTuoEMg1HnI1wV1nq3k-ipyGD5aIN-hY057FDzH81PqWyif8DJGqg&google_hm=QUxVSUl3ZExXSDNsNWN3eUFpcnlVbXc=
Request Chain 534
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJjEh-eAN0j1MEBCx8M-2kA&google_cver=1&google_push=AYg5qPKmj2zw7IUBj3wQm09sjtOaaCY-E4dEPet8NtcvvKOeuoee0qQQUUrtqLTZgvPEMFA-fbpf6jIBSLwxF1Ml2SxYb4efgU1U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKmj2zw7IUBj3wQm09sjtOaaCY-E4dEPet8NtcvvKOeuoee0qQQUUrtqLTZgvPEMFA-fbpf6jIBSLwxF1Ml2SxYb4efgU1U&google_hm=LXpaT2gycUVfY3pDTFd1M21WTEs=
Request Chain 535
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEF2EoFzMf1FEDM8yx5a2LzE&google_cver=1&google_push=AYg5qPIpX8pBF0XiDa6u_FTKIwQF9lSizAwOTP78w5RUbGK4UVUBYpODPbK_ckxW7xXUhkOAP_V_CLxhv6d7NS7hdPAEgaEfYTB51w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPIpX8pBF0XiDa6u_FTKIwQF9lSizAwOTP78w5RUbGK4UVUBYpODPbK_ckxW7xXUhkOAP_V_CLxhv6d7NS7hdPAEgaEfYTB51w&google_hm=Z2JmOTkxN2VlZjlhYTAxOThlMjE=
Request Chain 536
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBh6CuontJV5YyuV2j0IcF0&google_cver=1&google_push=AYg5qPIa0K5JnWyzDZUwsy8JhpJiNm7sulnmcIvyzOzhA7ICh7SxeNc5ClidEurzbyrpBHOW1NRouNaey6AmcRur6W5_-MqlouRvfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIa0K5JnWyzDZUwsy8JhpJiNm7sulnmcIvyzOzhA7ICh7SxeNc5ClidEurzbyrpBHOW1NRouNaey6AmcRur6W5_-MqlouRvfg&google_hm=MTc5MjM1MjA2NTUxMTg3NjkzNQ%3D%3D
Request Chain 537
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEB7jxCtUfCP_BYknXsMRLnc&google_cver=1&google_push=AYg5qPIiRjky_0xCm4TSQ7TZZ-8tCdnBqGGezCUHeFZka5IT2fWwIeAwsSp2RE6Aip4-RIDVvwMoQlbSSJXLUOnxUZ7bom4y7V9N4LE HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEB7jxCtUfCP_BYknXsMRLnc&google_cver=1&google_push=AYg5qPIiRjky_0xCm4TSQ7TZZ-8tCdnBqGGezCUHeFZka5IT2fWwIeAwsSp2RE6Aip4-RIDVvwMoQlbSSJXLUOnxUZ7bom4y7V9N4LE&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA3Y2I3ZWFlZS05NWU1LTExZWMtYmM1NC0wMjQwZjg1ZDA3YjE%3D&google_push=AYg5qPIiRjky_0xCm4TSQ7TZZ-8tCdnBqGGezCUHeFZka5IT2fWwIeAwsSp2RE6Aip4-RIDVvwMoQlbSSJXLUOnxUZ7bom4y7V9N4LE
Request Chain 540
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152/gdpr=0/gdpr_consent=
Request Chain 542
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=92b8ad9e8cfdb3848cd04f18d676acf2&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D99c9dfe3-7960-4e03-b3d1-bfa17a067259%252Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D99c9dfe3-7960-4e03-b3d1-bfa17a067259 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6237531769661368453&pt=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D99c9dfe3-7960-4e03-b3d1-bfa17a067259 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=99c9dfe3-7960-4e03-b3d1-bfa17a067259
Request Chain 543
  • https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP HTTP 302
  • https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=5f450e0c344f7b146dcd68b5c49d30a2
Request Chain 544
  • https://px.surveywall-api.survata.com/t HTTP 302
  • https://bcp.crwdcntrl.net/map/c=10098/tp=SRVT/tpid=ce21d7cc-805e-f22c-3c34-40f40f60fbaa
Request Chain 549
  • https://aorta.clickagy.com/pixel.gif?ch=120&cm=92b8ad9e8cfdb3848cd04f18d676acf2 HTTP 302
  • https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=164da6cb-f2e5-437a-93f6-a083eca370ae-6218439e-5553 HTTP 302
  • https://stags.bluekai.com/site/51557?id=YhhDnu5nxtEjlUMgr-lALqkj&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1 HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=122&cm=aXbSwO3i99eTiCCi HTTP 302
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=YhhDnu5nxtEjlUMgr-lALqkj&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=73108287142213250733347802760755455793 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=WWhoRG51NW54dEVqbFVNZ3ItbEFMcWtq HTTP 302
  • https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEGEr1fgEFIN76lmMHfrFByc&google_cver=1 HTTP 302
  • https://idsync.rlcdn.com/420246.gif?partner_uid=YhhDnu5nxtEjlUMgr-lALqkj HTTP 307
  • https://aorta.clickagy.com/pixel.gif?ch=114&cm=732f2f911012933a25dfef8b61d2b8e5bb4bc71b2d0c172a1339770736b093de25abae5358c0e7bc HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=YhhDnu5nxtEjlUMgr-lALqkj&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1645757342755&ip=2a0d:5600:24:1400:1011:d70b:b470:129b&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D163850504073002495601 HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=163850504073002495601
Request Chain 550
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=92b8ad9e8cfdb3848cd04f18d676acf2 HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=92b8ad9e8cfdb3848cd04f18d676acf2
Request Chain 552
  • https://sync.srv.stackadapt.com/sync?nid=lotame HTTP 302
  • https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-3f341e69-736e-41ac-7ec1-92eeb3778bee$ip$5.181.234.158
Request Chain 553
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=bc3038ad-89f0-4035-9413-31ef3742a335
Request Chain 554
  • https://dt-secure.videohub.tv/v1/usync/lo HTTP 303
  • https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-ff2139a64e14163a0652a9632f4f6866
Request Chain 555
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0
Request Chain 556
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=164da6cb-f2e5-437a-93f6-a083eca370ae-6218439e-5553/gdpr=0
Request Chain 558
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=YhhDngAIwBmCJwBB HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YhhDngAIwBmCJwBB/gdpr=0&_test=YhhDngAIwBmCJwBB
Request Chain 561
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/92b8ad9e8cfdb3848cd04f18d676acf2/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4470016423583563883/gdpr=0
Request Chain 591
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dXJpXjV9wQ3p0VkpFJTJCbTh3YWlMaHoxJTJCU3ZtN1BMa0YwZzh3RFMzMEc0R2lqM1RNYyUzRA%26u%3d%24%7bUSER_ID%7d&gdpr=false&consent=&ccpa= HTTP 303
  • https://ssp-sync.criteo.com/user-sync/match?p=XJpXjV9wQ3p0VkpFJTJCbTh3YWlMaHoxJTJCU3ZtN1BMa0YwZzh3RFMzMEc0R2lqM1RNYyUzRA&u=AAB7gk7EMIcAAH15dBe-JQ&gdpr=false
Request Chain 592
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=lzNcVl8wNVlSMGxDcFJEazVScm5RRlRUeW5PWlpZWWJSazBpM3pycDlURjBDdGxvJTNE&gdpr=false&gdpr_consent=&us_privacy=&cr_user_id= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dcriteo%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dcriteo%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=e34274d0-82d2-5338-b9ac-2289dbb46117&ssp=criteo&expires=30&user_group=1 HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=lzNcVl8wNVlSMGxDcFJEazVScm5RRlRUeW5PWlpZWWJSazBpM3pycDlURjBDdGxvJTNE&u=bf9fd540-38fe-45ee-94d0-583b2d0001e1
Request Chain 593
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dokPSEF81Q0g0QVdqJTJCZzd6T0VhT3VyWm5iTWhTM0ZYOHRHJTJGM2ZQa1czNnZsT21ZYyUzRA%26u%3d%3cTUID%3e&gdpr=false&consent=&ccpa= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=okPSEF81Q0g0QVdqJTJCZzd6T0VhT3VyWm5iTWhTM0ZYOHRHJTJGM2ZQa1czNnZsT21ZYyUzRA&u=56243e83-42ef-450d-af38-b34e70e05cae-tuct911c91e
Request Chain 597
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a8fd6193-125b-4092-ba5f-7d642633cd48 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a8fd6193-125b-4092-ba5f-7d642633cd48&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1 HTTP 302
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1&gdpr=0&gdpr_consent=
Request Chain 598
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=a8fd6193-125b-4092-ba5f-7d642633cd48 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A&gdpr=0&gdpr_consent=
Request Chain 599
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L01TFFPO-27-11SK&gdpr=0&us_privacy=1---
Request Chain 600
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=5fa6044d8d&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&pubid=5fa6044d8d HTTP 302
  • https://id5-sync.com/s/434/9.gif?puid=ca27101e-92a6-4431-be3d-4c81d4005bc5&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/434/9/1.gif?puid=ca27101e-92a6-4431-be3d-4c81d4005bc5&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/434/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/2/8/2.gif?puid=6237531769661368453&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/3/7/3.gif?puid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&ttl=%%TTL%% HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEPK1WTrDlcx5Oarr6yAH4Ho&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEPK1WTrDlcx5Oarr6yAH4Ho&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=6237531769661368453&opid=apx&ops=&utidl=tech:goo:CAESEPK1WTrDlcx5Oarr6yAH4Ho&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A25499385022&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5 HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAB7gk7EMIcAAH15dBe-JQ HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F796%2F3%2F7.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/796/3/7.gif?puid=7edfac87-95e5-11ec-b3ae-b9599d422bef&gdpr=0&gdpr_consent=
Request Chain 601
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=30076218-439d-4700-9dda-44f2b86092d3
Request Chain 602
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA3Y2I3ZWFlZS05NWU1LTExZWMtYmM1NC0wMjQwZjg1ZDA3YjE%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEFpJsibzdAcVlpc029i7SJQ&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFpJsibzdAcVlpc029i7SJQ&google_cver=1&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
Request Chain 603
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2809753602401196877
Request Chain 604
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=sonobi&ssp_uuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1 HTTP 302
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=sonobi&ssp_uuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=sonobi&user_id=903ddf42-6f2f-4986-95f7-7f3a23eebde3 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1
Request Chain 605
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=ca27101e-92a6-4431-be3d-4c81d4005bc5&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=NFU4VVlHY1JBSFl2MHVXMmk1dFNwQQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEKZOC5AjQ4MVuDA8w67MRw&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=77qq9NjowdEy
Request Chain 606
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YhhDngAIwBmCJwBB&_origin=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YhhDngAIwBmCJwBB&_origin=0&gdpr=0&gdpr_consent=&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
Request Chain 607
  • https://prebid.a-mo.net/cchain?gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F142%3FA%3Da8fd6193-125b-4092-ba5f-7d642633cd48%26bidder%3Dsovrn%26cbx%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24UID
Request Chain 608
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&_origin=1&gdpr=0&gdpr_consent=
Request Chain 636
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hawtcelebs.com%2F&domain=www.hawtcelebs.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=IH31Z3xZaDlybG5vblY1ZjJKT0pZTE9XUHNzZ3FGRjhtVWc2ZDIvRmc3ck5sWmFpb2tPUGtVU0MyMXA0V1ZXQkM2VWRmMUR3VTVLYjg4Q010OTBNZU9DYlJvVTVaYWgrZFdwSXFSbjdKRGdWb05iTGUxaUZGUFgxN1lYWGZYcFY3UnMvZjZEdlFGTVcxVlJXcUpzQW1qYmVGMUkyY1B2SkowMVQwRWZmLzRXWTY5RFVnUkVUcmdKZkdxQWVELzZSVTgvcmc3ZjVqZ3RCWjNmTWMrSkRmWXBBNFRQTXRsK0JGR1JhWjU5NFkzd2Z0SGtHV1ZlYVJlWDgyL2ZvaWxDOStNOUo3WWYwYmJRcXpEc2JFVkxlTFR2RzZybGluRjBzelZabiswdWVBVVN6RWdhVT18&cppv=2
Request Chain 638
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 641
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 643
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 645
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 658
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L01TFFPO-27-11SK&gdpr=0&us_privacy=1---
Request Chain 659
  • https://prebid.a-mo.net/cchain?gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F638%253FA%253Da8fd6193-125b-4092-ba5f-7d642633cd48%2526bidder%253Dpubmatic%2526cbx%253D%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1---%2526uid%253D%2523PMUID
Request Chain 660
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a8fd6193-125b-4092-ba5f-7d642633cd48 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a8fd6193-125b-4092-ba5f-7d642633cd48&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1 HTTP 302
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1&gdpr=0&gdpr_consent=
Request Chain 661
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=a8fd6193-125b-4092-ba5f-7d642633cd48 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A&gdpr=0&gdpr_consent=
Request Chain 663
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&dongle=0cfd
Request Chain 664
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=tHqUD_q4M&dongle=u6nf
Request Chain 665
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM-7tXf2Pk-tIrQxSsJ45E0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 666
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjAxMTk4MDU2NTkxOTg4MzcwNzA2MQ%3D%3D
Request Chain 667
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2011980565919883707061&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2011980565919883707061&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1053ef4e-2c44-46bd-a245-15d9ce1837e1&_noobservation=1
Request Chain 668
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2011980565919883707061?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ku1Hkt1E2oSI76Yd.8EE4aNWFxCwpIZQxOeYB68zJQ--~A&dongle=0883
Request Chain 670
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2011980565919883707061 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2011980565919883707061&dcc=t
Request Chain 671
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2011980565919883707061&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=bf9fd540-38fe-45ee-94d0-583b2d0001e1 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=bf9fd540-38fe-45ee-94d0-583b2d0001e1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=3b197b9b-b64b-4ae7-b78b-8422c3052efe&ssp=triplelift&expires=30&user_group=5&bsw_param=bf9fd540-38fe-45ee-94d0-583b2d0001e1 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 672
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=-zZOh2qE_czCLWu3mVLK&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5FV5FUT3IGJYUKX3DPJBUYV3VGNWVMTCL&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5FV5FUT3IGJYUKX3DPJBUYV3VGNWVMTCL HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=-zZOh2qE_czCLWu3mVLK
Request Chain 673
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&dongle=0cfd
Request Chain 674
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=aHuUDVq4M&dongle=u6nf
Request Chain 675
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM-7tXf2Pk-tIrQxSsJ45E0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 676
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjAxMTk4MDU2NTkxOTg4MzcwNzA2MQ%3D%3D
Request Chain 677
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2011980565919883707061&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2011980565919883707061&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=52dab3b8-ab94-4f0e-b4a6-4553c54f47a0&_noobservation=1
Request Chain 678
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2011980565919883707061?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ku1Hkt1E2oSI76Yd.8EE4aNWFxCwpIZQxOeYB68zJQ--~A&dongle=0883
Request Chain 680
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2011980565919883707061 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2011980565919883707061&dcc=t
Request Chain 681
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2011980565919883707061&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=bf9fd540-38fe-45ee-94d0-583b2d0001e1 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=bf9fd540-38fe-45ee-94d0-583b2d0001e1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=3b197b9b-b64b-4ae7-b78b-8422c3052efe&ssp=triplelift&expires=30&user_group=5&bsw_param=bf9fd540-38fe-45ee-94d0-583b2d0001e1 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 682
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=-zZOh2qE_czCLWu3mVLK&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5FV5FUT3IGJYUKX3DPJBUYV3VGNWVMTCL&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5FV5FUT3IGJYUKX3DPJBUYV3VGNWVMTCL HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=-zZOh2qE_czCLWu3mVLK
Request Chain 683
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&dongle=0cfd
Request Chain 684
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=tHuIY_qfp&dongle=u6nf
Request Chain 685
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM-7tXf2Pk-tIrQxSsJ45E0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 686
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjAxMTk4MDU2NTkxOTg4MzcwNzA2MQ%3D%3D
Request Chain 687
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2011980565919883707061&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2011980565919883707061&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=52dab3b8-ab94-4f0e-b4a6-4553c54f47a0&_noobservation=1
Request Chain 688
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2011980565919883707061?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ku1Hkt1E2oSI76Yd.8EE4aNWFxCwpIZQxOeYB68zJQ--~A&dongle=0883
Request Chain 690
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2011980565919883707061 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2011980565919883707061&dcc=t
Request Chain 691
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2011980565919883707061&gdpr=0&gdpr_consent= HTTP 302
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=triplelift&user_id=903ddf42-6f2f-4986-95f7-7f3a23eebde3 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 692
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=-zZOh2qE_czCLWu3mVLK&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5FV5FUT3IGJYUKX3DPJBUYV3VGNWVMTCL&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5FV5FUT3IGJYUKX3DPJBUYV3VGNWVMTCL HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=-zZOh2qE_czCLWu3mVLK
Request Chain 693
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&dongle=0cfd
Request Chain 694
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=tHuIYVu4p&dongle=u6nf
Request Chain 695
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM-7tXf2Pk-tIrQxSsJ45E0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 696
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjAxMTk4MDU2NTkxOTg4MzcwNzA2MQ%3D%3D
Request Chain 697
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2011980565919883707061&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2011980565919883707061&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1053ef4e-2c44-46bd-a245-15d9ce1837e1&_noobservation=1
Request Chain 698
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2011980565919883707061?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ku1Hkt1E2oSI76Yd.8EE4aNWFxCwpIZQxOeYB68zJQ--~A&dongle=0883
Request Chain 700
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2011980565919883707061 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2011980565919883707061&dcc=t
Request Chain 701
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2011980565919883707061&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=bf9fd540-38fe-45ee-94d0-583b2d0001e1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=ff9d08f1-51e1-4cc7-bae6-5e9def1709af&expires=10&ssp=triplelift&bsw_param=bf9fd540-38fe-45ee-94d0-583b2d0001e1 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 702
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=-zZOh2qE_czCLWu3mVLK&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5FV5FUT3IGJYUKX3DPJBUYV3VGNWVMTCL&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5FV5FUT3IGJYUKX3DPJBUYV3VGNWVMTCL HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=-zZOh2qE_czCLWu3mVLK
Request Chain 703
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=ae75b982bd84cca3aa1c8cbc
Request Chain 704
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A
Request Chain 705
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=f60fa51f
Request Chain 706
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
Request Chain 707
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6237531769661368453
Request Chain 708
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2fc891d5-1d8e-4af9-a8d4-54ee1a91a2b4
Request Chain 709
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6237531769661368453
Request Chain 710
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=29943829-4a4e-c64a-abea-b5951f7e05e4
Request Chain 711
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e34274d0-82d2-5338-b9ac-2289dbb46117
Request Chain 712
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sonobi&uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
Request Chain 713
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Request Chain 714
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6237531769661368453
Request Chain 715
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=075441f3-5ffe-d76a-7ab0-fc33bcab88fc
Request Chain 716
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e34274d0-82d2-5338-b9ac-2289dbb46117
Request Chain 717
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6237531769661368453
Request Chain 718
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sonobi&uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
Request Chain 719
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A
Request Chain 720
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Request Chain 721
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=42990bd4a629a34d2f3d4f6c
Request Chain 722
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=f60fa51f
Request Chain 723
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
Request Chain 724
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2fc891d5-1d8e-4af9-a8d4-54ee1a91a2b4
Request Chain 725
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e34274d0-82d2-5338-b9ac-2289dbb46117
Request Chain 726
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=d165ff07-f18c-ad13-f5a9-ebffa98ace04
Request Chain 727
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6237531769661368453
Request Chain 728
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sonobi&uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
Request Chain 729
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A
Request Chain 730
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Request Chain 731
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=42990bd4a629a34d2f3d4f6c
Request Chain 732
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
Request Chain 733
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=f60fa51f
Request Chain 734
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2fc891d5-1d8e-4af9-a8d4-54ee1a91a2b4
Request Chain 735
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6237531769661368453
Request Chain 736
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=42990bd4a629a34d2f3d4f6c
Request Chain 737
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A
Request Chain 738
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=f60fa51f
Request Chain 739
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
Request Chain 740
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6237531769661368453
Request Chain 741
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2fc891d5-1d8e-4af9-a8d4-54ee1a91a2b4
Request Chain 742
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6237531769661368453
Request Chain 743
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=a5f1dcae-e0ce-9dbb-0d65-cba533a71976
Request Chain 744
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e34274d0-82d2-5338-b9ac-2289dbb46117
Request Chain 745
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sonobi&uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
Request Chain 746
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Request Chain 775
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&expiration=1648349345&gdpr=0&gdpr_consent=
Request Chain 777
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENCS0cElq23tTB3khV_zUM4&google_cver=1
Request Chain 779
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6237531769661368453
Request Chain 780
  • https://d.adroll.com/cm/index/ssp HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 781
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=aeef2579-0344-4565-86a8-205746520c7f
Request Chain 783
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 784
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&expiration=1648349345&gdpr=0&gdpr_consent=
Request Chain 785
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENCS0cElq23tTB3khV_zUM4&google_cver=1
Request Chain 787
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6237531769661368453
Request Chain 788
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=164da6cb-f2e5-437a-93f6-a083eca370ae-6218439e-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D164da6cb-f2e5-437a-93f6-a083eca370ae-6218439e-5553%26partner_url%3Dhttps%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D164da6cb-f2e5-437a-93f6-a083eca370ae-6218439e-5553%2526expiration%253D1648349345 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=164da6cb-f2e5-437a-93f6-a083eca370ae-6218439e-5553&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D164da6cb-f2e5-437a-93f6-a083eca370ae-6218439e-5553%26expiration%3D1648349345 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=164da6cb-f2e5-437a-93f6-a083eca370ae-6218439e-5553&expiration=1648349345
Request Chain 791
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=7f0b7262-95e5-11ec-87bc-d15aadb7246c
Request Chain 793
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&expiration=1648349345&gdpr=0&gdpr_consent=
Request Chain 794
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENCS0cElq23tTB3khV_zUM4&google_cver=1
Request Chain 797
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAB7gk7EMIcAAH15dBe-JQ&expiration=1646966945
Request Chain 798
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=7iMcJrQe1NnqFj5
Request Chain 803
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENCS0cElq23tTB3khV_zUM4&google_cver=1
Request Chain 804
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&expiration=1648349345&gdpr=0&gdpr_consent=
Request Chain 805
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6237531769661368453
Request Chain 806
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAB7gk7EMIcAAH15dBe-JQ&expiration=1646966945
Request Chain 807
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=30076218-439d-4700-9dda-44f2b86092d3
Request Chain 808
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4470016423583563883
Request Chain 810
  • https://idsync.rlcdn.com/711892.gif?partner_uid=ca27101e-92a6-4431-be3d-4c81d4005bc5 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGLC0AdmOzbRaIRLIr1JF70&google_cver=1
Request Chain 811
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Y2EyNzEwMWUtOTJhNi00NDMxLWJlM2QtNGM4MWQ0MDA1YmM1 HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEG0yHXr103czGl9q0s1-6WI&google_cver=1
Request Chain 812
  • https://id5-sync.com/s/434/9.gif?puid=ca27101e-92a6-4431-be3d-4c81d4005bc5&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F796%2F8%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/796/8/2.gif?puid=7edfac87-95e5-11ec-b3ae-b9599d422bef&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F7%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/434/429/7/3.gif?puid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/441/6/4.gif?puid=u_3999528b-d911-465b-8626-0cc169c9cad8&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F5%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/203/5/5.gif?puid=29812a66-af29-4268-835e-b097cefbdb1c&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/108/4/6.gif?puid=99c9dfe3-7960-4e03-b3d1-bfa17a067259&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F3%2F7.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/434/124/3/7.gif?puid=69497fcd-ba32-4b2d-834f-7b33fea6ad08&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F136%2F2%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/136/2/8.gif?puid=YhhDngAIwBmCJwBB&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F10%2F1%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F10%2F1%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/434/10/1/9.gif?puid=7441743613700024595&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0&consent=&id5id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Request Chain 813
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=ca27101e-92a6-4431-be3d-4c81d4005bc5 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=99c9dfe3-7960-4e03-b3d1-bfa17a067259&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D99c9dfe3-7960-4e03-b3d1-bfa17a067259%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73108287142213250733347802760755455793&pt=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2C
Request Chain 815
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=ca27101e-92a6-4431-be3d-4c81d4005bc5 HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=ca27101e-92a6-4431-be3d-4c81d4005bc5&ckls=true&ci=JvhBf1EXKZ&nc=false&trid=-1212126033 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D570392714%26rnd%3D646996792%26pcid%3D%23PMUID HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4470016423583563883&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/8DD63D45-098F-4BA1-B2D5-9EADA546BB39?gdpr=0&gdpr_consent=
Request Chain 817
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=ca27101e-92a6-4431-be3d-4c81d4005bc5 HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=ca27101e-92a6-4431-be3d-4c81d4005bc5&ckls=true&ci=F6pRKguvZO&nc=false&trid=824200734 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D570392714%26rnd%3D-910921313%26pcid%3D%23PMUID HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=570392714&rnd=-910921313&pcid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D570392714%3B1402230080%26rnd%3D886413515&pcid=$UID HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714;1402230080&rnd=886413515&pcid=6237531769661368453 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%26rnd%3D-433512822%26pcid%3D HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=570392714;1402230080;1709765917&rnd=-433512822&pcid=b991e0dd-fbc9-4f63-82ae-080e26573cf2 HTTP 302
  • https://ce.lijit.com/merge?pid=8101&3pid=JvhBf1EXKZ&location=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%3B1486637409%26rnd%3D-2135033121%26pcid%3D%5BSOVRNID%5D HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=570392714;1402230080;1709765917;1486637409&rnd=-2135033121&pcid=42990bd4a629a34d2f3d4f6c HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%3B1486637409%3B396218182%26rnd%3D1027714914%26pcid%3D%24SPOTX_USER_ID HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182&rnd=1027714914&pcid=7cb957e4-95e5-11ec-8924-154f9acf0203 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%26rnd%3D-1644575732%26pcid=[MM_UUID] HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1678944572&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182;1072441116&rnd=-1644575732&pcid=30076218-439d-4700-9dda-44f2b86092d3 HTTP 302
  • https://sync.1rx.io/usersync/intentiq/0?dspret=1&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%3B1678944572%26rnd%3D-668498253%26pcid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6f4993e5-bce2-4471-87d3-66cd3254ac34-005?redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%3B1678944572%26rnd%3D-668498253%26pcid%3DRX-6f4993e5-bce2-4471-87d3-66cd3254ac34-005 HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=541745869&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182;1072441116;1678944572&rnd=-668498253&pcid=RX-6f4993e5-bce2-4471-87d3-66cd3254ac34-005
Request Chain 818
  • https://idsync.rlcdn.com/711892.gif?partner_uid=ca27101e-92a6-4431-be3d-4c81d4005bc5 HTTP 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
  • https://idsync.rlcdn.com/362588.gif?partner_uid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152
Request Chain 819
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Y2EyNzEwMWUtOTJhNi00NDMxLWJlM2QtNGM4MWQ0MDA1YmM1 HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEG0yHXr103czGl9q0s1-6WI&google_cver=1
Request Chain 820
  • https://id5-sync.com/s/434/9.gif?puid=ca27101e-92a6-4431-be3d-4c81d4005bc5&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F796%2F8%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/796/8/2.gif?puid=7edfac87-95e5-11ec-b3ae-b9599d422bef&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F7%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/434/429/7/3.gif?puid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/441/6/4.gif?puid=u_d1200918-54f3-4db6-8fb7-d2080a378e9a&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F5%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/203/5/5.gif?puid=29812a66-af29-4268-835e-b097cefbdb1c&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/108/4/6.gif?puid=99c9dfe3-7960-4e03-b3d1-bfa17a067259&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F3%2F7.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/434/124/3/7.gif?puid=69497fcd-ba32-4b2d-834f-7b33fea6ad08&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F136%2F2%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/136/2/8.gif?puid=YhhDngAIwBmCJwBB&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F10%2F1%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F10%2F1%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/434/10/1/9.gif?puid=3126224795000178583&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0&consent=&id5id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Request Chain 821
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=ca27101e-92a6-4431-be3d-4c81d4005bc5 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=99c9dfe3-7960-4e03-b3d1-bfa17a067259&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D99c9dfe3-7960-4e03-b3d1-bfa17a067259%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73108287142213250733347802760755455793&pt=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2C
Request Chain 823
  • https://idsync.rlcdn.com/711892.gif?partner_uid=ca27101e-92a6-4431-be3d-4c81d4005bc5 HTTP 307
  • https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D HTTP 302
  • https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=30076218-439d-4700-9dda-44f2b86092d3
Request Chain 824
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Y2EyNzEwMWUtOTJhNi00NDMxLWJlM2QtNGM4MWQ0MDA1YmM1 HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEG0yHXr103czGl9q0s1-6WI&google_cver=1
Request Chain 825
  • https://id5-sync.com/s/434/9.gif?puid=ca27101e-92a6-4431-be3d-4c81d4005bc5&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F796%2F8%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/796/8/2.gif?puid=7edfac87-95e5-11ec-b3ae-b9599d422bef&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F7%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/434/429/7/3.gif?puid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/441/6/4.gif?puid=u_d1200918-54f3-4db6-8fb7-d2080a378e9a&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F5%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/203/5/5.gif?puid=29812a66-af29-4268-835e-b097cefbdb1c&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/108/4/6.gif?puid=99c9dfe3-7960-4e03-b3d1-bfa17a067259&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F3%2F7.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/434/124/3/7.gif?puid=69497fcd-ba32-4b2d-834f-7b33fea6ad08&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F136%2F2%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/136/2/8.gif?puid=YhhDngAIwBmCJwBB&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F10%2F1%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F10%2F1%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/434/10/1/9.gif?puid=5038780590449415291&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0&consent=&id5id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Request Chain 826
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=ca27101e-92a6-4431-be3d-4c81d4005bc5 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=99c9dfe3-7960-4e03-b3d1-bfa17a067259&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D99c9dfe3-7960-4e03-b3d1-bfa17a067259%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73108287142213250733347802760755455793&pt=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2C
Request Chain 828
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=ca27101e-92a6-4431-be3d-4c81d4005bc5 HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=ca27101e-92a6-4431-be3d-4c81d4005bc5&ckls=true&ci=iFJtd2cMu1&nc=false&trid=1332500649 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D570392714%26rnd%3D266926296%26pcid%3D%23PMUID HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4470016423583563883&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=570392714&rnd=266926296&pcid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D570392714%3B1402230080%26rnd%3D731098083&pcid=$UID HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714;1402230080&rnd=731098083&pcid=6237531769661368453 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%26rnd%3D942338667%26pcid%3D HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=570392714;1402230080;1709765917&rnd=942338667&pcid=b991e0dd-fbc9-4f63-82ae-080e26573cf2 HTTP 302
  • https://ce.lijit.com/merge?pid=8101&3pid=JvhBf1EXKZ&location=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%3B1486637409%26rnd%3D-1644884748%26pcid%3D%5BSOVRNID%5D HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=570392714;1402230080;1709765917;1486637409&rnd=-1644884748&pcid=42990bd4a629a34d2f3d4f6c HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%3B1486637409%3B396218182%26rnd%3D-1814880995%26pcid%3D%24SPOTX_USER_ID HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182&rnd=-1814880995&pcid=7cb957e4-95e5-11ec-8924-154f9acf0203 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%26rnd%3D15259597%26pcid=[MM_UUID] HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1678944572&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182;1072441116&rnd=15259597&pcid=30076218-439d-4700-9dda-44f2b86092d3 HTTP 302
  • https://sync.1rx.io/usersync/intentiq/0?dspret=1&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%3B1678944572%26rnd%3D-1746455719%26pcid%3D%5BRX_UUID%5D
Request Chain 831
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=ca27101e-92a6-4431-be3d-4c81d4005bc5 HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=ca27101e-92a6-4431-be3d-4c81d4005bc5&ckls=true&ci=nJNMYqLzuV&nc=false&trid=31524264 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D570392714%26rnd%3D1673149661%26pcid%3D%23PMUID HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4470016423583563883&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 832
  • https://idsync.rlcdn.com/711892.gif?partner_uid=ca27101e-92a6-4431-be3d-4c81d4005bc5 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6237531769661368453
Request Chain 833
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Y2EyNzEwMWUtOTJhNi00NDMxLWJlM2QtNGM4MWQ0MDA1YmM1 HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEG0yHXr103czGl9q0s1-6WI&google_cver=1
Request Chain 834
  • https://id5-sync.com/s/434/9.gif?puid=ca27101e-92a6-4431-be3d-4c81d4005bc5&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F796%2F8%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/796/8/2.gif?puid=7edfac87-95e5-11ec-b3ae-b9599d422bef&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F7%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/434/429/7/3.gif?puid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/441/6/4.gif?puid=u_d1200918-54f3-4db6-8fb7-d2080a378e9a&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F5%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/203/5/5.gif?puid=29812a66-af29-4268-835e-b097cefbdb1c&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/108/4/6.gif?puid=99c9dfe3-7960-4e03-b3d1-bfa17a067259&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F3%2F7.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/434/124/3/7.gif?puid=69497fcd-ba32-4b2d-834f-7b33fea6ad08&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F136%2F2%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/136/2/8.gif?puid=YhhDngAIwBmCJwBB&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F10%2F1%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F10%2F1%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/434/10/1/9.gif?puid=8310309623818972232&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0&consent=&id5id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Request Chain 835
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=ca27101e-92a6-4431-be3d-4c81d4005bc5 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=99c9dfe3-7960-4e03-b3d1-bfa17a067259&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D99c9dfe3-7960-4e03-b3d1-bfa17a067259%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73108287142213250733347802760755455793&pt=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2C

991 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hawtcelebs.com/
Redirect Chain
  • http://www.hawtcelebs.com/
  • https://www.hawtcelebs.com/
23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e62c8cb8e72a6aa65e3a3d7fd870a62373226198186f550a9244cc3c6f62f35f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
content-type
text/html; charset=UTF-8
link
<https://www.hawtcelebs.com/wp-json/>; rel="https://api.w.org/"
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Djvgp4HnzNSROGFDu5uvHvVf3MZ9zYqqoE%2BAcafKpa9lUvKKmpKnHYp2aRmGg%2BvmZG2S6zLjfiWKdcNsfgFHaN6BgfhcNCbQe4bzi3ePSDj%2F0H2f6W1t02jx2QTJkr%2BishfF508mJT2VYEfazxSCC9A%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e2d9e225abb8c35-EWR
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Fri, 25 Feb 2022 02:48:57 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Fri, 25 Feb 2022 03:48:57 GMT
Location
https://www.hawtcelebs.com/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLzjK4mXHHKRAo5zcwHvH9VhhS3IIqNgrPP4lVm6xim%2BrY8DstVnTpkrANzs%2BXrcWYDHRPAuhCcWmgEd79JFdTGq1FT4OB%2BLO136M%2FXpNaTOEaBE858J%2BSio2etQDR5HsHrsd1aG9pBoGfiZK5qdJkA%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6e2d9e221c68187d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
www.hawtcelebs.com/wp-content/themes/hawtceleb/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=5.8.3
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af0d6570462dee3c3937e8694b2ee98ea78313219976105080e94680c29769ad

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4223724
cf-polished
status=cannot_optimize
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Aug 2019 09:10:58 GMT
server
cloudflare
etag
W/"5d63a222-3db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bu%2FEe9AnWGDyqLAAxVlLVBoQYIXTQMxVQWp12QvH1Ex4xk2yWBKjLa6%2F9wkeZgVyXOhsCH4DqTSYqEfiYaq0M6b4BUHfTGaSZoqDZkTg%2BmY8HgQ9BLjwaHQVzD4L6a8wVdHLmZXAtHYttgqbjcja9og%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
6e2d9e26ed298c35-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%2C700i&ver=5.8.3
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31bf822302ba5c241966cbdf23c8e904c3fc8c4cf20758032774b8ffe8e1d69a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 02:48:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Feb 2022 02:48:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Feb 2022 02:48:58 GMT
dd-multi-col-cats.css
www.hawtcelebs.com/wp-content/themes/hawtceleb/ 		238 B
553 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/dd-multi-col-cats.css
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a40dcd59c23d9ed6f0fbaeefeb57c78543b487ad93c49f5f74b89dd85b0ea278

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5513495
cf-polished
origSize=313
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 10 Jun 2019 10:27:20 GMT
server
cloudflare
etag
W/"5cfe3088-139"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElRuBLdrhJm8ouyrwt8ZeBSjAm7Wd11Uu3a4zROY4x0QwSjsVGpHU6b54dx%2BmgzjlsHfyZF1j5S4lm1nnwGMqG1JxmgM3Yqu7C4Xrr7a2acLUJKkah9pquSQkMMnKFgfnAWn%2F87WMJO25l6UNtzAGqI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
6e2d9e26ed2a8c35-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
up.js
live.demand.supply/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c68827019efb394d55cd30c097ba6364e2fbacd7fa056ea11ea7271d65a911

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FR0RTV7AMQXDRH6SKW7FD36N
date
Fri, 25 Feb 2022 02:48:58 GMT
content-encoding
br
cf-cache-status
HIT
age
881
cf-polished
origSize=3935
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
cf-bgj
minify
server
cloudflare
etag
W/"59de6717fa079a1bdca61971e7fc88e1-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
6e2d9e271a611835-EWR
link
<https://live.demand.supply/impl.v14.0.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-0-0/d3d3Lmhhd3RjZWxlYnMuY29tLw==>; rel=preload; as=script
img.fetch
udmserve.net/udm/ 		60 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
cb5380d5cf0041e12131d97258579a1e59969addc8517238b8b740341e5dc1c5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Expires
0
kate-middleton-at-lego-foundation-playlab-in-copenhagen-02-22-2022-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/kate-middleton-at-lego-foundation-playlab-in-copenhagen-02-22-2022-6_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ba684c3a6ccbf316d0ad92784045b47080968a760cd002a2e74617d4d248abe

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22644
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
53298
last-modified
Thu, 24 Feb 2022 20:28:45 GMT
server
cloudflare
etag
"6217ea7d-d032"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzgfLwifXlzKLPPymlNX%2BvDYO25DkIw14rZ0Q62xnv80D4Ig6T2nVRjLtoAIuRBlgGo8auSq5JbfMWEERRfqvQI%2BWfhaRYo%2F8vB5sPmQkln9UqDHbRMD77t%2B6WD5qTl3AOxDkRrkR2FlmueIyQKqTGw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9e26ed2d8c35-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
luci-levante-for-aureate-jewellery-2022-10_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/luci-levante-for-aureate-jewellery-2022-10_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0268bdf254f22580db4e1006474490a0ed11ed3ed2cdb1766208dd2442e07f97

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22644
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36588
last-modified
Thu, 24 Feb 2022 20:25:26 GMT
server
cloudflare
etag
"6217e9b6-8eec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FhLv8TIM1CijPT9kP3rLfYvbpCBEI9fJxI7L0QZaFNpwuH5I%2FB53yB%2Bwn9H%2BDxRePHrshY%2BI2RXwO8XNHjev3%2Fv6YI0gebc9A12jvwuKlHIu9pkEytSFh7wOmDQKDC%2FTeNJx9a6AnJOIAmwG5yLbrI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9e26ed2f8c35-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
mandy-moore-at-jimmy-kimmel-live-02-22-2022-3_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/mandy-moore-at-jimmy-kimmel-live-02-22-2022-3_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22059bd6a4ef367203dac63da10273128555834feca1a1df0478ceba110ccbdb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22644
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40475
last-modified
Thu, 24 Feb 2022 20:23:39 GMT
server
cloudflare
etag
"6217e94b-9e1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwcbBQ9Tqy3hucL6learogvBucWjWYEMHnycaUnAjWw3nhWXKU1pspmPXE9zdWyR8pPodP%2FANIAT6GZq7O8KnObLNP%2FreqPAg3itO0bcy7oAamxPPdGk1ms3C3mzm4O%2FgqiY5unGOy5d2pWNgADoGpM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9e26ed308c35-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
anja-rubik-and-alexandra-agoston-in-elle-magazine-france-february-2022-60_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/anja-rubik-and-alexandra-agoston-in-elle-magazine-france-february-2022-60_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2fb8432db997e3cc839797f5f5a3b6c7d27874c4bbab47720cebc452612b75a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23886
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80288
last-modified
Thu, 24 Feb 2022 19:59:30 GMT
server
cloudflare
etag
"6217e3a2-139a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ce83MdQVA6G1V5vZeAYEZ8v1JrTAlWgBLWd9QFB3ejxm4kUjujDyDrOngpaQ2KyrBrESLX2QYCH9n2DX5G1dPUaDrAIhynmNy3W6I8Ql8YsomTWdxcOTpAN3kcBrABrs2b94v0Tzef0uOqCX8tYliA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9e26ed328c35-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
rita-ora-in-fendi-out-and-about-in-milan-02-23-2022-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/rita-ora-in-fendi-out-and-about-in-milan-02-23-2022-6_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
192d72042d251a1635bef0af51fe4d9a83be4344e68828894d3da538143af358

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31631
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43044
last-modified
Thu, 24 Feb 2022 17:57:23 GMT
server
cloudflare
etag
"6217c703-a824"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYvS%2FYPjBZSpqbLh1rwSQlPtEyyNGWAaXA7ndtPmsQbuT09F4ErHIdbCCAskiKh4IO69wU7zeQy7jq0%2FL7PS47pV5oDoc%2BIzZJAH6TOKQf%2B%2FKS1ik%2B1P4Ch3xvVJxiO4%2F91Ex8t6Eho6vck1P7rh5Qg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9e26ed358c35-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
rita-ora-out-in-milan-02-23-2022-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/rita-ora-out-in-milan-02-23-2022-6_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f58a4cb0962b0485bd2fc3d4f9d8435fc2ec7c1dfd2cd9e8953c17fce0e6d65b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31897
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68444
last-modified
Thu, 24 Feb 2022 17:56:25 GMT
server
cloudflare
etag
"6217c6c9-10b5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vF7NqLLuMbf9e7dIHpAuZkgQclQlGSCKYc396IUKmYpeNPXA8yH54WiIPGyLzoSyKUJ7HdkSnknKsfbrIjvMKAGlOLwbK3azXX1na3qw6B3LgDkRk%2FLE27dug3Jjl5eCQHPqrdO%2FcDiaGKKOUNr4raI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9e26ed368c35-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
doona-bae-for-w-magazine-korea-february-march-2022-8_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/doona-bae-for-w-magazine-korea-february-march-2022-8_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4af3eb81151bd55414c67ecc463dc62bf30ca07d457c4b278c5769f111cd8212

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32383
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59794
last-modified
Thu, 24 Feb 2022 17:24:29 GMT
server
cloudflare
etag
"6217bf4d-e992"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYz6JKHp8jd5FsGKOgyUmcl%2BE57MT5C7EA90W9lMxX68AnyththaK1akW2gBDJuR7KRc2iQXyDPBexknyi%2BbOnirRKkBp3DjriJcRC1vS5apFC1EijnE4bWY809Mu%2B7oOTEjxZxf68Tj%2FvxKvcCvb60%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9e26ed388c35-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
taylor-swift-the-story-of-taylor-swift-1st-edition-2022-129_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/taylor-swift-the-story-of-taylor-swift-1st-edition-2022-129_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
510fb058fcdad3f92be54dba28f7aab43763c46965dc12688d3687884bf01ad1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32383
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
90593
last-modified
Thu, 24 Feb 2022 17:24:06 GMT
server
cloudflare
etag
"6217bf36-161e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIVARXgxA%2FvLFydMtXJqb374SCxn1DsPM3HrXFQXq9bBRvScr2WUBGW119JuRGSEjwt%2F0AiJK5mwrxY6djQkyDFHQ7LnJdJTQKHjsdu1LMNflEAVtYKOus2HF4R946Q1pRA2o0y6TFdo%2FZLRWXHa3P0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9e26ed398c35-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
kendall-jenner-for-i-d-magazine-the-out-of-body-issue-spring-2022-11_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/kendall-jenner-for-i-d-magazine-the-out-of-body-issue-spring-2022-11_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed32d7e02ff9ac490a517398da4808e389f81e47f62d316b8655ea23f306fc99

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32383
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40769
last-modified
Thu, 24 Feb 2022 17:17:36 GMT
server
cloudflare
etag
"6217bdb0-9f41"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jxfdVlR4vTHbcCPhcEsFuOQLEG9UePtxPYECus9N80o9tABM9xBgC%2Fjnib6a0qepKkZ9u0g5s6ImX%2FYQ0lip9pe5gg%2BWgltN6uN6nW8cxN38FUL3EmK4uh8fK9HfZmA9Jjv42Hn7IBQb35sq8pQzuM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9e26ed3d8c35-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
hunter-schafer-for-i-d-magazine-tthe-out-of-body-issue-spring-2022-12_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/hunter-schafer-for-i-d-magazine-tthe-out-of-body-issue-spring-2022-12_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d706d25e236ad9a2a39f53eaf7308ca57eccd735cb47713211f497b699bb0f9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32383
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32556
last-modified
Thu, 24 Feb 2022 17:16:56 GMT
server
cloudflare
etag
"6217bd88-7f2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQHe94YwTHrO%2BFmM1Q94Ai4cUEs7FvHh8s19kxWp0ecAjylY%2FyWpSxCX2NGSvyEgYumo9bfN8jsjWAM3sa%2FH1FqpFjZyC9FznimD0l5rO8RmE4Neu7OpAXhS4w6hmUny1oKgfKpbtWqd3fWQwP6z6lQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9e26ed3f8c35-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
rocket-loader.min.js
www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Feb 2022 13:46:32 GMT
server
cloudflare
etag
W/"620d0038-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FvhMrkqkfEUkciJYOzARHUfF5fzZDF5V8%2FR9bipjG5NAkjBu6RVS%2FKtbYUvVO%2B4j7ebkNg%2BAz4gbLemuMqQP4E5k7aaLgid%2FVH1SBqnjpYE3wK7oS3ElqUIVZbzOJFeIQE2Ry6WBy6pJW9I7FnsqbI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e2d9e26fd4b8c35-EWR
vary
Accept-Encoding
expires
Sun, 27 Feb 2022 02:48:58 GMT
c.js
waust.at/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waust.at/c.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2841
last-modified
Mon, 03 May 2021 17:48:39 GMT
server
cloudflare
etag
W/"60903777-2f8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wm%2Bx5vdKkXmIJ0CDErGBck7VcrELRpkkhkYIyEyiffKAFQPyirubXPYXJ42qsuVpBVNx4hL2A9OAZBUrj3HfGpeXjxIrpDiPW3OhYH%2FMORRhInA6sgEjRcguncKq2CWuVezEpEiU"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
6e2d9e274f148c78-EWR
expires
Sat, 26 Feb 2022 02:01:37 GMT
outbrain.js
widgets.outbrain.com/ 		197 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.69.74 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-69-74.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7b022209dca27cb6ddb86db6084e55463be926e659da9af7ca963cc62b90ee62

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 15:30:31 GMT
etag
"16-HTGW4KaQtybKTClBILkQ+s/vzwk"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
38f189e8360ddaed9a56fa13e28b391
timing-allow-origin
*, *
content-length
69336
inpageLoader.js
bid.underdog.media/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/inpageLoader.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:d400:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0372c58d2c88c2c3829721f2efa381e47d42bd26588518d8b3b511e3054ea07

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 08:06:35 GMT
via
1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jan 2022 18:16:12 GMT
server
AmazonS3
age
67344
etag
"b049a7622877bb27cb55c1121cb9e23c"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-length
1337
x-amz-cf-id
4iiU2WxaNSR9NlzCTQoWw_fdKTVJ473Auo8-zYxm95tnS8stYZCHcA==
/
services.vlitag.com/adv1/ 		951 B
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
207d33ad1bb56e5f179915ff897171b23f1f9dd516bc9f68a7acce263b6a8105

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 25 Feb 2022 02:48:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
6e2d9e273eb78c2f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
on, 01 Jan 1970 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-10995097-8
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b2051c1290e79e112a6a529a27908bded312d845bc47062cdcc19c2d2903623
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37449
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 00:13:24 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 25 Feb 2022 02:48:58 GMT
jquery.js
www.hawtcelebs.com/wp-content/themes/hawtceleb/js/ 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/js/jquery.js?ver=1.0.0
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5513494
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 10 Jun 2019 11:28:48 GMT
server
cloudflare
etag
W/"5cfe3ef0-17a62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jlRBAvw8nvZswq10zl2%2BOFkfBPSrJpZRGTHtAACeHJdmU11unBgTU8WDsG%2BVvb0J7aGjImJQ9e%2BN%2Bz1n0zP3BWgIO7n0CeXzfXBgQ6AgK56rDDbvYTFmiJf00Zo%2FdUopMkTBJcsB8w4HqsLWG8GhUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6e2d9e2719e88c6c-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon.ttf
www.hawtcelebs.com/wp-content/themes/hawtceleb/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/fonts/icon.ttf?zf3xc5
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=5.8.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bee4c3ddceefb6558b86e3d6bbe40326f6d67e1b0b535eb6949d570e7630d82d

Request headers

Referer
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=5.8.3
Origin
https://www.hawtcelebs.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6317
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14224
last-modified
Mon, 10 Jun 2019 08:38:45 GMT
server
cloudflare
etag
"5cfe1715-3790"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvuvZkUfxDPg9elVdk8TLMsfL1951Nf7AFzq48gz0GB1I4Pco9bkP4OR0ApOq6BI7d3QEmcJOQN3rmqFQk4n4u6Yrfu%2FgsSPVV84UXMye%2B6UjzSndUgLs2reKmxOcM2vZk1VNx%2FOhA7qADk4ieMyOUc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6e2d9e2729fc8c6c-EWR
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%2C700i&ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hawtcelebs.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 14:45:22 GMT
x-content-type-options
nosniff
age
216216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Feb 2023 14:45:22 GMT
impl.v14.0.0.js
live.demand.supply/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v14.0.0.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FTP7CEDRDN27J4J2XR1FTBQE
date
Fri, 25 Feb 2022 02:48:58 GMT
content-encoding
br
cf-cache-status
HIT
age
2186402
cf-polished
origSize=79681
cf-ray
6e2d9e28591eefc4-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"ce85a984a9876904f1c4ef475c2ab350-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
d3d3Lmhhd3RjZWxlYnMuY29tLw==
live.demand.supply/p4/v14-0-0/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v14-0-0/d3d3Lmhhd3RjZWxlYnMuY29tLw==
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e31aa0ee8ca4361c0674619afabed0e76686039c28ee7ed4c9df9da684a3269

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6e2d9e285921efc4-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=202&cs=c&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:58 GMT
cf-cache-status
HIT
age
328897
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e2858cb8c8f-EWR
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
412f1a773291ff4ddce3d85be4506ddfbfdb2164db98763402cf2383b2c81b3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53819
x-xss-protection
0
server
cafe
etag
15021421177826793842
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 25 Feb 2022 02:48:58 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
8321491ca30f3dd333cccaff3e07de40f4a7ae05720f4a201efc320213b42585
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27414
x-xss-protection
0
server
sffe
etag
"1142 / 868 of 1000 / last-modified: 1645743901"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 25 Feb 2022 02:48:58 GMT
ds.2.html
live.demand.supply/ 		413 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FQK3609SN5JFN4A0F2RFRWV4
date
Fri, 25 Feb 2022 02:48:58 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
timing-allow-origin
*
age
327513
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
6e2d9e2858ca8c8f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pubads_impl_2022021701.js
securepubads.g.doubleclick.net/gpt/ 		363 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 21:56:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103959
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124510
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 09:34:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Feb 2023 21:56:19 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		401 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.hawtcelebs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
2612f99fcc82f68d2c0db67b389ad59c7e25d28e5c7865118724bb0da519f1b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
179
x-xss-protection
0
expires
Fri, 25 Feb 2022 02:48:59 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/ Frame A7E4 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Thu, 24 Feb 2022 04:10:58 GMT
expires
Thu, 10 Mar 2022 04:10:58 GMT
cache-control
public, max-age=1209600
etag
4044455266028820542
content-type
text/html; charset=UTF-8
age
81481
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hawtcelebs.com_responsive_h_archive-3
api.demand.supply/v14-0-0/a/ 		314 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/hawtcelebs.com_responsive_h_archive-3?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54bd9e1ff75e928d885b41f680efd1ebf427f1ab716ef054b3dab9741b8e8d99

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
6374
etag
W/"13a-jVPJYgW8F+eeh3Fq3ySerDEMONw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6e2d9e291e8a17a5-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_native_multi_native_home_7
api.demand.supply/v14-0-0/a/ 		318 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/hawtcelebs.com_native_multi_native_home_7?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c95abcc3b3b083dba8c06e98b890c137477b47fc38da3f2146f712877f4af29

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
6374
etag
W/"13e-feadtAWlK9OrD1wE9gw6RZGtpR8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6e2d9e291e8d17a5-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_native_multi_native_under_related
api.demand.supply/v14-0-0/a/ 		318 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/hawtcelebs.com_native_multi_native_under_related?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
463d7ba54dcd6fb08d1cafa7e420401aeeeb269950986521c3605e0ec6dfc318

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
6374
etag
W/"13e-ad0cOvAkCyT7VtMi6MgOWTD4rjA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6e2d9e291e8e17a5-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_300x250_desno300x250
api.demand.supply/v14-0-0/a/ 		310 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/hawtcelebs.com_300x250_desno300x250?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ea8618309c215bd7f95d8c07891c60bcc36fe0b4262a4a1f323ae3ab8ecffbb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
4232
etag
W/"136-tsVmVDwt8N/Ic0FlpryveD3zMx8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6e2d9e291e9117a5-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_300x600_hawt600
api.demand.supply/v14-0-0/a/ 		318 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/hawtcelebs.com_300x600_hawt600?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f404bc24d3c7e2e7d810748a74672c6ebfbb16c07ea6df813ebd0240a74f1026

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
4233
etag
W/"13e-so3yfs/b92Qsn3um/lRp1x9mp3Y"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6e2d9e291e9317a5-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_160x600_hawt160
api.demand.supply/v14-0-0/a/ 		310 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/hawtcelebs.com_160x600_hawt160?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c68383395f4281743e04802b24c0499e6fc64c619594031ec21325ec37fce1e1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1720
etag
W/"136-oYCDrCvNPVBOrBlQO+tyDqPqIiU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6e2d9e291e9417a5-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_responsive_h_hawtfuterreshor
api.demand.supply/v14-0-0/a/ 		305 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/hawtcelebs.com_responsive_h_hawtfuterreshor?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f64fc7b1420b65cc4820a5fa115d93ffdfe6eb471cc27811806df52dcc52afc2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
4232
etag
W/"131-olaW3NL8KqzAB8oxHNHtDAFhxEw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6e2d9e291e9617a5-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3853938541929479&correlator=69537647347058&output=ldjh&impl=fif&eid=31065287&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C05d68e4b-c539-4fe7-b7a0-36adfe74d624&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ti%3D865488bb-8c8c-4b61-8ad6-a294019cea83%26interstitials-bid%3D10%26bid-p%3Dgoogle%26bsc%3D96&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1645757339080&lmt=1645757339&dlt=1645757338682&idt=362&frm=20&biw=1600&bih=1200&oid=2&adks=3396334874&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1278589249.1645757339&ga_sid=1645757339&ga_hid=1632879046&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
11bb6ccb94530e57cc55a82036ad324682ecd5172e024026b7ab7336c91ed8b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
584
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 35AA 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 25 Feb 2022 02:48:59 GMT
expires
Sat, 25 Feb 2023 02:48:59 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2022021701.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022021701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
24a5dd0b54c65548d322ceb3ba5e3e6715024a9bad53e499a0e4471c1674b516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 19:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25316
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13446
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 09:34:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 24 Feb 2023 19:47:03 GMT
hawtcelebs.com_300x600_hawt600
live.demand.supply/cp/ 		27 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_300x600_hawt600?mlos=wi&mlbr=ch&mlla=en&mlbs=96&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d693011b73bd4873129478bd4739611deeb73fc078e1b419671ca79bed7f43c4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6e2d9e296be18c8f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27
hawtcelebs.com_responsive_h_hawtfuterreshor
live.demand.supply/cp/ 		27 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_responsive_h_hawtfuterreshor?mlos=wi&mlbr=ch&mlla=en&mlbs=96&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52ef4b4884819470da9d791a8c60d8038f7743b03270cd54b580c046e74f0f90

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6e2d9e297be58c8f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27
hawtcelebs.com_160x600_hawt160
live.demand.supply/cp/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_160x600_hawt160?mlos=wi&mlbr=ch&mlla=en&mlbs=96&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6e2d9e297bec8c8f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_300x250_desno300x250
live.demand.supply/cp/ 		25 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_300x250_desno300x250?mlos=wi&mlbr=ch&mlla=en&mlbs=96&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5adf9d2de11133d77aee364c852880035d649b790bc8a84a62ef6ad371b2bc54

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6e2d9e297bf38c8f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25
hawtcelebs.com_responsive_h_archive-3
live.demand.supply/cp/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_responsive_h_archive-3?mlos=wi&mlbr=ch&mlla=en&mlbs=96&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6e2d9e297bf48c8f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_native_multi_native_home_7
live.demand.supply/cp/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_native_multi_native_home_7?mlos=wi&mlbr=ch&mlla=en&mlbs=96&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6e2d9e297bf58c8f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_native_multi_native_under_related
live.demand.supply/cp/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_native_multi_native_under_related?mlos=wi&mlbr=ch&mlla=en&mlbs=96&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6e2d9e297bf98c8f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
config.js
confiant-integrations.global.ssl.fastly.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/ 		96 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/config.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f966917b5ee6a4cb021842cc04c5bf8ae2e4ad1749fc8b6d6725c8f31b824a3c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:59 GMT
Content-Encoding
gzip
Age
869
X-Cache
HIT
Connection
keep-alive
Content-Length
21525
x-amz-id-2
Ust5RmHoKn6EhWlYpcCWU1ajlqSoUhneZKEAEFQf+Tu+vAB6EwA8Rtox3wtQ3gfIG2Hb7B01Sak=
X-Served-By
cache-lga21957-LGA
Last-Modified
Fri, 25 Feb 2022 01:45:59 GMT
Server
AmazonS3
X-Timer
S1645757339.328763,VS0,VE0
ETag
"31a88d8cc7ce060ac1e7fa117b7f3e24"
x-amz-request-id
37S5ZV8FBBAFF168
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
13
udm-r3_Tue_2_22_13_17_31_2022.js
bid.underdog.media/ 		565 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:d400:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b571d25d3df8cf39b61b15c3a1d5f897fad2bbe0d2ada8e44bd7807f62cca6a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:38:43 GMT
content-encoding
gzip
last-modified
Tue, 22 Feb 2022 21:17:34 GMT
server
AmazonS3
age
191417
etag
"19a3c3261fe7318334c3d113cba49d11"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-length
173662
x-amz-cf-id
goYU_ACP0E7yxLVcn01K9mDe1BV5bJF3JKXucpyw-IwazVHgKJ7uRw==
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
gzip
etag
"yoD6mq4JTyPdtDBolW+GUg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Fri, 04 Mar 2022 02:48:59 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.06320343
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.06320343
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=6237531769661368453;cb=0.06320343
43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;apnid=6237531769661368453;cb=0.06320343
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:59 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:59 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
7d4331ab-1676-48e8-a8a0-2223098583a4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://udmserve.net/udm/fetch.pix?dt=1;apnid=6237531769661368453;cb=0.06320343
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OERENjNENDUtMDk4Ri00QkExLUIyRDUtOUVBREE1NDZCQjM5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D8DD63D45-098F-4BA1-B2D5-9EADA546BB39;cb=0.06320343
  • https://udmserve.net/udm/fetch.pix?pmid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39;cb=0.06320343
43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?pmid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39;cb=0.06320343
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:59 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://udmserve.net/udm/fetch.pix?pmid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39;cb=0.06320343
date
Fri, 25 Feb 2022 02:48:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]%3Bcb%3D0.06320343
  • https://udmserve.net/udm/fetch.pix?dt=1;sncr=7A8646F843FF4D139B6FFA938E055A12;cb=0.06320343
43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;sncr=7A8646F843FF4D139B6FFA938E055A12;cb=0.06320343
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:59 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Fri, 25 Feb 2022 02:48:59 GMT
via
1.1 varnish
server
nginx
age
0
location
https://udmserve.net/udm/fetch.pix?dt=1;sncr=7A8646F843FF4D139B6FFA938E055A12;cb=0.06320343
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.hawtcelebs.com/
access-control-allow-credentials
true
x-varnish
884646135
content-length
0
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_auto_interstitial_desktop&e=nai&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:59 GMT
cf-cache-status
HIT
age
328898
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e2b2fd88c8f-EWR
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3853938541929479&correlator=3536790515428925&output=ldjh&impl=fif&eid=31065287&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C542ffbc7-3cd8-4f42-9269-0fd2787d1ee3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ti%3D865488bb-8c8c-4b61-8ad6-a294019cea83%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D96&eri=1&cookie=ID%3D50a014306ce78c7e-22651df1cc7b0061%3AT%3D1645757339%3AS%3DALNI_MYKxhRO77OF0idnWS9abNZhF-uvQQ&bc=31&abxe=1&dt=1645757339386&lmt=1645757339&dlt=1645757338682&idt=362&frm=20&biw=1600&bih=1200&oid=2&adks=4148235607&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1278589249.1645757339&ga_sid=1645757339&ga_hid=1632879046&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
025d769928013f2d6dd69361ff063c9ca4c97c665668f6ed648f075f6744f563
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
579
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid/202202240953/ 		99 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/prebid/202202240953/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35530b21c29b86afd82885ca3ea2152eb41eeb8e15c953bb2dd3cf3460e2fef5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:59 GMT
Content-Encoding
gzip
Age
159
X-Cache
HIT
Connection
keep-alive
Content-Length
32475
x-amz-id-2
1jw2VQzxrKFMbOnDB6DX3lkDfRLiey7E7zIeelOeAIMBTIyL1QhdiKoF2bGrl45IY+eKvd37a2A=
X-Served-By
cache-lga21957-LGA
Last-Modified
Thu, 24 Feb 2022 14:54:19 GMT
Server
AmazonS3
X-Timer
S1645757339.398134,VS0,VE0
ETag
"5229cf205ddecc0610bd7aba154b6f2d"
x-amz-request-id
E2TK1WQNWGQKE556
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
4
rules-p-effSsmMYCbAck.js
rules.quantcount.com/ 		3 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:4c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 22:33:57 GMT
via
1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
age
15303
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 21:04:20 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
FrITrJOdThq1M2J38BDztWKIkl1LUK_Hl5iz2dqbmAEU5rhHBw_IeQ==
rules-p-Pz67dCqdsHfxh.js
rules.quantcount.com/ 		147 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:4c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:03:55 GMT
via
1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
age
2705
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
147
last-modified
Tue, 27 Apr 2021 19:10:31 GMT
server
AmazonS3
etag
"f7c84b69d3abe411fbfc06992543fbe2"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
IxHJH5QVTNaHBUnqO6rxUDPV6DZGJvhVDY-idlZRNQko5SHmrYB3hg==
pixel;r=2145955257;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=1;fpa=P0-723989532-1645757339443;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=hawtc...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2145955257;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=1;fpa=P0-723989532-1645757339443;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=hawtcelebs.com;je=0;sr=1600x1200x24;dst=0;et=1645757339443;tzo=0;ogl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=896671939;labels=edge.1%2Csid.14863;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=0;fpa=P0-723989532-1645757339443;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-2022020118332...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=896671939;labels=edge.1%2Csid.14863;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=0;fpa=P0-723989532-1645757339443;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=hawtcelebs.com;je=0;sr=1600x1200x24;dst=0;et=1645757339445;tzo=0;ogl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_300x600_hawt600&pdc=-1.3995912551879883&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:59 GMT
cf-cache-status
HIT
age
328898
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e2b98e08c8f-EWR
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		87 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3853938541929479&correlator=404090476187572&output=ldjh&impl=fif&eid=31065287&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C120e6fb9-b7ae-46f4-9a5a-75588a0f4977&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&prev_scp=ti%3D865488bb-8c8c-4b61-8ad6-a294019cea83%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D96&eri=1&cookie=ID%3D50a014306ce78c7e-22651df1cc7b0061%3AT%3D1645757339%3AS%3DALNI_MYKxhRO77OF0idnWS9abNZhF-uvQQ&bc=31&abxe=1&dt=1645757339455&lmt=1645757339&dlt=1645757338682&idt=362&frm=20&biw=1600&bih=1200&oid=2&adxs=1029&adys=760&adks=3161547873&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1278589249.1645757339&ga_sid=1645757339&ga_hid=1632879046&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
ac7f5848ea945363f6a99e872edbe5efa92dd432372c2bd68a21d4db4f269f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37250
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_auto_interstitial_desktop&e=nai&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:59 GMT
cf-cache-status
HIT
age
328898
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e2c6ad88c8f-EWR
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		944 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3853938541929479&correlator=716100532925135&output=ldjh&impl=fif&eid=31065287&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C42d64542-ad30-45c9-9859-6b93dc8b1e0c&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ti%3D865488bb-8c8c-4b61-8ad6-a294019cea83%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D96&eri=1&cookie=ID%3D50a014306ce78c7e%3AT%3D1645757339%3AS%3DALNI_MZcaxinGW6ddiT1C2YI_LpSCXkWmA&bc=31&abxe=1&dt=1645757339586&lmt=1645757339&dlt=1645757338682&idt=362&frm=20&biw=1600&bih=1200&oid=2&adks=1978351858&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1278589249.1645757339&ga_sid=1645757339&ga_hid=1632879046&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
7f39b006732abf14e1ddcb4217c813b7f41cd61644760248450ba9810d5c9793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
526
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
choice.js
quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/choice.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:e000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
747e8f5454d77ac3ee2339c3490cb7b805d59d7fedd4cc0682ae6ed9c33b7d25

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 25 Feb 2022 02:48:43 GMT
content-encoding
gzip
last-modified
Tue, 09 Feb 2021 19:08:19 GMT
server
AmazonS3
age
48
etag
W/"9de17307c4f74768ad3438dca5916747"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9ded77b3c7d35f54d8f10a70f8717c86.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
pA1sJRgUhlNdsYUu8MTPOb_s8DYbB9GTBv8HUgwmeyHF9-7Wv4NrTw==
/
services.vlitag.com/uv/ 		12 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fwww.hawtcelebs.com%2F&mtk=78
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bd89d0776acdb8565abd79559d140909e68570f7d74a6f0141d21aed4122f4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:59 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 25 Feb 2022 02:48:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
6e2d9e2d1bda18b1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
on, 01 Jan 1970 00:00:00 GMT
036e05035cbef88431e89138f2969605.js
tag.vlitag.com/v1/1645695160/ 		517 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/v1/1645695160/036e05035cbef88431e89138f2969605.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88a1c45bf18eb251b2cc58cd55a9a08e409a733f304e547504531fd0caf9b78b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Feb 2022 09:32:44 GMT
server
cloudflare
age
61672
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
6e2d9e2d1cc48c2f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-bgj
minify
d3d3Lmhhd3RjZWxlYnMuY29t
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3Lmhhd3RjZWxlYnMuY29t
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.205.171 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-205-171.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:59 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=26837
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
d27a214bfc8827e5a762651aebae5447
Content-Length
15
Expires
Fri, 25 Feb 2022 10:16:16 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=5.192262278010128
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.69.74 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-69-74.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sun, 27 Mar 2022 02:48:59 GMT
underdog
underdog.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://underdog.technoratimedia.com/openrtb/bids/underdog?src=prebid_prebid_6.8.0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 25 Feb 2022 02:48:59 GMT
access-control-allow-headers
content-type
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
890964232
age
0
via
1.1 varnish
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
img.fetch
udmserve.net/udm/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=17047;tid=1;ev=1;dt=8;
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/inpageLoader.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:59 GMT
Connection
Keep-Alive
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length
1
Content-Type
application/x-javascript
outbrain.js
widgets.outbrain.com/ 		197 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.69.74 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-69-74.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7b022209dca27cb6ddb86db6084e55463be926e659da9af7ca963cc62b90ee62

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 15:30:31 GMT
etag
"16-HTGW4KaQtybKTClBILkQ+s/vzwk"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
38f189e8360ddaed9a56fa13e28b391
timing-allow-origin
*, *
content-length
69336
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:41:53 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.122.0/26
etag
"-375139978"
x-cacheable
Matched cache
content-type
application/javascript; charset=UTF-8
x-cdn-pop
bhs
accept-ranges
bytes
content-length
4364
x-request-id
743768643
e.js
live.demand.supply/x/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FNYKY797TTYDF53H2H4D6FE9
date
Fri, 25 Feb 2022 02:48:59 GMT
cf-cache-status
HIT
age
739476
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e2d4d398c8f-EWR
rrv7.js
bid.underdog.media/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/rrv7.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:d400:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc50d017b2657878ca200cfbdf8ad6ddcdfd1021b0cf19d97c9fb231eec0aabb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 01:42:33 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 01:30:04 GMT
server
AmazonS3
age
3987
etag
"f1bea9931ab3e67e6ef34a5113a5c957"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-length
3125
x-amz-cf-id
drV346CHnyHTPOExxeuCHjse-AwmN2_FFknIscnD4Ld0zW4dd9F3dg==
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b44a2065d&cmd=bid&reserve=0.17045454545454547&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a360ecb5f4288cf1c5d9e25b4b5182e4f8cbb9f5caeea43fa01d599353a39d18

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b44a2065d&cmd=bid&reserve=0.17045454545454547&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
d6b315727c7ca179e83f91c70a5691dccaa1917e49e10faac6515a97f4eac966

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b44a2065d&cmd=bid&reserve=0.17045454545454547&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
79d50455fb41645b17b895b04c9cbfc9deb7fc5bedadf9b123423620fad7fa1d

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b44a2065d&cmd=bid&reserve=0.17045454545454547&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6a3aa081cdedc9aef146ec566607da90f7bb8583a12f1481eb0080770596c1bb

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b4373065c&cmd=bid&reserve=0.10227272727272727&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f4f4eb3b98700098e9662e25c2311381f17972a94b26b6b10049f10a6b5ac79a

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b4373065c&cmd=bid&reserve=0.10227272727272727&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6f5a1a91759e326c97c93404cd3f5f1daa4a7774d16030ad42c5ffecee866064

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b4373065c&cmd=bid&reserve=0.10227272727272727&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
84eff49a5e13a18f054ee34ae8ce5f72ed1f05736e178e30996234c9c9e1179f

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b4373065c&cmd=bid&reserve=0.10227272727272727&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
8d83315ecdfd92792644084ad370ade20f656aea95e58ab50e9660d1042836ef

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b45d1065e&cmd=bid&reserve=0.2159090909090909&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ad647311ca1eaf1b41cd67d8aeca69f56fc0fa04db1fa9b1ebf7f2eef778b21f

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b45d1065e&cmd=bid&reserve=0.2159090909090909&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
d42ee807ae5886e1e6dd351d4e32c2dfe003a4269bb7f3b2e56186c50b750802

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b45d1065e&cmd=bid&reserve=0.2159090909090909&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
d6ca34068fded7fe5f27047164904bcaf45f770abab14ee45dda46aa3100732c

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b45d1065e&cmd=bid&reserve=0.2159090909090909&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ada1bda531825e62f337a98c89ee48f3449519da438cab9e5e34106dc9281567

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9690ec017574ff17bd043f82f90029&cmd=bid&reserve=0.13636363636363635&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
4e9c7d1ecf6a109445a6328d5d1dd4511e9fa995826e51832a0686d929e89cf9

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/ 		19 B
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:59 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
ee2b9bb4-543b-4db8-a183-610bc7f23dce
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222563a3dfb32e757%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09574468085106383%7Cgpid%3Dslider-middle-728x90%22%2C%2226ce4d925edca9%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09574468085106383%7Cgpid%3Dslider-middle-728x90%22%2C%22272dd10d007e2c5%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09574468085106383%7Cgpid%3Dslider-middle-728x90%22%2C%22285f222b797d8bc%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09574468085106383%7Cgpid%3Dslider-middle-728x90%22%2C%222943b54c628ca6e%22%3A%229deebb29fccb6ed4404b%7C300x250%7Cf%3D0.15957446808510642%7Cgpid%3Dslider-300x250%22%2C%2230247a0671dade6%22%3A%229deebb29fccb6ed4404b%7C300x250%7Cf%3D0.15957446808510642%7Cgpid%3Dslider-300x250%22%2C%223162f53a0a7487e%22%3A%229deebb29fccb6ed4404b%7C300x250%7Cf%3D0.15957446808510642%7Cgpid%3Dslider-300x250%22%2C%2232848fdd8401854%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09574468085106383%7Cgpid%3Dslider-160x600%22%2C%22339f2d8af2ae3cc%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09574468085106383%7Cgpid%3Dslider-160x600%22%2C%22349d88d70c551b1%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09574468085106383%7Cgpid%3Dslider-160x600%22%2C%2235a746774bc6578%22%3A%220d87928a8bc3efbc3e5b%7C300x600%7Cf%3D0.2021276595744681%7Cgpid%3Dslider-300x600%22%2C%2236cf0097eb9c55c%22%3A%220d87928a8bc3efbc3e5b%7C300x600%7Cf%3D0.2021276595744681%7Cgpid%3Dslider-300x600%22%7D&ref=https%3A%2F%2Fwww.hawtcelebs.com%2F&s=de6f10fb-6fb9-41b4-a317-97045aa395d6&pv=3236e3bd-6d5e-42a8-9db2-480a004e8d9d&vp=desktop&lib_name=prebid&lib_v=6.8.0&us=5&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22udmserve.net%22%2C%22sid%22%3A%222993%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
9da34d6db71214689ca95a9a96f749837b12210ada3ee189f6c3be3b39e28831
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-51
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-type
application/json
content-length
599
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
hb.emxdgt.com/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=4000&ts=1645757339777&src=pbjs
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.139.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-139-54.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:48:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
underdog
underdog.technoratimedia.com/openrtb/bids/ 		0
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdog.technoratimedia.com/openrtb/bids/underdog?src=prebid_prebid_6.8.0
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
764864437
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		471 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
4b5e8c9a2b1e57c126a12c3540c162f1c437b2dd04fcc2e4c7eb98ce9420a6e5

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
64
content-length
254
/
d.adroll.com/bid/prebid/ 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/bid/prebid/
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.138.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-138-186.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:48:59 GMT
access-control-allow-credentials
true
/
d.adroll.com/bid/prebid/ 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/bid/prebid/
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.138.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-138-186.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:48:59 GMT
access-control-allow-credentials
true
/
d.adroll.com/bid/prebid/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/bid/prebid/
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.138.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-138-186.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:48:59 GMT
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a0575405af6392e4d5b391c9f11f700ffc520249f359115f394d655365038249

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b716147e40d4ace2c98895e898a4ce515351e63ca46ca398f7bfbfb5e097d8b4

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
48f25d779fb9ba0d1c4882c6a8c6ea3f1afd2a89c409b756af3cc5b9f5431aab

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
1a84cc78ae16d15b4f0cc3f5e1b22e2559bae78dd758b8bf5b41d72cae82db13

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
192737645ce9eab86792449246c308223a4c13d17f4547a6c3b4c9da95122a7c

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
udmVideoPlayer-v1.1.7.js
bid.underdog.media/ 		605 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/udmVideoPlayer-v1.1.7.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:d400:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf206364946a4616580cc7f337c0ca73dd6a5931cdc0cf40ae19f3e6a9656723

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 02:08:08 GMT
content-encoding
gzip
last-modified
Fri, 07 Jan 2022 23:26:26 GMT
server
AmazonS3
age
520852
etag
"0c1d7018c9a126c9e8354159d78f35be"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-length
154901
x-amz-cf-id
DQB5JgtFjuXFS8QZ2ztQpXgDqcfANc_gRNeTQG2pixFb2sY2Q8xzew==
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
860292101cb186d5f504d95f016f5ba9d06ed4ef6b5b79440bd4910034422dfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9802
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-10995097-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
480
date
Fri, 25 Feb 2022 02:40:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 25 Feb 2022 04:40:59 GMT
/
t.dtscout.com/i/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Requested by
Host: waust.at
URL: https://waust.at/c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163187.ip-51-89-99.eu
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4bb0795451923bc988ee4964fe3913874d542f2469d55b592c663fd4ac71f61a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:00 GMT
X-T
0.737
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
ger1
Expires
Fri, 25 Feb 2022 02:48:59 GMT
img.fetch
udmserve.net/udm/ 		18 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=14863;tid=23;ev=1;dt=6;refresh=2;cb=88a9c89ff82c302;product=reel
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
ae61b606eb5dd139b7dbc2ad1da5f212e512749eba8761812413eebba6964ffc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Expires
0
/
whos.amung.us/pingjs/ 		29 B
145 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=a9etg89wet&t=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures&c=c&x=https%3A%2F%2Fwww.hawtcelebs.com%2F&y=&a=0&d=0.816&v=27&r=8288
Requested by
Host: waust.at
URL: https://waust.at/c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.114.216 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
10f373948ecfb1642e618875cf238afe2581ac01d258e1aaef62dc07f68ff1ba

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
placement_invocation
ob.cheqzone.com/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.230.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-103.jfk51.r.cloudfront.net
Software
Caddy /
Resource Hash
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 22:59:24 GMT
content-encoding
gzip
server
Caddy
age
13775
etag
"bf83-flSXooGsmrmYNlxSK09toJAtNHc"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 2e87071abfb43f80383677f0ef761e82.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
JFK51-C1
content-length
18458
x-amz-cf-id
Ou5D1VPx0TyRD2_rbvrMzE4x9Ek43Zfsy2IeXyr-J2T4gAC2N_XJQw==
expires
Fri, 25 Feb 2022 10:59:24 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
gzip
etag
"yoD6mq4JTyPdtDBolW+GUg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Fri, 04 Mar 2022 02:48:59 GMT
rules-p-274pYeudnKvDs.js
rules.quantcount.com/ 		3 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-274pYeudnKvDs.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:4c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 13:20:23 GMT
via
1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
age
52301
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:47:21 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
Fk-znJsd8L69bVHAI3QBbLMzJLtS_nu07nv39tudtnceJVTT7eBW8A==
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		178 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:e000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c940fee5ad39ea1df9b32e3a42c2a73157198909a490c41413c734be32f0dd43

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:09 GMT
content-encoding
br
age
55
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Thu, 03 Feb 2022 15:12:50 GMT
server
AmazonS3
etag
W/"62616e8716094ada53fd255ae975ae47"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 9ded77b3c7d35f54d8f10a70f8717c86.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
PJcyR_-6dUABUO-Ad8nV27eRwBE2WdwoKv7rBErICC337FW8Th_98Q==
pixel;r=1946990997;source=choice;rf=3;a=p-274pYeudnKvDs;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=0;fpa=P0-723989532-1645757339443;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1946990997;source=choice;rf=3;a=p-274pYeudnKvDs;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=0;fpa=P0-723989532-1645757339443;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=hawtcelebs.com;je=0;sr=1600x1200x24;dst=0;et=1645757339825;tzo=0;ogl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:59 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
0.php
s4.histats.com/stats/ 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?1890596&@f16&@g1&@h1&@i1&@j1645757339837&@k0&@l1&@mHawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:142875777&@b3:1645757340&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.hawtcelebs.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.28 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns523448.ip-192-99-8.net
Software
/
Resource Hash
b62365c0d36597d3ddf6ba9fe48cb933adf7a74ba5cc2af31f20b3cd3f15f3c8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:59 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
prebid-6.10.0.js
assets.vlitag.com/prebid/default/ 		521 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1645695160/036e05035cbef88431e89138f2969605.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf557425d76a8c36ddb621c3de7eb8dd392709ab6f9352b4fb97ae380cb78adc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1804861
cf-polished
origSize=534024
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Fri, 04 Feb 2022 05:27:50 GMT
server
cloudflare
etag
W/"61fcb956-82608"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
6e2d9e2e6ffa8c2f-EWR
expires
Fri, 04 Feb 2022 05:57:58 GMT
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1645695160/036e05035cbef88431e89138f2969605.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d58cd320359d9912232cb2eef4041839394c9adcd04ac18fc3ca28caf8cca131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27839
x-xss-protection
0
server
sffe
etag
"1142 / 642 of 1000 / last-modified: 1645743960"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 25 Feb 2022 02:48:59 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1645695160/036e05035cbef88431e89138f2969605.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bc4b4e83d00a23ad6e7f8f9dc85067b7503c0a00814e02b02a20b3b0c8ddd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124251
x-xss-protection
0
expires
Fri, 25 Feb 2022 02:49:00 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1645695160/036e05035cbef88431e89138f2969605.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
156814
cf-ray
6e2d9e2e6ff98c2f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Tue, 18 Jan 2022 19:05:08 GMT
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_native_multi_native_under_related&ucv=005099&err=Unexpected%20end%20of%20JSON%20input&e=tce&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:59 GMT
cf-cache-status
HIT
age
328898
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e2e5fb48c8f-EWR
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_auto_interstitial_desktop&e=nai&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:59 GMT
cf-cache-status
HIT
age
328898
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e2e5fbc8c8f-EWR
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_responsive_h_hawtfuterreshor&pdc=0.43230533599853516&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:59 GMT
cf-cache-status
HIT
age
328898
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e2e5fc38c8f-EWR
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 02:48:59 GMT
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_300x250_desno300x250&pdc=1.594946098327637&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:59 GMT
cf-cache-status
HIT
age
328898
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e2e78108c8f-EWR
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_160x600_hawt160&ucv=005099&err=Unexpected%20end%20of%20JSON%20input&e=tce&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:49:00 GMT
cf-cache-status
HIT
age
328899
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e2ef92c8c8f-EWR
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1632879046&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hawtcelebs.com%2F&ul=en-us&de=UTF-8&dt=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1156938165&gjid=404448494&cid=1278589249.1645757339&tid=UA-10995097-8&_gid=663945219.1645757340&_r=1&gtm=2ou2n0&z=1610157656
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pix.gif
d1lax2pddqj38d.cloudfront.net/ Frame F3EC
Redirect Chain
  • https://udmserve.net/udm/img.fetch?sid=14863;tid=11;dt=7;p=1;rri=1645757339258_041248_5.181.234.158;mid=47740;zzz=1;version=inpage24-confiant;cb=0.38795850893710515;session=1;style=slider;vis=visib...
  • https://d1lax2pddqj38d.cloudfront.net/pix.gif
43 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1lax2pddqj38d.cloudfront.net/pix.gif
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Server
13.225.231.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-231-199.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 08:03:47 GMT
via
1.1 4ffd9afb636b7eb92e42cf2534136d50.cloudfront.net (CloudFront)
last-modified
Tue, 15 Feb 2011 23:10:42 GMT
server
AmazonS3
age
499514
etag
"325472601571f31e1bf00674c368d335"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=864000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-length
43
x-amz-cf-id
iRCfm5YoyCXbJ1oATG9xE7bqqAp21Q769W9leDBRnzFFP1UrcM4DKw==

Redirect headers

Location
https://d1lax2pddqj38d.cloudfront.net/pix.gif
Date
Fri, 25 Feb 2022 02:49:00 GMT
Content-Length
0
Content-Type
text/html
geoip
apis.quantcast.mgr.consensu.org/ 		49 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.quantcast.mgr.consensu.org/geoip
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.189.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-189-191.compute-1.amazonaws.com
Software
/
Resource Hash
1ea50329b826918b0b803777e2f5ac48a3570aa1f9c06bc92b6a1731ae37654a

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 25 Feb 2022 02:49:00 GMT
content-length
49
content-type
application/json; charset=utf-8
show_pla
obs.cheqzone.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=03919592029805250627905948276826846168211218900522576500609183167526&nc=0&tsf=0&tsfmi=&pv=0&cb=1645757340108&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=3312777366&at=&bid=e30%3D&di=W1siZWYiLDY1NDddLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImdvb2dsZSBpbmMu%0D%0AIChnb29nbGUpXCIsXCJyXCI6XCJhbmdsZSAoZ29vZ2xlLCB2dWxrYW4gMS4yLjAgKHN3aWZ0c2hh%0D%0AZGVyIGRldmljZSAoc3ViemVybykgKDB4MDAwMGMwZGUpKSwgc3dpZnRzaGFkZXIgZHJpdmVyLTUu%0D%0AMC4wKVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMu%0D%0AMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1%0D%0AbSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6OSxcIndnbFwiOjEsXCJncmVuXCI6XCJ3%0D%0AZWJraXQgd2ViZ2xcIixcInNlZlwiOjM1Nzc1Njc1NTgsXCJzZWNcIjpcIlwifSJdLFstMSwiLSJd%0D%0ALFstMiwiOCxlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVCSEpMODZMMjNBQ0dVaEJJ%0D%0Ad0lTU0VFQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yvcjg3MHV4cUZ4Il0sWy0z%0D%0ALCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2ll%0D%0AaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYs%0D%0AIntcIndcIjpbXCIwXCIsXCJjaHJvbWVcIixcIl9fcm9ja2V0TG9hZGVyRXZlbnRDdG9yXCIsXCJf%0D%0AX3JvY2tldExvYWRlckxvYWRQcm9ncmVzc1NpbXVsYXRvclwiLFwiX19jZlFSXCIsXCJkZW1hbmRT%0D%0AdXBwbHlTY1wiLFwiZGVtYW5kU3VwcGx5Q3JcIixcImRlbWFuZFN1cHBseVNyXCIsXCJob3VzZUFk%0D%0AQ2FtcGFpZ25zXCIsXCJkZW1hbmRTdXBwbHlUaVwiLFwiZGVtYW5kU3VwcGx5QXBcIixcImRlbWFu%0D%0AZFN1cHBseVRjXCIsXCJkZW1hbmRTdXBwbHlcIixcImRzcGJqc1wiLFwiX2FwcFwiLFwiZ29vZ2xl%0D%0AdGFnXCIsXCJnZ2VhY1wiLFwiZ29vZ2xlX2pzX3JlcG9ydGluZ19xdWV1ZVwiLFwiZ29vZ2xlX3Ny%0D%0AdFwiLFwiZ29vZ2xlX2xvZ2dpbmdfcXVldWVcIixcInRtb2RcIixcImdvb2dsZV9hZF9tb2RpZmlj%0D%0AYXRpb25zXCIsXCJnb29nbGVfbWVhc3VyZV9qc190aW1pbmdcIixcImdvb2dsZV9yZWFjdGl2ZV9h%0D%0AZHNfZ2xvYmFsX3N0YXRlXCIsXCJfZ2ZwX2FfXCIsXCJhZHNieWdvb2dsZVwiLFwiZ29vZ2xlX3Vz%0D%0AZXJfYWdlbnRfY2xpZW50X2hpbnRcIixcImdvb2dfcHZzaWRcIixcImdvb2dsZVRva2VuXCIsXCJn%0D%0Ab29nbGVJTVN0YXRlXCIsXCJwcm9jZXNzR29vZ2xlVG9rZW5cIixcImdvb2dsZV91bmlxdWVfaWRc%0D%0AIixcImdhR2xvYmFsXCIsXCJnb29nX3Nkcl9sXCIsXCJ1ZG1fYWRzX3F1ZXVlXCIsXCJ1ZG1fY29u%0D%0AZmlhbnRfaW5pdFwiLFwiY29uZmlhbnRcIixcInVkbV9lZGdlX2luaXRcIixcIl9xb3B0aW9uc1wi%0D%0ALFwiX3FldmVudHNcIixcInVkbV9yM0NodW5rXCIsXCJ1ZG1fcjNcIixcIl9wYmpzR2xvYmFsc1wi%0D%0ALFwiX19jb3JlLWpzX3NoYXJlZF9fXCIsXCJlbmRlZEhhbmRsZXJcIixcInVkbV9wcm9jZXNzX2Fk%0D%0Ac19xdWV1ZVwiLFwiZGVsZXRlX3VkbV9lZGdlXCIsXCJyZWxvYWRfdWRtX2VkZ2VcIixcInF1YW50%0D%0Ac2VydmVcIixcIl9fcWNcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0s%0D%0AWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9u%0D%0AXCJdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwie1wib1wiOjAuMDQ2MTUzODQ2MTUz%0D%0AODQ2MTU2fSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJd%0D%0ALFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYw%0D%0AMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIjEyNzg1ODkyNDku%0D%0AMTY0NTc1NzMzOSJdLFstMjEsImtBTFp1RFVKIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMs%0D%0AIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6Mjc2MDAwMDAsXCJ1amhz%0D%0AXCI6MjMxMDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCwxMCwwLFwiNGdcIixu%0D%0AdWxsXSJdLFstMjgsImVuLVVTIl0sWy0yOSwie1widlwiOlsyLDIsMiwyLDAsMCwwLDIsMCwyLDAs%0D%0AMiwwLDAsMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIs%0D%0AIjIiXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjQ1NzU3MzQwMTAwLDBdIl0sWy0zNiwi%0D%0AW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJjLC0xLC0xLDQw%0D%0ALDAsMCwwLDAsMTQsNzA5LDI2LDAsODczLDg3MywyMTg1LDIxODUiXSxbLTM5LCJbXCIyMDAzMDEw%0D%0AN1wiLDAsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4%0D%0ALGZhbHNlLG51bGwsMF0iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0s%0D%0AWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwi%0D%0ALSJdLFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93bixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4%0D%0ALCIwLDAiXSxbLTQ5LCItIl0sWyJibmNoIiw1NV1d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A451%2C%22y%22%3A1422%2C%22w%22%3A537%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=qGlGXUN00n&sdd=%7B%7D&pto=2194
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d01b96b00c5d72c6a073dcaa77c780ab3809f4f346f9f77885f4a505104948e2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
gzip
cache-control
no-cache, no-store, must-revalidate
content-type
text/javascript
content-length
1434
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_native_multi_native_home_7&ucv=005099&err=Unexpected%20end%20of%20JSON%20input&e=tce&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:49:00 GMT
cf-cache-status
HIT
age
328899
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e2fbb3f8c8f-EWR
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_responsive_h_archive-3&ucv=005099&err=Unexpected%20end%20of%20JSON%20input&e=tce&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:49:00 GMT
cf-cache-status
HIT
age
328899
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e2fcb498c8f-EWR
container.html
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2CF6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 25 Feb 2022 02:48:59 GMT
expires
Sat, 25 Feb 2023 02:48:59 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=hawtcelebs.com_300x600_hawt600&sy=aaeaab77-6889-46a7-8f18-d0f35f11edfb&ts=96&cd=2&pud=202&pus=c&pue=987&pid=53&pis=c&pie=1041&ppd=119&pps=a&ppe=1107&pad=82&pas=c&pae=1072&pcl=816&ttc=1189&tti=2225&ttif=0&lca=1107&lcak=ppe&lct=1107&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=300x600&mlbw=4g&mlcs=NaN&mltp=865488bb-8c8c-4b61-8ad6-a294019cea83&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:49:00 GMT
cf-cache-status
HIT
age
328899
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e2ffbdb8c8f-EWR
tc.js
cdn.tynt.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/tc.js
Requested by
Host: waust.at
URL: https://waust.at/c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 27 Aug 2021 20:58:45 GMT
server
cloudflare
age
107327
etag
W/"61295205-431d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6e2d9e302e891a38-EWR
expires
Mon, 28 Feb 2022 02:49:00 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/gif
collect
stats.g.doubleclick.net/j/ 		2 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-10995097-8&cid=1278589249.1645757339&jid=1156938165&gjid=404448494&_gid=663945219.1645757340&_u=YAhAAUAAAAAAAC~&z=1275466017
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1407::9c Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 25 Feb 2022 02:49:00 GMT
content-type
text/plain
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
underdog
underdog.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://underdog.technoratimedia.com/openrtb/bids/underdog?src=prebid_prebid_6.8.0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 25 Feb 2022 02:49:00 GMT
access-control-allow-headers
content-type
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
903054042
age
0
via
1.1 varnish
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b44a2065d&cmd=bid&reserve=0.17045454545454547&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7feaa31da22db594a3f00a8f7f9bedab591564d7256f7c433e59de021dac1a09

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b44a2065d&cmd=bid&reserve=0.17045454545454547&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a2b6e9743b07c6351f5da42a7ed88775f323fe8778669226bd48b4ed50639ba4

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b44a2065d&cmd=bid&reserve=0.17045454545454547&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
4fbe3612b54320564932d7931b28a631ebc2027d07ad4d886a527aabb776a2f8

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b44a2065d&cmd=bid&reserve=0.17045454545454547&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
4db1bc967bdc6a4e8ecbb89688f12a05249d6ef3006aaf4799a73ef88e51c914

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9690ec017574ff17bd043f82f90029&cmd=bid&reserve=0.13636363636363635&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
5a5677be6ebe919690106285297150130ee0bdab924ca59ce86d2e1f049173e0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/ 		19 B
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:00 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
df66a53a-e420-4c99-b5a9-664401929a3a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22108567fdea9809e6%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09574468085106383%7Cgpid%3Dreel-728x90%22%2C%22109a12e14501e5e9%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09574468085106383%7Cgpid%3Dreel-728x90%22%2C%2211010b34dcfc5f96%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09574468085106383%7Cgpid%3Dreel-728x90%22%2C%221119470ee4bdbde3%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09574468085106383%7Cgpid%3Dreel-728x90%22%2C%221124a6a9f9d52fcb%22%3A%229deebb29fccb6ed4404b%7C300x250%7Cf%3D0.15957446808510642%7Cgpid%3Dreel-300x250%22%2C%22113c15b6e3e82e1e%22%3A%229deebb29fccb6ed4404b%7C300x250%7Cf%3D0.15957446808510642%7Cgpid%3Dreel-300x250%22%2C%2211453f095b182437%22%3A%229deebb29fccb6ed4404b%7C300x250%7Cf%3D0.15957446808510642%7Cgpid%3Dreel-300x250%22%2C%22115ccbd02bc2d60e%22%3A%22076311570b44811073b6%7C%7Cf%3D3.202127659574468%7Cgpid%3Dreel-400x250%22%2C%221161157cf1c342f%22%3A%22076311570b44811073b6%7C%7Cf%3D3.202127659574468%7Cgpid%3Dreel-400x250%22%2C%221175c2da9038e14a%22%3A%22076311570b44811073b6%7C%7Cf%3D3.202127659574468%7Cgpid%3Dreel-400x250%22%2C%22118decec527690b2%22%3A%22cc4a74d908fc7d1eac48%7C%7Cf%3D3.202127659574468%7Cgpid%3Dreel-320x180%22%2C%22119d982e2b6c39fa%22%3A%22cc4a74d908fc7d1eac48%7C%7Cf%3D3.202127659574468%7Cgpid%3Dreel-320x180%22%2C%2212034b57267f2acc%22%3A%22cc4a74d908fc7d1eac48%7C%7Cf%3D3.202127659574468%7Cgpid%3Dreel-320x180%22%7D&ref=https%3A%2F%2Fwww.hawtcelebs.com%2F&s=a404c21d-b54b-4af5-afbb-7241101d1923&pv=3236e3bd-6d5e-42a8-9db2-480a004e8d9d&vp=desktop&lib_name=prebid&lib_v=6.8.0&us=5&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22udmserve.net%22%2C%22sid%22%3A%222993%22%2C%22hp%22%3A1%2C%22rid%22%3A%22a639123a-70cd-4b39-9915-43006bf937d1%22%7D%5D%7D&coppa=0
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
a09f521afaf104ed92c1a53a22d15e158bb285c2c30c92492b0395fa622abf24
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-51
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-type
application/json
content-length
608
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
hb.emxdgt.com/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=4000&ts=1645757340206&src=pbjs
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.139.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-139-54.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
underdog
underdog.technoratimedia.com/openrtb/bids/ 		0
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdog.technoratimedia.com/openrtb/bids/underdog?src=prebid_prebid_6.8.0
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
815473075
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		471 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
4b5e8c9a2b1e57c126a12c3540c162f1c437b2dd04fcc2e4c7eb98ce9420a6e5

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
187
content-length
254
openrtb
ads.adaptv.advertising.com/rtb/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Underdog
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.11.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-11-208.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Underdog
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.11.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-11-208.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Underdog
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.11.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-11-208.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Underdog
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.11.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-11-208.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Underdog
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.11.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-11-208.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Underdog
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.11.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-11-208.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Underdog
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.11.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-11-208.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
/
d.adroll.com/bid/prebid/ 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/bid/prebid/
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.138.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-138-186.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:00 GMT
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
24b4da193b43c5afe56b614b7402217c899214a41913b965526d5c48ad92d3f5

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
80e20f9fa108fff83d062151bd23340ce638f22b905035a4d15f06b3bb9e8396

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
82f1c93b68dd6999a6ac15e361596832820b59575623b8497928f66d98e172c9

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b7780c61ad3d8d97d2ab64030f3a01d8ac5526d3ac97d5b0844d31fa71d248af

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4E24 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 23 Feb 2022 21:56:06 GMT
expires
Thu, 23 Feb 2023 21:56:06 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
103974
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame CF3D 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0fc26ea4aefdfbd9636c22d488077a4293d2fa18709a59393a8e794cc3502567
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ptslDIllfhqlcPO0wJikaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 25 Feb 2022 02:49:00 GMT
date
Fri, 25 Feb 2022 02:49:00 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ptslDIllfhqlcPO0wJikaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
510
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
t.dtscout.com/idg/ Frame 43B5 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=51A01645757340B9D37ECAF08DCD9DE1
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163187.ip-51-89-99.eu
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f318891ad6648851cb87f3ef1fc175493ba8d2f22cfece9de64618c7520c7c8b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Fri, 25 Feb 2022 02:49:00 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Expires
Fri, 25 Feb 2022 02:48:59 GMT
Cache-Control
no-cache
Content-Encoding
gzip
dtscout
pd.sharethis.com/pd/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.135.27.102 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-27-102.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
a3ebe73966009358e251fa2798f258d2412eb82fdb3a674959dbf88f716dd4db
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:00 GMT
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2273
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
application/javascript
/
t.dtscout.com/pv/ 		50 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=hawtcelebs.com&_ss=7ek9qlt3g3&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=3xl2&_cb=_dtspv.c
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163187.ip-51-89-99.eu
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
468fac737e9504e7210cf361e91fa992ff09eb1655aab7ab0b22164d5f59b50b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:00 GMT
X-T
0.17
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Fri, 25 Feb 2022 02:48:59 GMT
imp.gif
obs.cheqzone.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136eebc030ed448e9d9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312711093d30464f578afe6d4e7474eb9498fbd38e820db61905785572afc2902f91e470625995b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c0240616e96568ad980a6ceec89825d957bd1fad811bc551c8c96dd82a77c3d835d277c2d5bcf58eede34c22f57ce4bbfe7a5834b8876095bd43b0464206835c5e8386c38681eb923bce6a88de93a349cd5c5513a2372fc6c5961a21d3e923fa57b4c54dc525fb2f431b059961bb56ddc4f47fe2d46a8752a798ccd527d6195178e8121e506b5f7fc0a264b45498cd8a2be8de2bbd962b9adabab03d9fb7e44e6b72c8b10f0a9ba7071a5acdbdac65a43386e95ee9fc2db774bc329450c809d4ad39db0721e4af8e7b393f641f37085a17b6fc8a6cd06fab571d5123ead12ccd840a5eecb2dea6ae2993ffeef89aeaeca4090969b934d9f3072ada1d3209dd271f3439ea69ec360bc8eb8c&cb=1645757340253&cri=qGlGXUN00n
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
cache-control
no-cache, no-store, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
content-length
43
content-type
image/gif
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1645757340253&sessionId=33b88de8-6d26-3d6f-850d-2598d9ffa880&url=www.hawtcelebs.com&cheqSource=1&cheqEvent=0&exitReason=4
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:00 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
19cbbab772153f0fe2bbcd1f94e9401c
Content-Length
4
Expires
0
p
ic.tynt.com/b/ 		35 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1645757340256&dn=TC&iso=0&t=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
etag
"4bc8846c-23"
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-type
image/gif
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
pixel
googleads.g.doubleclick.net/xbbe/ Frame B1F1 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSwAEQhL23Ahj9x7--ATAB&v=APEucNXn_lUgDDD7BxF9VaWUn4CoZ0DoAH3_hYVliH-JoRFZWny0DqNgqep69z6Z1U5Zi1CU0VWlM1lHL2ftgrz33oCWF-m_-Q
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 25 Feb 2022 02:49:00 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 2CF6 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
Origin
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 17:56:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Feb 2022 17:56:56 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/ Frame 2CF6 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 00:51:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7065
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 00:51:15 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/ Frame 2CF6 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/abg_lite_fy2019.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f328f4ae2fe983386843cc07db0af78c5fe9fa5ae67812f80062d5baa0e61047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:36:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
764
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7875
x-xss-protection
0
server
cafe
etag
9606807595520751986
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:36:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CF6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ASbt3HTMFwjAybSiRX4QrAf_mjHtEs2ace3DoHGtRY7vBaLgP79NPsukXz3vSBq61JICN4sw_W8cMWDnfzWkAh6UxJMzCFecpJ5rWNwv2PHvgqV6I
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B24920970.286076327;dc_pre=CKHen-3rmfYCFeG6swodZPEEag;dc_trk_aid=479976795;dc_trk_cid=140170567;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1032331.3665442DV360/ Frame 2CF6
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1032331.3665442DV360/B24920970.286076327;dc_trk_aid=479976795;dc_trk_cid=140170567;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;...
  • https://ad.doubleclick.net/ddm/trackimp/N1032331.3665442DV360/B24920970.286076327;dc_pre=CKHen-3rmfYCFeG6swodZPEEag;dc_trk_aid=479976795;dc_trk_cid=140170567;ord=[timestamp];dc_lat=;dc_rdid=;tag_fo...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1032331.3665442DV360/B24920970.286076327;dc_pre=CKHen-3rmfYCFeG6swodZPEEag;dc_trk_aid=479976795;dc_trk_cid=140170567;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1032331.3665442DV360/B24920970.286076327;dc_pre=CKHen-3rmfYCFeG6swodZPEEag;dc_trk_aid=479976795;dc_trk_cid=140170567;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 2CF6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:46:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2CF6 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 02:49:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 2CF6 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:45:17 GMT
l
www.google.com/ads/measurement/ Frame 2CF6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1lPSh0KrxWw9WENKkn1QTaJO-0612R7m9_Tq3GlMaYZHE0E_vjKqodLKm2VrccM0fHtfJyHBWNNpmjmmS3CggUnM4iw
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10995097-8&cid=1278589249.1645757339&jid=1156938165&_u=YAhAAUAAAAAAAC~&z=279650185
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
RRW_EVG_300x600.html
s0.2mdn.net/sadbundle/2088215109561221120/ Frame CBE3 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2088215109561221120/RRW_EVG_300x600.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c35fdfa12e76321b4372314212042bee37767b89031de960c560edcc503210d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2372
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Sun, 20 Feb 2022 08:11:33 GMT
expires
Mon, 20 Feb 2023 08:11:33 GMT
cache-control
public, max-age=31536000
age
412647
last-modified
Thu, 23 Dec 2021 18:41:20 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 2CF6 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9A9__95DjlnNLiTXiyHz695SFuTMLUGcW7r52euc9UG5DaAcpZtRPLPxYt_f2Jo1ziF-EE5aiceBEMTm4dZ1tpfKYwgURcYrvoz2dC0NMwFH7Mupu0lmggbMc6Y0yOKueceseaGOXGHoSWhAflNxwLnRbnTFin9YAN_Hsw1U8X9k5tokQKfyJFmDes1ZXxzngkXxN3cj5iL4u72237s9U1RI3E5uH5uksU4tl06MdJ8xo_MNDE9FVBTGCGQrDNAJQcDjLt268rbOhvmbZxKnbNqVTNDlZofbe6CeoKzRGhhWWfeaHmwbonblssYyXl4lmESeV8k4dK91_ZEx3QUJR--AyJFzHxItPqnuIYUBZsx7ohM3KpamdsKmvwazIwo9wPu0ZSkBPMXPLSwv4xeaX6tLX76G2cOcn09VE-4akLySxp8Gm6n7Jm_sEhlhN83m_bWbop9sRK_zmfTHHhnqBN674AvSP_JykEGH07jSCmlnUvv57G6WNXOZfzbekU-8PXokXO1qVAY7fR09rf6qTYhJQCxVPcJbHepkVdf8uDWzsGLafZ8ttNCjCkGgRCamqC8WrTJS_jGrocW9xX68JGHI_ZBmnBUEinoT93UAqGFuvxEFqrxJe30OQzksQhHtu5GzFTjA_Zu6otR0iEzZ0z92lD48HG0-GAdUZvYyvA2g3400dSziWkEPrbNkU0OVGZXfYfA7-wwCSW0-mwUDVTkytGpQbzCDDnUxu2XzoYmq88AC6Apwn28OUlX2V7BiZTeiye8HbQ-ywQrrq7mlWIC8S9z8s-5AGG-aBgD0x-MAqVM8wfBVVPdvPRJcbIF7zvns0vq5e6rA3J3rkMi3DTFPbmigLXY7C5S5JhK6LtvEgEdLbrbDadYKRIWOhW5yCfnCejtNpoo2fJpKOInwKDCr2qBJo8m8W1K5QmKmelISza56C-JRTggAPwGaKnetoK9bXAx-sjRjZO2lVQO-TQ1Eu-kLBXqCE9hCRO61OMsH9ItReiTt-7ANQrqiK6DMs98k9RrXY33bgTtU_V5ypQsU_lOsuNpBc8JdGhVijc0U2vJYr9XqRvqnrWIVz2YFacVmPNkmjpKy-F6JXX81jwjBOVdLomiYZXF3wRMSFig0H3hLAK_EbnF5-oGEdSdRExDnTWHaaul-MTw5wBeI3vpZF_jjabcVB0EJ0kkSMNYhG8tsNg5NiMdpfYQGMypeLQRWKy-IhDc5wAtNDM1cDF_Rvm4aQ94yDUJPLx3v3_KB7BeNB0ufnpg&sai=AMfl-YSpcIwn8fbNyXSGmuUTWpmjvhvmuQmoA097GqCzUmwQCUZanFhy_E1QvUN-NDMzp2FSjU1r608_uFnZGXv-XJUEMrES4uxaHDptkj97AH8qnTAKmmzQh3lr7cq2bsYJMV_NLCfn64MP4Y46LOskxdv69Vra91WgHnzOTlT5aadavecqI8u9spKB7pJEmG7Gm3QDWNUJdQc8Z_2K6XRH5eKV6aa59Hk7a6rH9wNg_RmEaeVkbRUwXBnMm2jcLhq4tgIm8nFdEA9aD_HLe60kB5GPjsG9EPZgWQz_alk&sig=Cg0ArKJSzC5zbVBpe10BEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=47&cbvp=1&cstd=44&cisv=r20220223.61089&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 25 Feb 2022 02:49:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2CF6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 17:56:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
204724
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Feb 2023 17:56:56 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6D9B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 24 Feb 2022 19:21:13 GMT
expires
Fri, 25 Feb 2022 19:21:13 GMT
cache-control
public, max-age=86400
age
26867
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame CF3D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021701&jk=3853938541929479&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
truncated
/ Frame 2CF6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37c255a0628193f10f71160fb15c6c7f75410799cc3fc5385c4ce2e3d91a02da

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame B1F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIbJHQZEsFjAxcuDIDt0MwA&google_cver=1
43 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIbJHQZEsFjAxcuDIDt0MwA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSwAEQhL23Ahj9x7--ATAB&v=APEucNXn_lUgDDD7BxF9VaWUn4CoZ0DoAH3_hYVliH-JoRFZWny0DqNgqep69z6Z1U5Zi1CU0VWlM1lHL2ftgrz33oCWF-m_-Q
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIbJHQZEsFjAxcuDIDt0MwA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B1F1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhhDnC-gZ8XRz901.0T3uAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIbJHQZEsFjAxcuDIDt0MwA&google_cver=1&google_hm=2
43 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIbJHQZEsFjAxcuDIDt0MwA&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSwAEQhL23Ahj9x7--ATAB&v=APEucNXn_lUgDDD7BxF9VaWUn4CoZ0DoAH3_hYVliH-JoRFZWny0DqNgqep69z6Z1U5Zi1CU0VWlM1lHL2ftgrz33oCWF-m_-Q
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIbJHQZEsFjAxcuDIDt0MwA&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B1F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJW2k5sIkAwuat9S51GHxm8&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJW2k5sIkAwuat9S51GHxm8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSwAEQhL23Ahj9x7--ATAB&v=APEucNXn_lUgDDD7BxF9VaWUn4CoZ0DoAH3_hYVliH-JoRFZWny0DqNgqep69z6Z1U5Zi1CU0VWlM1lHL2ftgrz33oCWF-m_-Q
Protocol
HTTP/1.1
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:00 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
33721ec2-7bda-4383-9835-9a1902df1263
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJW2k5sIkAwuat9S51GHxm8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B1F1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzNzUzMTc2OTY2MTM2ODQ1Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzNzUzMTc2OTY2MTM2ODQ1Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSwAEQhL23Ahj9x7--ATAB&v=APEucNXn_lUgDDD7BxF9VaWUn4CoZ0DoAH3_hYVliH-JoRFZWny0DqNgqep69z6Z1U5Zi1CU0VWlM1lHL2ftgrz33oCWF-m_-Q
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:00 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
c6de5acc-0472-4384-a00a-d9fdd6272487
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzNzUzMTc2OTY2MTM2ODQ1Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C1DD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 22 Feb 2022 17:56:57 GMT
expires
Wed, 22 Feb 2023 17:56:57 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
204723
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
createjs.min.js
code.createjs.com/1.0.0/ Frame CBE3 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2088215109561221120/RRW_EVG_300x600.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1400:d::6878:d289 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Fri, 25 Feb 2022 03:04:00 GMT
RRW_EVG_300x600.js
s0.2mdn.net/sadbundle/2088215109561221120/ Frame CBE3 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2088215109561221120/RRW_EVG_300x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2088215109561221120/RRW_EVG_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12baaeaeecc5d3518b5bebdd485ab41ee2de3df67cbfa5ae1b247ee87d9a0b28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2088215109561221120/RRW_EVG_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 08:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412647
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3682
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 18:41:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Feb 2023 08:11:33 GMT
SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
pagead2.googlesyndication.com/bg/ Frame 4E24 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 04:08:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
81610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13759
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Feb 2023 04:08:50 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		61 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3853938541929479&correlator=1162162898547665&output=ldjh&impl=fif&eid=31065287&vrg=2022021701&ptt=17&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C562f1490-6016-470a-a15d-db024410a0f6&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x100&prev_scp=ti%3D865488bb-8c8c-4b61-8ad6-a294019cea83%26bid%3D0.02%26bid-p%3Dgoogle%26bsc%3D96&eri=1&cookie=ID%3D50a014306ce78c7e%3AT%3D1645757339%3AS%3DALNI_MZcaxinGW6ddiT1C2YI_LpSCXkWmA&bc=31&abxe=1&dt=1645757340408&lmt=1645757340&dlt=1645757338682&idt=362&frm=20&biw=1600&bih=1200&oid=2&adxs=252&adys=10142&adks=2570427636&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&scr_x=0&scr_y=0&psz=1097x0&msz=1097x0&ga_vid=1278589249.1645757339&ga_sid=1645757339&ga_hid=1632879046&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
d82df15c6dbe055882c352762028cc45545f4653192b7c86efe57a21e90d863e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19385
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
t.dhj
t.sharethis.com/1/d/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6748295497764845&stid=ZGIABGIYQ5wAAAAJVZ0CAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.174.104 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-174-104.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
78316f15607c6aa845705239e2cfbfe9a39fda3f07a8d95aa97fce03766bc66d
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Fri, 25 Feb 2022 03:49:00 GMT
dtscout
pd.sharethis.com/pd/ 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&event_source=dtscout&rnd=0.6748295497764845&exptid=ZGIABGIYQ5wAAAAJVZ0CAw%3D%3D&fcmp=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.135.27.102 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-27-102.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:00 GMT
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
image/gif
v2
de.tynt.com/deb/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=w!a9etg89wet&dn=TC&cc=1&r=&us_privacy=1---
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
230d953d50f7e476beb0613a6bd290cda73b8535ac5eaaf59da68f7ec12cff9d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
1948
expires
Sat, 26 Jul 1997 05:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3853938541929479&correlator=3727113809112824&output=ldjh&impl=fif&eid=31065287&vrg=2022021701&ptt=17&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C6fba91e9-d020-48d4-9f2a-c80c3ac58704&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=ti%3D865488bb-8c8c-4b61-8ad6-a294019cea83%26bid%3D0.13%26bid-p%3Dgoogle%26bsc%3D96&eri=1&cookie=ID%3D50a014306ce78c7e%3AT%3D1645757339%3AS%3DALNI_MZcaxinGW6ddiT1C2YI_LpSCXkWmA&bc=31&abxe=1&dt=1645757340437&lmt=1645757340&dlt=1645757338682&idt=362&frm=20&biw=1600&bih=1200&oid=2&adxs=1029&adys=380&adks=425794434&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1278589249.1645757339&ga_sid=1645757339&ga_hid=1632879046&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
47fa00d91b7ca51769e6203d9ce9482ec8b5d0b63195aa41f765635dfbc9556b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9805
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
odb.outbrain.com/utils/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=%20&idx=0&rand=49081&key=NANOWDGT01&widgetJSId=TF_6&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clss=YvbnAvM7U6HV5AuqerhjWJMk0xYsBTNxcuJZ0Zipadlb6NSTA14d92DyxmJL45u27yBA0iQr1CJXdAt4&px=451&py=1422&vpd=222&cw=537&activeTab=true&darkMode=false&settings=true&recs=true&version=2000614&sig=kALZuDUJ&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=1&ccpa=1---&ccpaStat=1&ogn=https%3A%2F%2Fwww.hawtcelebs.com%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.30.132 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb5e6972093528062f04eb872f472b42c8bdd5538af4d5127fa06f1e79c6bf60

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
gzip
traffic-path
NYDC1, IAD, USA_EAST1
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-cache-hits
0
x-traceid
3e5b544bfc5da38f0d818a9fdd56ef99
content-length
2536
x-served-by
cache-iad-kiad7000088-IAD
pragma
no-cache
x-timer
S1645757340.487734,VS0,VE19
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6D9B
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHuOt-ZaOMIDcm7KS5JEPQk&google_cver=1&google_push=AYg5qPJ6AsCoDCyNk80bRmkVUb0gTu1wOog1HHEp1DYJMpwk3OVP704iYckX7qjRcG0J4k-ORRt7dqV-I2eC0Z7sfW7b_I6QBokY
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1D6054FD4F7741E7A2A9A9482C6BE4F4&google_push=AYg5qPJ6AsCoDCyNk80bRmkVUb0gTu1wOog1HHEp1DYJMpwk3OVP704iYckX7qjRcG0J4k-ORRt7dqV-I2eC0Z7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1D6054FD4F7741E7A2A9A9482C6BE4F4&google_push=AYg5qPJ6AsCoDCyNk80bRmkVUb0gTu1wOog1HHEp1DYJMpwk3OVP704iYckX7qjRcG0J4k-ORRt7dqV-I2eC0Z7sfW7b_I6QBokY
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 25 Feb 2022 02:49:00 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1D6054FD4F7741E7A2A9A9482C6BE4F4&google_push=AYg5qPJ6AsCoDCyNk80bRmkVUb0gTu1wOog1HHEp1DYJMpwk3OVP704iYckX7qjRcG0J4k-ORRt7dqV-I2eC0Z7sfW7b_I6QBokY
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 24 Feb 2022 02:49:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6D9B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEFgSkEEHYMTMCw4HmfHbaIw&google_cver=1&google_push=AYg5qPLb_NPGLXWXUjlS4_olYXO4onpZ7kslmZoTG85BBJLA1sIxZbuZU_NCboEs-5l4thmu6zcwBJvc4U-xw34...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=PzQeaXNuQax-wZLus3eL7gW16p4&google_push=AYg5qPLb_NPGLXWXUjlS4_olYXO4onpZ7kslmZoTG85BBJLA1sIxZbuZU_NCboEs-5l4thmu6zcwBJvc4U-xw3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=PzQeaXNuQax-wZLus3eL7gW16p4&google_push=AYg5qPLb_NPGLXWXUjlS4_olYXO4onpZ7kslmZoTG85BBJLA1sIxZbuZU_NCboEs-5l4thmu6zcwBJvc4U-xw347EDtXWHERsPbB
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=PzQeaXNuQax-wZLus3eL7gW16p4&google_push=AYg5qPLb_NPGLXWXUjlS4_olYXO4onpZ7kslmZoTG85BBJLA1sIxZbuZU_NCboEs-5l4thmu6zcwBJvc4U-xw347EDtXWHERsPbB
Date
Fri, 25 Feb 2022 02:49:00 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 6D9B
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI4NUH1B_nwjtfCP4xd_Vws&google_cver=1&google_push=AYg5qPLH-vWkPeYCVIasFl8WIiTmICYqN1tU_7BDsH3BZxxxbKP7NzaQ9pgRc66Yk29PKYFn8aMYWa0ull_8yF0ZN...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI4NUH1B_nwjtfCP4xd_Vws&google_cver=1&google_push=AYg5qPLH-vWkPeYCVIasFl8WIiTmICYqN1tU_7BDsH3BZxxxbKP7NzaQ9pgRc66Yk29PKYFn8aMYWa0ull_8yF0ZN...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLH-vWkPeYCVIasFl8WIiTmICYqN1tU_7BDsH3BZxxxbKP7NzaQ9pgRc66Yk29PKYFn8aMYWa0ull_8yF0ZNBFq2HbqbIEk&google_hm=5a5b510f7270cdb4bc7b94b8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLH-vWkPeYCVIasFl8WIiTmICYqN1tU_7BDsH3BZxxxbKP7NzaQ9pgRc66Yk29PKYFn8aMYWa0ull_8yF0ZNBFq2HbqbIEk&google_hm=5a5b510f7270cdb4bc7b94b8
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 25 Feb 2022 02:49:00 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLH-vWkPeYCVIasFl8WIiTmICYqN1tU_7BDsH3BZxxxbKP7NzaQ9pgRc66Yk29PKYFn8aMYWa0ull_8yF0ZNBFq2HbqbIEk&google_hm=5a5b510f7270cdb4bc7b94b8
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pub
cs.chocolateplatform.com/ Frame 6D9B 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEKU94BaALT9k-C3oU_7Kjao&google_cver=1&google_push=AYg5qPI4wqt6yivRQL4DS7PrQ0mQ4wS6j_aIHZsxQLiaDlkvWEvkNlahoN23soPwERHhiYlFhcfCaCINe8zDiHsUv14sNuCpcuUk
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.212.101.174 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
174.101.212.35.bc.googleusercontent.com
Software
Chocolate Cookie Sync Powered by Vdopia /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
via
1.1 google
server
Chocolate Cookie Sync Powered by Vdopia
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 6D9B
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEO-ydwF4Rl65fhDzjY6VbOI&google_cver=1&google_push=AYg5qPIg-a75XqACfuUsTJRTiXriGsyOjfjB04GUgolXuKIkgfKlcOv4qfTLvhJMCCIacsyzL-yVU4...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIg-a75XqACfuUsTJRTiXriGsyOjfjB04GUgolXuKIkgfKlcOv4qfTLvhJMCCIacsyzL-yVU4QDgmh-DTthXD7UePU9-HkT&google_hm=MTc5MjM1Mj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIg-a75XqACfuUsTJRTiXriGsyOjfjB04GUgolXuKIkgfKlcOv4qfTLvhJMCCIacsyzL-yVU4QDgmh-DTthXD7UePU9-HkT&google_hm=MTc5MjM1MjA2NTUxMTg3NjkzNQ%3D%3D
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIg-a75XqACfuUsTJRTiXriGsyOjfjB04GUgolXuKIkgfKlcOv4qfTLvhJMCCIacsyzL-yVU4QDgmh-DTthXD7UePU9-HkT&google_hm=MTc5MjM1MjA2NTUxMTg3NjkzNQ%3D%3D
date
Fri, 25 Feb 2022 02:49:00 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6D9B
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESELEBu9n8Ap13h74hLA_WM-g&google_cver=1&google_push=AYg5qPLvIRW28U2penR1oszSjws8KXbZP5Ve_eFccEWyWYHzzqQHLeKoD4CDR7ROSqGJYZbZfK3yeozn9ZqBe487P...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MmZjODkxZDUtMWQ4ZS00YWY5LWE4ZDQtNTRlZTFhOTFhMmI0&google_push=AYg5qPLvIRW28U2penR1oszSjws8KXbZP5Ve_eFccEWyWYHzzqQHLeKoD4CDR7RO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MmZjODkxZDUtMWQ4ZS00YWY5LWE4ZDQtNTRlZTFhOTFhMmI0&google_push=AYg5qPLvIRW28U2penR1oszSjws8KXbZP5Ve_eFccEWyWYHzzqQHLeKoD4CDR7ROSqGJYZbZfK3yeozn9ZqBe487PljTMRNPNPDg
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MmZjODkxZDUtMWQ4ZS00YWY5LWE4ZDQtNTRlZTFhOTFhMmI0&google_push=AYg5qPLvIRW28U2penR1oszSjws8KXbZP5Ve_eFccEWyWYHzzqQHLeKoD4CDR7ROSqGJYZbZfK3yeozn9ZqBe487PljTMRNPNPDg
date
Fri, 25 Feb 2022 02:49:00 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6D9B
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEKgaD5foxw333W9Riyfv5nA&google_cver=1&google_push=AYg5qPKUAH3_nNDtWLMVPG5kbb5pH7k5Wv9frFRRc8PrvgCggHIgMtFnl4O0FlHMeSyeYRkFyNnTM0I9sIVcbPNAqfK1-...
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Demx_eb%26google_hm%3DNzc3MjE2NDU3NTczNDA1MDk0NjJhNg%3D%3D&b6...
  • https://cs.emxdgt.com/umcheck?apnxid=6237531769661368453&redirect=https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=Nzc3MjE2NDU3NTczNDA1MDk0NjJhNg==&b64_redirect=aHR0cHM6Ly9jbS5nLmRvdW...
  • https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=Nzc3MjE2NDU3NTczNDA1MDk0NjJhNg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=Nzc3MjE2NDU3NTczNDA1MDk0NjJhNg==
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=Nzc3MjE2NDU3NTczNDA1MDk0NjJhNg==
date
Fri, 25 Feb 2022 02:49:00 GMT
content-length
0
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 6D9B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JdciHIW07WmTaH1YpIfY_0hNzF0jWtpq5b72AiLChi6C2Z5X9uEoJT2cLi9LSwDBcD9E4crWs
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220225
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97299033768eedf6439d2cc8c33935b8e17770a77ead11300385c295757c9878
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
42475
x-jsd-version
1.0.1263
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19154-FRA, cache-lga21945-LGA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69a-UlpkowxZ+2bc19upm2tUQnLamdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6e2d9e322f0f0cb1-EWR
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Fri, 25 Feb 2022 02:49:00 GMT
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
da500ec2008ab632bd5aea53d6c62985bcff19e023c8af78b291f37277aeceb6

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
quantumdex
useast.quantumdex.io/auction/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
6e2d9e326c330c91-EWR
cdb
bidder.criteo.com/ 		18 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.10.0&cb=68280024481
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
v1
btlr.sharethrough.com/universal/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.229.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-229-107.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Fri, 25 Feb 2022 02:49:00 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		19 B
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:00 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
f442d312-c1bb-4264-b385-98786110628a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.ad.smaato.net/oapi/ 		0
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:00 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
e3a808e4-df7b-4e40-a856-b2799d64aece
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
prebid
prebid.ad.smaato.net/oapi/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:00 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
33058f51-f299-4eed-bb25-b71609411789
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
auction
tlx.3lift.com/header/ 		19 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.10.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.71.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-71-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
x-auction-status
12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
c
prebid.a-mo.net/a/ 		471 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
4b5e8c9a2b1e57c126a12c3540c162f1c437b2dd04fcc2e4c7eb98ce9420a6e5

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
38
content-length
254
prebid-request
onetag-sys.com/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:00 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
cd110caa-068f-4f84-8f8e-fffd7e15a2bf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:00 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
unruly_prebid
targeting.unrulymedia.com/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
ROS
pbjs.e-planning.net/hb/1/2c995/1/www.hawtcelebs.com/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.08936603806633237&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=FF&crs=U...
  • https://pbjs.e-planning.net/hb/1/2c995/1/www.hawtcelebs.com/ROS?ct=1&r=pbjs&rnd=0.08936603806633237&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&v...
423 B
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2c995/1/www.hawtcelebs.com/ROS?ct=1&r=pbjs&rnd=0.08936603806633237&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&e_pubcid=483b11f3-554f-467d-b1b6-a457cb60b834
Protocol
H2
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b25a41c8c7387e1247905dadf132ba889966e5bda993383b3f8a197382725db3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Fri, 25 Feb 2022 02:49:00 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
423
x-sid
IAD-1216

Redirect headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
openresty
access-control-allow-origin
https://www.hawtcelebs.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/www.hawtcelebs.com/ROS?ct=1&r=pbjs&rnd=0.08936603806633237&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&e_pubcid=483b11f3-554f-467d-b1b6-a457cb60b834
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
IAD-1216
/
px.vliplatform.com/bi-v4/ 		0
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNKYUZTRzdNKeKqPKrB-wAKB-PteM-arqy-ZyZTZBqBqZZqRlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNARkjmNKYMbaARwlNnqiggllh,jxqfzxdrtb,ekoztg,liqktzikgxui,qhhftbxl,ldqqzg,zkohstsoyz,qdb,gftzqu,gyzdtroq,kzwigxlt,xfkxsn,thsqffofu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOmOrf9dXYRN6eCyGJS8MvKHaWLCq089mQQpW92U0UAY1ye85VdM4WiLOyMgxdeYjPp6lANpBgFRcD%2BcWXO7AghoRzFESZklsWvNj3SBK%2FBMlcFMuM0WFP7F6rdTompc%2B42QHpi9C%2F3HdzfH%2FBL7BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e3279ca1a30-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
/
px.vliplatform.com/bi-v4/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNKYUZTRzdNUYytBqaq-qYeq-Pate-wUPZ-ytMrPAYrwZyYRlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNARkjmNaKAbaARwlNjxqfzxdrtb,qhhftbxl,ldqqzg,zkohstsoyz,qdb,gftzqu,gyzdtroq,kzwigxlt,xfkxsn,thsqffofu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyETWmJIT3rYgn6MfO2r9VpR9XaXM267rd2TxDUU6JmOYXEtdHCoN%2Fy8%2Bghem9ZP3nohC8s9vPw%2BxfWvQI2Z%2FH0uABaDMAkGcAdPdX4734B2%2Bl4t21hbjiD1RwIP%2FafOElqWdMTvbbztvC%2FQxo%2BDvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e3279cd1a30-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Fri, 25 Feb 2022 02:49:00 GMT
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
c
prebid.a-mo.net/a/ 		471 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
4b5e8c9a2b1e57c126a12c3540c162f1c437b2dd04fcc2e4c7eb98ce9420a6e5

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
18
content-length
254
prebid
ib.adnxs.com/ut/v3/ 		139 B
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1906e14813a7744806810f2c7c6d2eb20be6c4dd90740620c5edd6b5120cd81f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:00 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
59df8bd7-5749-4c5e-b4a0-c9a208c3ecf0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b92ed3e8a22e65fa711ac55c83848ae533df01fe8fe7ce2962fa0b1d273ccf0d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:00 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
e71d1702-f924-4209-92fd-2ba2454d2b4a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.ad.smaato.net/oapi/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:00 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
1bbf5131-c6d2-400c-aa6d-a4316ffd7978
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
ROS
pbjs.e-planning.net/hb/1/2c995/1/www.hawtcelebs.com/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.08936603806633237&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F...
  • https://pbjs.e-planning.net/hb/1/2c995/1/www.hawtcelebs.com/ROS?ct=1&r=pbjs&rnd=0.08936603806633237&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=F&crs=UTF-8&fr=h...
407 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2c995/1/www.hawtcelebs.com/ROS?ct=1&r=pbjs&rnd=0.08936603806633237&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&e_pubcid=483b11f3-554f-467d-b1b6-a457cb60b834
Protocol
H2
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
01184142bd448fc5c7962728b0053d4795c5eb72f6b4c854ab7c9dfbfb319da4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Fri, 25 Feb 2022 02:49:00 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
407
x-sid
IAD-1216

Redirect headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
openresty
access-control-allow-origin
https://www.hawtcelebs.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/www.hawtcelebs.com/ROS?ct=1&r=pbjs&rnd=0.08936603806633237&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&e_pubcid=483b11f3-554f-467d-b1b6-a457cb60b834
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
IAD-1216
v1
btlr.sharethrough.com/universal/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.229.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-229-107.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Fri, 25 Feb 2022 02:49:00 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
unruly_prebid
targeting.unrulymedia.com/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
auction
tlx.3lift.com/header/ 		19 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.10.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.71.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-71-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
quantumdex
useast.quantumdex.io/auction/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
6e2d9e32ac630c91-EWR
prebid-request
onetag-sys.com/ 		0
0
cdb
bidder.criteo.com/ 		18 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.10.0&cb=97530591202
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:59 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:00 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
8d1c0ec7acf4c4ccb5e5a60958f13067dd6e182ae6afd7c787875e08f8fea61f

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 		192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1439062
cf-polished
degrade=85, origSize=227959, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
196267
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 05 Nov 2019 14:07:11 GMT
server
cloudflare
etag
"5dc1820f-37a77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Tue, 18 Jan 2022 18:59:03 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6e2d9e32c8718cec-EWR
cf-bgj
imgq:85,h2pri
1596163502.jpg
assets.vlitag.com/widget/2020/07/30/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
115925
cf-polished
qual=85, origFmt=jpeg, origSize=140376
content-disposition
inline; filename="1596163502.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
106784
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Fri, 31 Jul 2020 02:45:02 GMT
server
cloudflare
etag
"5f2385ae-22458"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Wed, 23 Feb 2022 18:52:45 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6e2d9e32c8778cec-EWR
cf-bgj
imgq:85,h2pri
1635928361.png
assets.vlitag.com/widget/2021/11/03/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2021/11/03/1635928361.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d59625b6564d07e0b7bb8808f2273a0f930a1cbbe622ad9b4eb911abdb56ef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
921815
cf-polished
origFmt=png, origSize=154658
content-disposition
inline; filename="1635928361.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
97154
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Wed, 03 Nov 2021 08:32:41 GMT
server
cloudflare
etag
"61824929-25c22"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Wed, 09 Feb 2022 19:03:39 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6e2d9e32c87e8cec-EWR
cf-bgj
imgq:85,h2pri
1635928418.png
assets.vlitag.com/widget/2021/11/03/ 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2021/11/03/1635928418.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a2a95a3a1132f723ce3e0491f8ffff068d48e038449074b52494e552e894996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
117785
cf-polished
origFmt=png, origSize=219844
content-disposition
inline; filename="1635928418.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
132702
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Wed, 03 Nov 2021 08:33:38 GMT
server
cloudflare
etag
"61824962-35ac4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Wed, 09 Feb 2022 22:14:07 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6e2d9e32c8798cec-EWR
cf-bgj
imgq:85,h2pri
1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
627771
cf-polished
qual=85, origFmt=jpeg, origSize=103053
content-disposition
inline; filename="1592801729.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75514
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Mon, 22 Jun 2020 04:55:29 GMT
server
cloudflare
etag
"5ef039c1-1928d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Thu, 17 Feb 2022 03:00:06 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6e2d9e32c87d8cec-EWR
cf-bgj
imgq:85,h2pri
1572962870.jpg
assets.vlitag.com/widget/2019/11/05/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2019/11/05/1572962870.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
20599
cf-polished
qual=85, origFmt=jpeg, origSize=151033
content-disposition
inline; filename="1572962870.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
109336
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 05 Nov 2019 14:07:50 GMT
server
cloudflare
etag
"5dc18236-24df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Wed, 09 Feb 2022 19:00:14 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6e2d9e32c8768cec-EWR
cf-bgj
imgq:85,h2pri
/
px.vliplatform.com/bi-v4/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNBaARzdNTqKwtBKy-aUYa-PeUq-qKMU-aMaTZATqTqeaRlmNBAAbYZARdzNwqfftkRqxeNco_KMBaA_TRwkjNARkjmNBAAbYZARwlNqdb,qhhftbxl,gyzdtroq,ldqqzg,thsqffofu,liqktzikgxui,xfkxsn,zkohstsoyz,jxqfzxdrtb,gftzqu,ekoztg,kzwigxlt,nqiggllh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awquBz9%2BQG501JqTEcKkSYQoekAeAzZMZdKFXRv%2BStTLe19cKalnJquXVodN9cbCBTjpybr%2FJl2GlpRW%2FJQTMCi2QzzE%2F6vx4P5F9PTol3Y2WRURrKgMuDSU2j%2BYT%2B86FsSHRwl8%2F87cX%2BWTnPrYoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e32ca431a30-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3853938541929479&correlator=285336109684696&output=ldjh&impl=fif&eid=31065287&vrg=2022021701&ptt=17&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2Cc3c5bf82-582f-4a94-a645-38de142fa6ca&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&prev_scp=ti%3D865488bb-8c8c-4b61-8ad6-a294019cea83%26bid%3D0.05%26bid-p%3Dgoogle%26bsc%3D96&eri=1&cookie=ID%3D50a014306ce78c7e%3AT%3D1645757339%3AS%3DALNI_MZcaxinGW6ddiT1C2YI_LpSCXkWmA&bc=31&abxe=1&dt=1645757340643&lmt=1645757340&dlt=1645757338682&idt=362&frm=20&biw=1600&bih=1200&oid=2&adxs=272&adys=415&adks=1836524711&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&ga_vid=1278589249.1645757339&ga_sid=1645757339&ga_hid=1632879046&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
bfb8ddacb385f77245c45479c011cda6461acf9b8120c22272b2a85a30236e84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9751
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
RRW_Evergreen_300x6001.jpg
s0.2mdn.net/sadbundle/2088215109561221120/images/ Frame CBE3 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2088215109561221120/images/RRW_Evergreen_300x6001.jpg
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0d359c334d919eb0668391767afad8a0541ae7611abadb6a747139fec696772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2088215109561221120/RRW_EVG_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 08:11:34 GMT
x-content-type-options
nosniff
age
412646
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80891
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 18:41:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Feb 2023 08:11:34 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2CF6 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9A9__95DjlnNLiTXiyHz695SFuTMLUGcW7r52euc9UG5DaAcpZtRPLPxYt_f2Jo1ziF-EE5aiceBEMTm4dZ1tpfKYwgURcYrvoz2dC0NMwFH7Mupu0lmggbMc6Y0yOKueceseaGOXGHoSWhAflNxwLnRbnTFin9YAN_Hsw1U8X9k5tokQKfyJFmDes1ZXxzngkXxN3cj5iL4u72237s9U1RI3E5uH5uksU4tl06MdJ8xo_MNDE9FVBTGCGQrDNAJQcDjLt268rbOhvmbZxKnbNqVTNDlZofbe6CeoKzRGhhWWfeaHmwbonblssYyXl4lmESeV8k4dK91_ZEx3QUJR--AyJFzHxItPqnuIYUBZsx7ohM3KpamdsKmvwazIwo9wPu0ZSkBPMXPLSwv4xeaX6tLX76G2cOcn09VE-4akLySxp8Gm6n7Jm_sEhlhN83m_bWbop9sRK_zmfTHHhnqBN674AvSP_JykEGH07jSCmlnUvv57G6WNXOZfzbekU-8PXokXO1qVAY7fR09rf6qTYhJQCxVPcJbHepkVdf8uDWzsGLafZ8ttNCjCkGgRCamqC8WrTJS_jGrocW9xX68JGHI_ZBmnBUEinoT93UAqGFuvxEFqrxJe30OQzksQhHtu5GzFTjA_Zu6otR0iEzZ0z92lD48HG0-GAdUZvYyvA2g3400dSziWkEPrbNkU0OVGZXfYfA7-wwCSW0-mwUDVTkytGpQbzCDDnUxu2XzoYmq88AC6Apwn28OUlX2V7BiZTeiye8HbQ-ywQrrq7mlWIC8S9z8s-5AGG-aBgD0x-MAqVM8wfBVVPdvPRJcbIF7zvns0vq5e6rA3J3rkMi3DTFPbmigLXY7C5S5JhK6LtvEgEdLbrbDadYKRIWOhW5yCfnCejtNpoo2fJpKOInwKDCr2qBJo8m8W1K5QmKmelISza56C-JRTggAPwGaKnetoK9bXAx-sjRjZO2lVQO-TQ1Eu-kLBXqCE9hCRO61OMsH9ItReiTt-7ANQrqiK6DMs98k9RrXY33bgTtU_V5ypQsU_lOsuNpBc8JdGhVijc0U2vJYr9XqRvqnrWIVz2YFacVmPNkmjpKy-F6JXX81jwjBOVdLomiYZXF3wRMSFig0H3hLAK_EbnF5-oGEdSdRExDnTWHaaul-MTw5wBeI3vpZF_jjabcVB0EJ0kkSMNYhG8tsNg5NiMdpfYQGMypeLQRWKy-IhDc5wAtNDM1cDF_Rvm4aQ94yDUJPLx3v3_KB7BeNB0ufnpg&sai=AMfl-YSpcIwn8fbNyXSGmuUTWpmjvhvmuQmoA097GqCzUmwQCUZanFhy_E1QvUN-NDMzp2FSjU1r608_uFnZGXv-XJUEMrES4uxaHDptkj97AH8qnTAKmmzQh3lr7cq2bsYJMV_NLCfn64MP4Y46LOskxdv69Vra91WgHnzOTlT5aadavecqI8u9spKB7pJEmG7Gm3QDWNUJdQc8Z_2K6XRH5eKV6aa59Hk7a6rH9wNg_RmEaeVkbRUwXBnMm2jcLhq4tgIm8nFdEA9aD_HLe60kB5GPjsG9EPZgWQz_alk&sig=Cg0ArKJSzC5zbVBpe10BEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=414&vt=11&dtpt=367&dett=3&cstd=44&cisv=r20220223.61089&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:49:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pix.gif
d1lax2pddqj38d.cloudfront.net/
Redirect Chain
  • https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=7;p=1;rri=1645757339939_304575_5.181.234.158;mid=43264;zzz=1;version=inpage24-confiant;cb=0.38421654308585484;refresh=2;style=reel;vis=visible;...
  • https://d1lax2pddqj38d.cloudfront.net/pix.gif
43 B
381 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1lax2pddqj38d.cloudfront.net/pix.gif
Protocol
H2
Server
13.225.231.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-231-199.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 08:03:47 GMT
via
1.1 4ffd9afb636b7eb92e42cf2534136d50.cloudfront.net (CloudFront)
last-modified
Tue, 15 Feb 2011 23:10:42 GMT
server
AmazonS3
age
499514
etag
"325472601571f31e1bf00674c368d335"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=864000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-length
43
x-amz-cf-id
qyRbK1OLfOyt8rsvVQEq0CgdK3tLsp_x7oshWqjlanvpbXRfoNqiLA==

Redirect headers

Location
https://d1lax2pddqj38d.cloudfront.net/pix.gif
Date
Fri, 25 Feb 2022 02:49:00 GMT
Content-Length
0
Content-Type
text/html
container.html
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4B53 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 25 Feb 2022 02:48:59 GMT
expires
Sat, 25 Feb 2023 02:48:59 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.02&b=1&r=hawtcelebs.com_responsive_h_hawtfuterreshor&sy=aaeaab77-6889-46a7-8f18-d0f35f11edfb&ts=96&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=1024x100&mlbw=4g&mlcs=NaN&mltp=865488bb-8c8c-4b61-8ad6-a294019cea83&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:49:00 GMT
cf-cache-status
HIT
age
328899
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e337bbb8c8f-EWR
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3853938541929479&correlator=4036792383657748&output=ldjh&impl=fif&eid=31065287&vrg=2022021701&ptt=17&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=44890869%3A3968751%2Cnative-multi%2C73c4dd7e-b16a-4678-86a9-98e3e238bb57&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&prev_scp=ti%3D865488bb-8c8c-4b61-8ad6-a294019cea83%26bid%3D0.02%26bid-p%3Dgoogle%26bsc%3D96%26format%3Dmulti-native&eri=1&cookie=ID%3D50a014306ce78c7e%3AT%3D1645757339%3AS%3DALNI_MZcaxinGW6ddiT1C2YI_LpSCXkWmA&bc=31&abxe=1&dt=1645757340718&lmt=1645757340&dlt=1645757338682&idt=362&frm=20&biw=1600&bih=1200&oid=2&adxs=432&adys=7063&adks=646479281&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&scr_x=0&scr_y=0&psz=577x0&msz=577x0&ga_vid=1278589249.1645757339&ga_sid=1645757339&ga_hid=1632879046&ga_fc=true&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
8158f7ccac9c62b29936e0283340fe35c276524fc7a9b34300000f6b8689b9f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9706
x-xss-protection
0
google-lineitem-id
5924406464
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138381471506
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3853938541929479&correlator=1553339955424166&output=ldjh&impl=fif&eid=31065287&vrg=2022021701&ptt=17&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C0ff5f5a4-b3ba-4106-b216-bfbc7ca31a74&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=530x100&prev_scp=ti%3D865488bb-8c8c-4b61-8ad6-a294019cea83%26bid%3D0.04%26bid-p%3Dgoogle%26bsc%3D96&eri=1&cookie=ID%3D50a014306ce78c7e%3AT%3D1645757339%3AS%3DALNI_MZcaxinGW6ddiT1C2YI_LpSCXkWmA&bc=31&abxe=1&dt=1645757340723&lmt=1645757340&dlt=1645757338682&idt=362&frm=20&biw=1600&bih=1200&oid=2&adxs=452&adys=5215&adks=289055637&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&scr_x=0&scr_y=0&psz=537x0&msz=537x0&ga_vid=1278589249.1645757339&ga_sid=1645757339&ga_hid=1632879046&ga_fc=true&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
b4c2e8507e2694c27fc2752d9e9b04dafb32d4801079a35c008b5eacaaa58746
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9034
x-xss-protection
0
google-lineitem-id
5562790932
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332681208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
t_.htm
t.sharethis.com/a/ Frame C21B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.858.22963&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6748295497764845&stid=ZGIABGIYQ5wAAAAJVZ0CAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.174.104 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-174-104.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

Content-Length
1160
Cache-Control
max-age=604800
Expires
Fri, 04 Mar 2022 02:49:00 GMT
Date
Fri, 25 Feb 2022 02:49:00 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Encoding
gzip
Content-Type
text/html
X-Robots-Tag
noindex, nofollow
U5D2RVqZ1PRjVXB30NjW_eGY8d3xtAEXQJvJ3b52R2Q.js
pagead2.googlesyndication.com/bg/ Frame C1DD 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U5D2RVqZ1PRjVXB30NjW_eGY8d3xtAEXQJvJ3b52R2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5390f6455a99d4f463557077d0d8d6fde198f1ddf1b40117409bc9ddbe764764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 04:08:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
81611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13821
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Feb 2023 04:08:49 GMT
lotame-sync.html
cdn-tc.33across.com/ Frame 64F0 		343 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-tc.33across.com/lotame-sync.html
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!a9etg89wet&dn=TC&cc=1&r=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.14.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
content-type
text/html
last-modified
Fri, 27 Aug 2021 20:58:45 GMT
vary
Accept-Encoding
etag
W/"61295205-157"
content-encoding
gzip
cf-cache-status
HIT
age
116890
expires
Mon, 28 Feb 2022 02:49:00 GMT
cache-control
public, max-age=259200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e2d9e343f138c09-EWR
27519
tags.bluekai.com/site/ Frame 66B1
Redirect Chain
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=1---&random=1645757340502.9&r=true
  • https://tags.bluekai.com/site/27519?id=118982117215969&ret=html&random=1645757340
71 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/27519?id=118982117215969&ret=html&random=1645757340
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!a9etg89wet&dn=TC&cc=1&r=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
about:blank

Response headers

Content-Type
text/html
Content-Length
71
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server
c0eb
Date
Fri, 25 Feb 2022 02:49:01 GMT
Connection
keep-alive

Redirect headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
400000000040080C
server
33XP004
location
https://tags.bluekai.com/site/27519?id=118982117215969&ret=html&random=1645757340
content-length
0
date
Fri, 25 Feb 2022 02:49:00 GMT
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=&_puuid=CoIKTGIYQ5yFY%2BEpFDI4Ag%3D%3D&us_privacy=1---&_rand=1645757340502.1
  • https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=&_puuid=CoIKTGIYQ5yFY%2BEpFDI4Ag%3D%3D&us_privacy=1---&_rand=1645757340502.1&_expected_cookie=02ade0c5e2fec8a0...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=&_puuid=CoIKTGIYQ5yFY%2BEpFDI4Ag%3D%3D&us_privacy=1---&_rand=1645757340502.1&_expected_cookie=02ade0c5e2fec8a0123abae08b6b8b04
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6e2d9e34cfef8cdc-EWR
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=&_puuid=CoIKTGIYQ5yFY%2BEpFDI4Ag%3D%3D&us_privacy=1---&_rand=1645757340502.1&_expected_cookie=02ade0c5e2fec8a0123abae08b6b8b04
date
Fri, 25 Feb 2022 02:49:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e342e158cdc-EWR
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
6237531769661368453
map.go.affec.tv/map/an/
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=CoIKTGIYQ5yFY%2BEpFDI4Ag%3D%3D&us_privacy=1---&ts=1645757340502.2
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D6218439cbea1e30001761ed0%26chc%3Dtt%26floc%3D%26redirect_url%3D
  • https://map.go.affec.tv/map/an/6237531769661368453?ch=6218439cbea1e30001761ed0&chc=tt&floc=&redirect_url=
0
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://map.go.affec.tv/map/an/6237531769661368453?ch=6218439cbea1e30001761ed0&chc=tt&floc=&redirect_url=
Protocol
H2
Server
13.225.230.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-112.jfk51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
via
1.1 4fe583422d0b309b9b1d4505e54b137c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
content-encoding
gzip
x-amz-cf-id
6vEHmCbG587DfruoJnjS2mRzNSyHPxcVUZYfjvNvb5dabMeulJUDoQ==
vary
Accept-Encoding
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
804fbb0d-6339-451c-ba25-d59592feeca3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://map.go.affec.tv/map/an/6237531769661368453?ch=6218439cbea1e30001761ed0&chc=tt&floc=&redirect_url=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch.gif
beacon.krxd.net/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKTGIYQ5yFY%2BEpFDI4Ag%3D%3D&us_privacy=1---&random=1645757340502.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKTGIYQ5yFY%2BEpFDI4Ag%3D%3D&us_privacy=1---&random=1645757340502.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsite...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=99c9dfe3-7960-4e03-b3d1-bfa17a067259%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=99c9dfe3-7960-4e03-b3d1-bfa17a067259%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&ttd_puid=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2Chttps%3A%2F%2Fusermatch.krxd.net%2Fu...
  • https://usermatch.krxd.net/um/v2?partner=tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1969&partner_device_id=Ors1sVLa&partner_url=https://beacon.krxd.net/usermatch.gif?partner%3Dtapad%26partner_uid%3D$%7BTA_DEVICE_ID%7D
  • https://beacon.krxd.net/usermatch.gif?partner=tapad&partner_uid=99c9dfe3-7960-4e03-b3d1-bfa17a067259
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=tapad&partner_uid=99c9dfe3-7960-4e03-b3d1-bfa17a067259
Protocol
H2
Server
35.172.145.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-145-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
cache-control
private, no-cache, no-store
x-request-time
D=71 t=1645757341
x-served-by
beacon-n008-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=tapad&partner_uid=99c9dfe3-7960-4e03-b3d1-bfa17a067259
date
Fri, 25 Feb 2022 02:49:01 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
match
cms-xch-chicago.33across.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/33across?us_privacy=1---&33random=1645757340502.4
  • https://match.prod.bidr.io/cookie-sync/33across?us_privacy=1---&33random=1645757340502.4&_bee_ppp=1
  • https://cms-xch.33across.com/match?bidder_id=85&external_user_id=AAB7gk7EMIcAAH15dBe-JQ
  • https://cms-xch-chicago.33across.com/match?bidder_id=85&external_user_id=AAB7gk7EMIcAAH15dBe-JQ
68 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=85&external_user_id=AAB7gk7EMIcAAH15dBe-JQ
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

location
https://cms-xch-chicago.33across.com:443/match?bidder_id=85&external_user_id=AAB7gk7EMIcAAH15dBe-JQ
date
Fri, 25 Feb 2022 02:49:01 GMT
server
awselb/2.0
content-length
134
content-type
text/html
z.png
spl.zeotap.com/ 		0
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/z.png?zdid=239&ctry=US&env=mWeb&eventType=pageview&zpb=w%21a9etg89wet&zpbcat=Entertainment&zcluid=CoIKTGIYQ5yFY%2BEpFDI4Ag%3D%3D&us_privacy=1---&ziid=1645757340502.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
cf-ray
6e2d9e3429c418b4-EWR
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
405716.gif
idsync.rlcdn.com/
Redirect Chain
  • https://dp2.33across.com/ps/?pid=1205&random=1645757340502.6&r=true
  • https://idsync.rlcdn.com/405716.gif?partner_uid=211593676261687
42 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/405716.gif?partner_uid=211593676261687
Protocol
H2
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:49:01 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
4000000000004000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://idsync.rlcdn.com/405716.gif?partner_uid=211593676261687
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
dpx
i.simpli.fi/ 		95 B
686 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=1---&33random=1645757340502.7&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.44.76.76 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
4c.4c.2ca9.ip4.static.sl-reverse.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
95
x-request-id
FtbnlP4EDvQUxe4fOMfB
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
mapuid
secure.adnxs.com/
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKTGIYQ5yFY%2BEpFDI4Ag%3D%3D&us_privacy=1---&random=1645757340502.10&r=true
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=77879352771725&seg_code=33x&random=1645757340
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/mapuid?t=2&member=1001&user=77879352771725&seg_code=33x&random=1645757340
Protocol
HTTP/1.1
Server
68.67.160.75 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
a60bf896-1a13-4f74-85d1-591f586787c1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
402044000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://secure.adnxs.com/mapuid?t=2&member=1001&user=77879352771725&seg_code=33x&random=1645757340
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
hbpix
idpix.media6degrees.com/orbserv/ 		43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idpix.media6degrees.com/orbserv/hbpix?pixId=46305&pcv=58&ptid=96&tpuv=01&tpu=CoIKTGIYQ5yFY%2BEpFDI4Ag%3D%3D&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:b4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6e2d9e3459fc8ce3-EWR
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
dpx
i.simpli.fi/ 		95 B
685 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=1---&33random=1645757340502.12&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.44.76.76 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
4c.4c.2ca9.ip4.static.sl-reverse.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
95
x-request-id
FtbnlP4YOf1ff2wfOMhB
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
test.html
widgets.outbrain.com/nanoWidget/externals/obUserFrame/ Frame BEA1 		2 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=f9aa7d49-234c-44ee-959a-dfcb03ef529f
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.69.74 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-69-74.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"1e015194a0e596827cb8971f884eb43c:1645734063.153325"
last-modified
Thu, 24 Feb 2022 19:19:38 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=14400
expires
Fri, 25 Feb 2022 06:49:00 GMT
date
Fri, 25 Feb 2022 02:49:00 GMT
content-length
686
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame B1FB 		416 B
714 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.69.74 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-69-74.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"c0311cf15c21ddda054005e92fad3f9e:1645734061.185869"
last-modified
Thu, 24 Feb 2022 19:19:38 GMT
server
AkamaiNetStorage
content-length
416
cache-control
max-age=14400
expires
Fri, 25 Feb 2022 06:49:00 GMT
date
Fri, 25 Feb 2022 02:49:00 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=e425071cb83ccd494093c7494c57b56b&pvId=e425071cb83ccd494093c7494c57b56b&sid=6155583&pid=34839&idx=0&wId=1155&pad=0&org=0&tm=1104&eT=0&cnsnt=1---&widgetWidth=537&widgetHeight=0&widgetX=452&widgetY=1437&wRV=2000614&pVis=0&lsd=f9aa7d49-234c-44ee-959a-dfcb03ef529f&eIdx=&ccpa=1---&cheq=1&rtt=359&oo=false&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:00 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
12fd05d62a53e185450096b9869a3d35
Content-Length
4
Expires
0
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 5A1C 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.69.74 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-69-74.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
08d4352bd02372945b0f136fc7e74fa16b7ce58917efbf32d14cb2b08117c58a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"8d611dcd9d3de6f32ae68d84276c5dc4:1642515311.284467"
last-modified
Tue, 18 Jan 2022 14:13:20 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=14400
expires
Fri, 25 Feb 2022 06:49:00 GMT
date
Fri, 25 Feb 2022 02:49:00 GMT
content-length
5828
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
streamFeed.js
widgets.outbrain.com/nanoWidget/2000614/module/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000614/module/streamFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.69.74 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-69-74.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f867f9dec1dd7c5e338e024001d9de4e7f25cbdb033358e0f11994d11ca472ad

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 15:29:35 GMT
server
AkamaiNetStorage
etag
"1a16baa6168301bc9278ee5c319cfa65:1645632062.188443"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13567
expires
Fri, 25 Feb 2022 06:49:00 GMT
get
odb.outbrain.com/utils/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=undefined&idx=1&rand=12923&key=NANOWDGT01&widgetJSId=SB_1&va=true&et=true&format=html&lsd=f9aa7d49-234c-44ee-959a-dfcb03ef529f&lsdt=1645757340802&pdobuid=0&t=ZTQyNTA3MWNiODNjY2Q0OTQwOTNjNzQ5NGM1N2I1NmI=&adblck=false&abwl=false&clss=YvbnAvM7U6HV5AuqerhjWJMk0xYsBTNxcuJZ0Zipadlb6NSTA14d92DyxmJL45u27yBA0iQr1CJXdAt4&px=271&py=1035&vpd=0&cw=160&activeTab=true&darkMode=false&settings=true&recs=true&version=2000614&sig=kALZuDUJ&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=1&ccpa=1---&ccpaStat=1&ogn=https%3A%2F%2Fwww.hawtcelebs.com%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.30.132 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ef8aaa51fcc731cbbbae6287786eda9b90a203875473d666f66a341897d208a5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
gzip
traffic-path
NYDC1, IAD, USA_EAST1
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-cache-hits
0
x-traceid
242a3c20a4627f890277ec41499506da
content-length
2942
x-served-by
cache-iad-kiad7000088-IAD
pragma
no-cache
x-timer
S1645757341.818694,VS0,VE45
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
container.html
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 180D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 25 Feb 2022 02:48:59 GMT
expires
Sat, 25 Feb 2023 02:48:59 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.13&b=1&r=hawtcelebs.com_300x250_desno300x250&sy=aaeaab77-6889-46a7-8f18-d0f35f11edfb&ts=96&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=300x250&mlbw=4g&mlcs=NaN&mltp=865488bb-8c8c-4b61-8ad6-a294019cea83&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:49:00 GMT
cf-cache-status
HIT
age
328899
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e346de78c8f-EWR
RRW_Evergreen_300x6002.jpg
s0.2mdn.net/sadbundle/2088215109561221120/images/ Frame CBE3 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2088215109561221120/images/RRW_Evergreen_300x6002.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
476b8bd92da4ab5f936b1dc45207430b16a89cda7fcd8eea5eae093bad3df518
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2088215109561221120/RRW_EVG_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 08:11:34 GMT
x-content-type-options
nosniff
age
412646
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81784
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 18:41:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Feb 2023 08:11:34 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4B53 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CK0OznEMYYvvmG8qTwNYPxbed6AOLv4iuZvG66fX_DsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQngAgCoAwGqBKQCT9DFOYtLygzLRx_pfXdY33t425XeCzybzsveLLVGXTPScgdvskFEPJb-T3uIBXhvzUdY0GXrO9vV67INfkAcIjvkrawovmxUOgmy8qWGGzSCiG02p8utvxOnDqvqYU36eTpYebg4anuA5hLkj8jQ9Pr_6bjVbqo0YA6O9gWF6lue0j5Yyn-O6z3RfkpOgaydNFSLrtel-Skny6PiWa6Tb3RX2l1A9kERgxF8wNn2LnGSVCM0u6WHdS_yiHiz66JeFYEFYllGElVyzLZFr7LVF38i_0zO_Uth0NVzkHcPt8-Ib4mvyT1okrmqbCi8pbA9GvypictJRXaHR3jV635Iau6urId6Syvncf904nebQ8Bz9BB97QVXDNAtm3g_yURZelYGs-AEAYAGx9i_vtOmrvFzoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0NjgwgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=9JGMkSS56oM&uach_m=[UACH]&cid=CAQSOwCNIrLM-IiPi4Q0YI1A9G3_tHpefO3eshYuaAU6HUFOL0-DTAj75ld9jNV7sCL4pCWEgZ-9MNs8Ljl5GAE
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
rtimp
g.algbid.app/ Frame 4B53 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.algbid.app/rtimp?sid=7c3130ae-95e5-11ec-ac1b-4eb6034c3f60&d=www.hawtcelebs.com&cr=rgn_gen11&gid=CAESELikZ1sbL1lwzq8LFReT2Fo&a=imp&p=YhhDnAAG83sE0AnKAAdbxUNqUm3_m2WZhuoQkQ&im=aEQn50XKH9wIU1OYRA6DDW5KdAoIGGJH1ALp_iJIhhMG6oo2-ofmDRUENkGzuCW-7xQZzuW9852Z9zBpoQw7aZ80PUB9FqHerjW_pIgkF_o60TAb7ZDKLvICnidsTZCN6W9B0zB3ola6QBz8B4mcFwX0NJs1mv4hk8LOQrqIvcUiZdOKn7GlzCEpR3w2aFtMJUqoQr-evev67HNhWnn34mzYA8f8_lNKGjzmM1AVZJ3csi9hHPNek79QtLY_CLy5HCjvVPmc2NmSQJLEDTA3iA
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
via
1.1 google
access-control-allow-headers
Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
expires
0
css
fonts.googleapis.com/ Frame 4B53 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 02:29:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Feb 2022 02:49:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Feb 2022 02:49:00 GMT
css
fonts.googleapis.com/ Frame 4B53 		1 KB
426 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Secular+One&display=swap
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
893fe88916b97ff128be77172f1d98584149f02521b87cf8a844585c192e3ac4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 02:26:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Feb 2022 02:49:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Feb 2022 02:49:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 4B53 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:46:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 4B53 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:45:17 GMT
l
www.google.com/ads/measurement/ Frame 4B53 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJRqfoJ6v0Mg5DjBz7GKIA7-1yWIK-RbrQhjOGPst09LCT5CJaexqtrCJePfkhf-WX8DJsdgMOUhfTFNuEbIL1c2drhw
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4B53 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 23:55:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96823
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Feb 2023 23:55:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4B53 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 02:49:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5527 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5527 		0
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3853938541929479&correlator=4253962531473469&output=ldjh&impl=fif&eid=31065287&vrg=2022021701&ptt=17&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C78fc47f5-82d9-4372-abb6-30fb7285583d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=530x100&prev_scp=ti%3D865488bb-8c8c-4b61-8ad6-a294019cea83%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D96&eri=1&cust_params=hb_domain%3Dhawtcelebs.com&cookie=ID%3D50a014306ce78c7e%3AT%3D1645757339%3AS%3DALNI_MZcaxinGW6ddiT1C2YI_LpSCXkWmA&bc=31&abxe=1&dt=1645757340973&lmt=1645757340&dlt=1645757338682&idt=362&frm=20&biw=1600&bih=1200&oid=2&adxs=452&adys=5215&adks=4189117246&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&scr_x=0&scr_y=0&psz=537x0&msz=537x0&ga_vid=1278589249.1645757339&ga_sid=1645757339&ga_hid=1632879046&ga_fc=true&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
52cb0579aa8d6cc463345ad546c476fe3cc5060cbf109e650374df9361b1fcfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11885
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ 		43 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.230.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-85.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5f5fafca53e303f739660340b7354ea21f79ccb6f80aed85f4110c941b6cfc9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 24 Feb 2022 23:24:06 GMT
via
1.1 2370a7eb0d75907a0fd422bb3f42bcb6.cloudfront.net (CloudFront)
last-modified
Wed, 23 Feb 2022 22:03:02 GMT
server
AmazonS3
age
12296
etag
"e8e52baa0cf6ccb764f317323674bacd"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-length
44180
x-amz-cf-id
nZfILzDMRJqwxOQEij7wttYTx251cRzwkMWx6hrylEPbHuZZqiqIeA==
/
t.dtscdn.com/widget/ 		0
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=51A01645757340B9D37ECAF08DCD9DE1&nid=0&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fwww.hawtcelebs.com%2F&r=
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.203.161.83 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb4.ny1.dtscdn.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:54:18 GMT
X-T
1.16
x-server
web15.ny1.dtscdn.com
Cache-Control
no-cache
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Expires
Fri, 25 Feb 2022 02:54:17 GMT
e
a.dtssrv.com/ 		21 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.dtssrv.com/e?i=51A01645757340B9D37ECAF08DCD9DE1
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb1b0fbd50893436b9f828e9f59889251ff1db3e1bea245eb7edbef92e782471

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8vrmNUPe74kUVCUHx0E5tXnOHqLytBiRhAp%2FiecWrGWx3guaGyGoEWaD9YjeYRYAG9YEZytebMxBbJjeWaEqTumZgYozu0%2FIp1qdmVeQSSowwI41dF1kgJSMrXESd7HSeBSsL8SaPDi8MA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
s-maxage=0
access-control-allow-credentials
true
cf-ray
6e2d9e3569b38cda-EWR
expires
Fri, 25 Feb 2022 04:49:01 GMT
/
spl.zeotap.com/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=51A01645757340B9D37ECAF08DCD9DE1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=279b1110fb6e7a95
0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=279b1110fb6e7a95
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e38c9a618b4-EWR
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=279b1110fb6e7a95
content-length
0
container.html
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2D54 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 25 Feb 2022 02:48:59 GMT
expires
Sat, 25 Feb 2023 02:48:59 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.05&b=1&r=hawtcelebs.com_160x600_hawt160&sy=aaeaab77-6889-46a7-8f18-d0f35f11edfb&ts=96&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=160x600&mlbw=4g&mlcs=NaN&mltp=865488bb-8c8c-4b61-8ad6-a294019cea83&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:49:01 GMT
cf-cache-status
HIT
age
328900
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e355fdc8c8f-EWR
sync.min.js
tags.crwdcntrl.net/lt/c/16311/ Frame 64F0 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by
Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.230.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-85.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5640e2177d8a24c6aef1d923c981591689205237b9c2fcba5215d10aa7bcf52e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn-tc.33across.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 25 Feb 2022 01:25:08 GMT
content-encoding
gzip
last-modified
Tue, 23 Nov 2021 20:35:46 GMT
server
AmazonS3
age
5034
etag
W/"01cacbace375528e9789d3b3ed3804c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 2370a7eb0d75907a0fd422bb3f42bcb6.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
qpWBoEkZlYYJ78notvhsMjNMsVfJa4tNM2KzBzUSSgplWN5QwYEXDQ==
ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.69.74 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-69-74.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
last-modified
Mon, 20 Dec 2021 10:37:08 GMT
server
AkamaiNetStorage
etag
"af7be0711fb1cf2f41bb793256c8f148:1639997225.362315"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13687
expires
Sun, 27 Mar 2022 02:49:01 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.69.74 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-69-74.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
last-modified
Mon, 20 Dec 2021 10:37:08 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1639997209.278109"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sun, 27 Mar 2022 02:49:01 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=3c8b3e73c4968db39c5cd0648b78a076&pvId=e425071cb83ccd494093c7494c57b56b&sid=6155583&pid=34839&idx=1&wId=102&pad=0&org=0&tm=1322&eT=0&cnsnt=1---&widgetWidth=160&widgetHeight=25&widgetX=272&widgetY=1035&wRV=2000614&pVis=0&lsd=f9aa7d49-234c-44ee-959a-dfcb03ef529f&eIdx=&ccpa=1---&rtt=211&oo=false&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
f5ba9d510d4004537d124c08fb91cd4a
Content-Length
4
Expires
0
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame B1FB 		610 B
907 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.69.74 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-69-74.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges
bytes
content-type
text/html
etag
"48053d50141031b1511dbd30f9a31288:1645734061.682594"
last-modified
Thu, 24 Feb 2022 19:19:38 GMT
server
AkamaiNetStorage
content-length
610
cache-control
max-age=14400
expires
Fri, 25 Feb 2022 06:49:01 GMT
date
Fri, 25 Feb 2022 02:49:01 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
RRW_Evergreen_300x6003.jpg
s0.2mdn.net/sadbundle/2088215109561221120/images/ Frame CBE3 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2088215109561221120/images/RRW_Evergreen_300x6003.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f69909b1bc1aa617b67bb7a6bfd779d73c290b15e6d8f7f03af5bcefdf19634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2088215109561221120/RRW_EVG_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 08:11:34 GMT
x-content-type-options
nosniff
age
412647
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72270
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 18:41:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Feb 2023 08:11:34 GMT
sync
pippio.com/api/ Frame 5A1C
Redirect Chain
  • https://idsync.rlcdn.com/420046.gif?partner_uid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
  • https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQEdkdndFeTFMMFktNm9pWWhuMmlNaW12eFRzODJoZXQ3Q0tiUjZNQmN6OWF4VjZqRi1lNjNpZVJ2T3B3bXRsejAQABoNCJ2H4ZAGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=8a9e7e204c7feaf3eb3f904b02031014efbc083454de85cf98bd4be009f5f128791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA4YTllN2UyMDRjN2ZlYWYzZWIzZjkwNGIwMjAzMTAxNGVmYmMwODM0NTRkZTg1Y2Y5OGJkNGJlMDA5ZjVmMTI4NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA4YTllN2UyMDRjN2ZlYWYzZWIzZjkwNGIwMjAzMTAxNGVmYmMwODM0NTRkZTg1Y2Y5OGJkNGJlMDA5ZjVmMTI4NzkxNDI2YjU0MTdkY2UyMRAAGgwInYfhkAYSBAgCEABCAEoA&goog...
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity
  • https://pippio.com/api/sync?pid=709973&it=1&iv=Ors1sVLa
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=709973&it=1&iv=Ors1sVLa
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:49:01 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

location
https://pippio.com/api/sync?pid=709973&it=1&iv=Ors1sVLa
date
Fri, 25 Feb 2022 02:49:01 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a014-ash-prod.krxd.net
29859
tags.bluekai.com/site/ Frame 5A1C 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29859?id=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&puid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&s=2&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=-zZOh2qE_czCLWu3mVLK&gdpr=0&us_privacy=1---
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=-zZOh2qE_czCLWu3mVLK&gdpr=0&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
db3dc003d8feb7550cc34620b3fa6b16
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
P3p
CP="We do not support P3P header."
Location
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=-zZOh2qE_czCLWu3mVLK&gdpr=0&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
130
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=6237531769661368453&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=6237531769661368453&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
9818e59b50ed75b0d4964bd733c11b2d
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
fbc46321-bc76-47c6-b4e1-20c3197fdb32
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=6237531769661368453&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 5A1C
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=133726&dpuuid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&gdpr=0&gdpr_pd=1&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&gdpr=0&gdpr_pd=1&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
15.254.13.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-254-13-75.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v025-091b42cd3.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
BelM15bKRS8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v025-06466d03b.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
zXVU0DuZTjU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&gdpr=0&gdpr_pd=1&gdpr_consent=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
set
sync-jp.im-apps.net/imid/ Frame 5A1C 		43 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-jp.im-apps.net/imid/set?cid=1000047&tid=obid&uid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.75.69.76 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-75-69-76.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
cache-control
no-cache
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
content-length
43
expires
Fri, 25 Feb 2022 02:49:00 GMT
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152
0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=ttd&uid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
29be251c1c97e27ec0ff0cba8dbcb9dc
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=ttd&uid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
usermatch.gif
beacon.krxd.net/ Frame 5A1C 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=outbrain&partner_uid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.145.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-145-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
cache-control
private, no-cache, no-store
x-request-time
D=47 t=1645757341
x-served-by
beacon-n031-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
g.pixel
aa.agkn.com/adscores/ Frame 5A1C 		43 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212295978&puid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:6a00:1a:609a:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
via
1.1 8844c3dbe820eac69f8ca9f1c7fb7402.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK51-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
naOX-DcvxLz-Zf-4t0tVW9FEbUApIVeOB9i57TzbY6Mg_Kixornxow==
expires
0
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=7f12fdf6-dbca-4e69-8ddc-f74474ff6005
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=7f12fdf6-dbca-4e69-8ddc-f74474ff6005
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
f8e2a6b77acdbc7f645f188fdee88251
Content-Length
0

Redirect headers

location
//sync.outbrain.com/cookie-sync?p=mediaforce&uid=7f12fdf6-dbca-4e69-8ddc-f74474ff6005
date
Fri, 25 Feb 2022 02:49:01 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Doutbrain%26bsw_param%3Dbf9fd540-38fe-45ee-94d0-583b2d0001...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=30076218-439d-4700-9dda-44f2b86092d3&expires=30&ssp=outbrain&bsw_param=bf9fd540-38fe-45ee-94d0-583b2d0001e1&gdpr=0&gdpr_consent=
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
0d524209c5c7fb3f12922cdf7a930278
Content-Length
0

Redirect headers

Location
//sync.outbrain.com/cookie-sync?p=bidswitch&uid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame 5A1C 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0%26uid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
467568
content-type
image/gif
expires
Fri, 25 Feb 2022 00:00:00 GMT
sync
sofia.trustx.org/ul_cb/ Frame 5A1C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPbZ5qW9mDmLNJ9E64puiYU&google_cver=1
  • https://sofia.trustx.org/sync?tp_id=1&tp_uid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&ssp_custom_data=
  • https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&ssp_custom_data=
43 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&ssp_custom_data=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
35.211.168.6 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
6.168.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Location
https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&ssp_custom_data=
Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7068473956751636630
0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7068473956751636630
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
f37b13f691acb00a37071e75d6f09001
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7068473956751636630
Date
Fri, 25 Feb 2022 02:49:01 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
ssps
px.powerlinks.com/user/sync/ Frame 5A1C 		0
0
/
ps.eyeota.net/match/bounce/ Frame 5A1C
Redirect Chain
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-251-31.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?bid=1mpn7m0&uid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Date
Fri, 25 Feb 2022 02:49:01 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
id.geistm.com/m/OB/ Frame 5A1C 		0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.geistm.com/m/OB/GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.216.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-216-235.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
x-powered-by
Express
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=outbrain
  • https://creativecdn.com/cm-notify?pi=outbrain&tc=1
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=pUAYEdLnUbTBvBavmqfc&pi=outbrain&tc=1
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=pUAYEdLnUbTBvBavmqfc&pi=outbrain&tc=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
36e49895f7fdbcd78cb537e083d52f71
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=pUAYEdLnUbTBvBavmqfc&pi=outbrain&tc=1
pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT, Fri, 25 Feb 2022 02:49:01 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L01TFFPO-27-11SK
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L01TFFPO-27-11SK
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
1de027b7add106673e885e0de87546de
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L01TFFPO-27-11SK
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
Expires
0
cookiesyncredir
bttrack.com/Pixel/ Frame 5A1C 		35 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/Pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbidtellect%26uid%3D%7Bglobalid%7D%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-ServerName
Track003-iad
Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:00 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
tpid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
sync.crwdcntrl.net/map/c=14516/tp=OBRN/ Frame 5A1C 		49 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-102.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.4.11
content-type
image/gif
content-length
49
expires
0
/
loadus.exelator.com/load/ Frame 5A1C
Redirect Chain
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&xl8blockcheck=1
  • https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-156-250.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Fri, 25 Feb 2022 02:49:01 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9ax...
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
0
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
1450c34da5df93806cc082af6e9ebc9f
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
348
Expires
Fri, 25 Feb 2022 02:49:01 GMT
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9...
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9...
  • https://sync.outbrain.com/cookie-sync?p=spotx&uid=7cb957e4-95e5-11ec-8924-154f9acf0203&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=spotx&uid=7cb957e4-95e5-11ec-8924-154f9acf0203&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
0d561c022d23bcfb11a1edba926346e3
Content-Length
0

Redirect headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Server
nginx
Location
https://sync.outbrain.com/cookie-sync?p=spotx&uid=7cb957e4-95e5-11ec-8924-154f9acf0203&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
239
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT&piggybackCookie=CAESEDKlDYCWUZf7SJLEiLdqqqM&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1D6054FD4F7741E7A2A9A9482C6BE4F4
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0%2...
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&uid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39
0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&uid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
21afc8a0ea8cccfae6737bcd7b6e3c4b
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&uid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39
date
Fri, 25 Feb 2022 02:38:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOp...
  • https://sync.outbrain.com/cookie-sync?p=openx&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&uid=fe252f6a-c861-4a6c-a5a4-cc8072a4b8cc
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=openx&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&uid=fe252f6a-c861-4a6c-a5a4-cc8072a4b8cc
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
d7610aef96314a5d29cba8de6b17fcf0
Content-Length
0

Redirect headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.outbrain.com/cookie-sync?p=openx&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&uid=fe252f6a-c861-4a6c-a5a4-cc8072a4b8cc
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=oath&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
5118863ab31f09d4fd228d76caac3c2a
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=oath&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
date
Fri, 25 Feb 2022 02:49:01 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://sync.hgrtb.com/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dmediaforce_custom%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0%26uid%3D%7BUSER_I...
  • https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&uid=c2550f1a-f263-4602-bee7-8a8fdb84d8b2
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&uid=c2550f1a-f263-4602-bee7-8a8fdb84d8b2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
7663b98f950adc9e237cd15d905a71aa
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&uid=c2550f1a-f263-4602-bee7-8a8fdb84d8b2
date
Fri, 25 Feb 2022 02:49:01 GMT
content-length
200
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0%0A
  • https://sync.outbrain.com/cookie-sync?p=emx&uid=6237531769661368453brt77721645757340509462a6&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
0
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=emx&uid=6237531769661368453brt77721645757340509462a6&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
8304ec8eb061f07bff943beb69a1c5d4
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=emx&uid=6237531769661368453brt77721645757340509462a6&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
date
Fri, 25 Feb 2022 02:49:00 GMT
content-length
0
content-type
text/html
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6...
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het...
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=69497fcd-ba32-4b2d-834f-7b33fea6ad08&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=69497fcd-ba32-4b2d-834f-7b33fea6ad08&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
8412485d0afa7c20dcab365eb9271ec1
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=69497fcd-ba32-4b2d-834f-7b33fea6ad08&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
date
Fri, 25 Feb 2022 02:49:01 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%24%7BUSER%7D%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6j...
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&zcc=1&cb=1645757341497
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=472131473
  • https://sync.1rx.io/usersync/tradedesk/7ab8afa3-6b9b-4d24-b1ff-11dd1b864152
  • https://sync.targeting.unrulymedia.com/csync/RX-6f4993e5-bce2-4471-87d3-66cd3254ac34-005?redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3DRX-6f4993e5-bce2-4471-87d3-66cd3254...
  • https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-6f4993e5-bce2-4471-87d3-66cd3254ac34-005&obUid=$D
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-6f4993e5-bce2-4471-87d3-66cd3254ac34-005&obUid=$D
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:02 GMT
Cache-Control
no-cache
X-TraceId
239f66dee660015388bf2b471271faa0
Content-Length
0

Redirect headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Server
Tengine
ETag
RX6f4993e5bce2447187d366cd3254ac34005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-6f4993e5-bce2-4471-87d3-66cd3254ac34-005&obUid=$D
Connection
keep-alive
Content-Type
text/html
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=f60fa51f&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
0
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=smaato&uid=f60fa51f&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
bec697b32abb98481e231d43af6652d3
Content-Length
0

Redirect headers

date
Fri, 25 Feb 2022 02:49:01 GMT
via
1.1 fb134201578e9706e0dd8abdab0f2abe.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK51-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=smaato&uid=f60fa51f&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
CI87odv3-hqjTtJURxcTZ3KDrZaRLwlBYQnLb2IttLSUQKF-1CgeTg==
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DGdvwEy1L0Y-6oi...
  • https://sync.outbrain.com/cookie-sync?p=smart&uid=1792352065511876935&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=smart&uid=1792352065511876935&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
8a11aa23fae3ce946643be9809ede508
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=smart&uid=1792352065511876935&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
date
Fri, 25 Feb 2022 02:49:01 GMT
content-length
0
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&redir=true
  • https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A&gdpr=0&gdpr_consent=
0
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
cce51d89c7a1a94e5ddd24eed5997972
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A&gdpr=0&gdpr_consent=
date
Fri, 25 Feb 2022 02:49:01 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
c.gif
c.bing.com/ Frame 5A1C 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?red3=MSOB_pd&uid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:00 GMT
etag
"6afd196a1d25d81:0"
last-modified
Fri, 18 Feb 2022 23:15:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DFE13402272B4C989AF3B152FD3CF362 Ref B: EWR311000108035 Ref C: 2022-02-25T02:49:01Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
cookie-sync
sync.outbrain.com/ Frame 5A1C
Redirect Chain
  • https://id.rlcdn.com/711945.gif?cparams=obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
  • https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
no-cache
X-TraceId
2bb727ad64d6db0e48eeb3df7e44dee6
Content-Length
0

Redirect headers

date
Fri, 25 Feb 2022 02:49:01 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 4E24 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Bw9lXw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
get
mv.outbrain.com/Multivac/api/ 		13 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=%20&settings=true&recs=true&widgetJSId=TF_6&key=NANOWDGT01&version=2000614&apv=false&sig=kALZuDUJ&format=html&rand=95370&lsd=f9aa7d49-234c-44ee-959a-dfcb03ef529f&lsdt=1645757340802&pdobuid=0&osLang=en-US&va=true&et=true&cmpStat=1&ccpa=1---&ccpaStat=1&scrW=1600&scrH=1200&t=ZTQyNTA3MWNiODNjY2Q0OTQwOTNjNzQ5NGM1N2I1NmI=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=1&lastCardIdx=0&fAB=no_abtest&clss=YvbnAvM7U6HV5AuqerhjWJMk0xYsBTNxcuJZ0Zipadlb6NSTA14d92DyxmJL45u27yBA0iQr1CJXdAt4&dpr=1&cw=537&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.hawtcelebs.com%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000614/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.30.132 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
769ca0a693816fda29a9e76c22f42477152cc225b52b3d428e24361edf576a92

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
gzip
traffic-path
NYDC1, IAD, USA_EAST1
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-cache-hits
0
x-traceid
c8c84faca58afd19743679f9facbbae3
content-length
2142
x-served-by
cache-iad-kiad7000088-IAD
pragma
no-cache
x-timer
S1645757341.075566,VS0,VE75
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9859 		668 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxjJ4b6-ATAB&v=APEucNUGST--5JYdefJ8egEYkFIkPzbe9lcPNL6KvAIS0mNNxjeCqDaTnnGteuXeZO9Noc-iGocr84FKm3Jj7P3aTX-5uLEXue9vJdU2GxSR1_2-94I-t70
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 25 Feb 2022 02:49:01 GMT
server
cafe
cache-control
private
content-length
304
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 180D 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BrZp1YBoXLczN_gTEGtPU9nzUSJsME0JLL15yDGrJC0hBX5xpj-7UAkzOuXv1Ms2RiDBPMVnh6kAMqptA1zheDNTQ2Mz7vUk1o7fUnQ4VpkwRc3fxBY92sNj1fays1gZkwhIqtH87ua5Fwf_j6KIg7bfLDTA&dbm_d=AKAmf-BanRCUOHy17irofWco61_p74hP9Z7yYyd5PuJeCxfG1LeCi41IvIfT206nb46PoyBvlb0vdQ6kyDOKVKuVEsItxC7FWOO7h8LirunQPiSDvKbPX141Rud72jgoHufBFnwbWcMdnvAFX3xnopS9H0NqcOunShXfrWAq3Cdldyo1fsVSw5QUWgF2cnlhVUwVnrb5Iepb5mlXLMcG3JuSEXvUmEOfoNpjOJ_BzLyiMZoOZH3ZZqrSK_gi17g7AkxnM4VU26Vtk0NIRLlUapTXkg43QvH-5-gimUxcRiyc9y5j5FM9mSFJFDA9jk0OKVy01mjJCKjL7fbTZsY4CayuurxyxFAgDDEv81HwVZGtCVcKQeduQttvhP86qwH-0ez39Xsb8ON47GVe2-dDRWGm2zvpBR9gulx7QAGCBdWQJY2Rl3QF1HcQCsU_2xTZMw-7WU49HBbigNJ7QnClULDZ5nNcAnH_QaMo2k3CCNAXqM7G0B8JPRJlX-HD_1CRPQpEgs5LEFehxTmWXmxBMA5VvbZ6OGFoyxdJsieeMeTpk6dALFU0dI2GVwlJ0xyou_PTruFH-i4941XuvGahLKCewrPx21X93SSLNAXsl14JJY3jr7dj32hRqyqLTsav0iXaq9wSmHgmrY7rOUTiA7YlsOw_bBbo--CtF9OtSUvCVMrCQAYIPC4fWVnCSYx_lfmlkyn52K-qzRjKPGyCJTaHRa4G4DW1kAu0bogKkL1SJgBIL89LGm69jS9eqc39NXbsnhaLv9BPxSBq6D90mRkc7lPa6sPeczHF14X7-vu11KYfFMJu5OGAklJV2iywH09hQJOHGfrQo0r0Dlq7ospQhahyEHpSB_SZ3E1i90wTpF14KfOVohw9_HQrI1Dl0iifrFruoXnbwIKOWW38ANOt4fSKIHQ47wSwnJLQZDGhv7eqWInfpruVIcSr3cajizypPhtdD6LbdWbKJ-ofWe8VMDH_BKUJh1Ieg8F7ktPjU57Y4auO4X6vteiN7L2eg8Sl6M6DxzjWWOOtvHbgGNOgybOagvvQnQz9FSFgJnXvlioEytFjC4glz355WdK4rfY1LzfODB4esTDug0d0mUsn8Rs0Z_lG7e_MmcZVTKv5RpZ080-EFaP80Dszs-knPcbzpa5w7nwWQ4ha4qLwbl-jq7rn59ihSyg53FcfXqYP964WWG3_Fg53lK2g_RMAjrBr868NGnKJ8sDxaNZFLwlG3YzVGdDklKLOxr-PWLsQb7Rj-z1pie98ZVLCuqeLgPQdLH60quom4bNnuZPJ1gFECllqqLgd-RY6a84lE0j_TTaMZAA-9nYCUr9PxFZcYJ41jac5YDSxEx0paCN85rIL2gOkKl9j2PpPDc6jxl7o92HysOU2voak83C45qKRE6uh-BiomAUuSzqCJzTbGcKZmiHMButUvFDsHS0lKiR0UHRTVUe3czLITqO6Mm9j7JI5Y9tVH7XRNpUBR48DmVrjbc3sco-0rdbyc5BUJPK-XBDSp17URYcsfzyb0lvdqpIpci174KNR_vLzZ1ilsuySKOXs6JLCwX14Ga4g8wQYih7Lf645wuUWw8YDsB3EA_EaY9c_3bII9tBXVt516XHZLxcFgp9SEkgx4-aq8-xg3X_kCHNcZMxH4uOmI8LQn8tAfGxcfmxdJwKrxjAinAD9DBKm_oSzm9jib0Cjctez-B6feN7UD8sbt9kO70lyDkzi1h_PB8ZWJ6JqbsA7TQ7ZwpqtKg8-MKs9zUU1wsz1Hf3dapbNcOzgA3vhnxMxapYVMQ7n1hiLg8XBgrWUzMSveg2bFKVYQvQLRGJtmFQMoGI5CXcP0Gjnw7d084GJwwWWaOFCOwOs9YwNGCvUZ1tCwXZYbjRRXV3fSSFWljoffJoMjoqPdo2aDAWoQmUIrPknpGsnpk_4tWGRGCP6tsYZ_PpFQMalM1dCy_SBSmPRSUyKZhCKIbAWuMGtH9hBBEqyFb20h0XdPIkMmQgcnA7QX7rOJ6FdylkaKHqFIUJMLylk9JreSCw7a5lTyLxNhFwrkadnSePOaPF9boxhTgK34IvdWm7ZEzM35TFZYYTNU_X2_Nh7VNTbWXo3gDSUt43LIuhT5N1ysvopM_8j8a7rTzPyJtx1r-Mok2bHDgDn7t4q3l93MxoK3vxEvdaE-ZpTfPqQ1xxkYo_MVoBtsVnFUFTzpj_Xp7oOFsqAV0aRDTGio_ms_DqR3_xjEhyFtZbfQeJ-Me6AhXytajCKzljzfeMCGGCwwJL2f8gPK4twBQj2rp0wv06Uu6xbFGbffQcjfNw6Dm4U1NRmvJBqHnJEDxKfzynFlCpg1DA6tmAuQ6ozG-RT1IrXc6cNVwYeLMCiXaSPxhheovZNDQne3bV8B0uyw1DY_mrYi6oAaEfEWFmz2VDoYX-WYhFyd6e6Epb6lKMPlI6ffr2UIlSbbN3eRjaPYxUsQQsBtiEaZGDpqJKKeESDmPXEIppFucdg_4_4HqB_p1Q_0IPukEZAmRaYYrccj2ah7LUvDJY2in2jYckIwHENvy4WUdPa5rdi1sY9uq-JbadE4b3cgYWpiidsVceL312yHHvY0ppz6lysoR7ep22vHMZrvHUf0Yd-TocD87jcQQmW1XXyNtAmnpYPXKHnxMJ0PslVS7CO2EN3mJzlqa1ahFt-ZEq3aY7gBYuShctSadkQccGsQsZ_QHcJhhRscEOsnp0H4oHk5F8KrwVqLZJAiNMD0DMOCko_-6rZv8LFTuPoNeLsQHfJK_DKTlUXTPrE7e_cXBbRk4p8BC2e8sFpPOPiGG2RAKgitWAurG7zg5AdyOIbwt1QdhANmUVU2-J4EreAmputN5yvfqwA1GzplAQRp38m-bY7dSgsyqIUUXyNwzPiD-2TyQUiRYhD29D-1dbl0hLbB1bM-GqFvKTsceozprrnVfH7B0lkyocDn9_Swa-YS2AbBJEZHkSrTPLD0SGP-pcb000FUTOojH1juLK3EtkHmE8-fJqxx4mnXC_EPkaPva_QYSIZpPWuDuYcedauVkDEbM1Y-TG_g8p7v30xKaZ7oOVEzT33SHY2dgMaUc0g1CyDnCc-AqfJFdib1it5Barq1KJlH3QlQ2VDA9QxvLyLdXcaLCccUansKXSX2VLvwggcOpXLiMHNOazoDbfpX0tqPHCXG_ppD32wNjQOHzidowrBjX5A0BpECXs1ekZcJc0n0AtcnE_BHYJFXw&cid=CAASEuRo7MOyahBENSbSYXn8soO9nw&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
263784c8820f2898fd08329c1d79455e3f002e3bcbc784a9c660820fd14b91fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 180D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CJZbmh9K2N3NGqTxR1ngQH0Mg-rJ7GY3BKUJYWvjHYp_2hn5QTvdZBhlikFa82bKX5c1fQmwB0jgr9NUE9MsaCXrZ3YEmVExfyEPLWjxCnwiXkwpM
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 180D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:46:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 180D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:45:17 GMT
l
www.google.com/ads/measurement/ Frame 180D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSjzEYd-xhrU6mMF7t9M8uv3ghmWmsIv9C4DVkWlVBEOe9Ly9QUkzvcSm8RdUrpIq2St9g1bhJ9CusWV4Bch2vZ-y2scg
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 180D 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 02:49:01 GMT
t_.js
t.sharethis.com/1.858.22963/a/US/ Frame 06FF 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1.858.22963/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.858.22963&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.174.104 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-174-104.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6dea75c27caf7f840cb8d3f2351fe63e64fdaa32e22c4558707d8e3c0aa40940
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.858.22963&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8803
Expires
Fri, 04 Mar 2022 02:49:01 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=3c8b3e73c4968db39c5cd0648b78a076&pvId=e425071cb83ccd494093c7494c57b56b&sid=6155583&pid=34839&idx=1&wId=102&pad=0&org=0&tm=1401&eT=3&cnsnt=1---&wRV=2000614&pVis=0&lsd=f9aa7d49-234c-44ee-959a-dfcb03ef529f&eIdx=0&oo=false&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
1e96048a38d0db4936699ceff4a48ad5
Content-Length
4
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E67D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 24 Feb 2022 19:21:13 GMT
expires
Fri, 25 Feb 2022 19:21:13 GMT
cache-control
public, max-age=86400
age
26868
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4B53 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26b5c05dbb5651b80ab891a5f3add9795c4849cd099b8810e4b43137765967f0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
8QINdiTajsj_87rMuMdKyqDiOOg.woff2
fonts.gstatic.com/s/secularone/v9/ Frame 4B53 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/secularone/v9/8QINdiTajsj_87rMuMdKyqDiOOg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Secular+One&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46989820a9b0643099415ba7b00bd0e2e48ba06142c0b5ab3035818c2b303e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 19:34:24 GMT
x-content-type-options
nosniff
age
112477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11256
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:10:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 19:34:24 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.230.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-85.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 25 Feb 2022 02:28:20 GMT
content-encoding
gzip
age
1242
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 23 Feb 2022 22:03:02 GMT
server
AmazonS3
etag
W/"6db43f44304c37d76768275ee4f01ba4"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
ctjBb7XSy-fRHa-nOxH9YBD_04dEoMxLPwuupRJy2oj84qDjwb5s-Q==
map
bcp.crwdcntrl.net/6/ Frame 64F0 		156 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-102.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
dfa24bf824da5e2c4415e7b7439bc3f0d05dbabdd2d80e78a2f1a7e7163a422e

Request headers

Referer
https://cdn-tc.33across.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://cdn-tc.33across.com
cache-control
no-cache
x-server
10.40.46.54
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
156
expires
0
RRW_Evergreen_300x6004.jpg
s0.2mdn.net/sadbundle/2088215109561221120/images/ Frame CBE3 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2088215109561221120/images/RRW_Evergreen_300x6004.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f3eef437b7ad64e0f392f0b35600e1224333ec88b1f8256687cc42aec74c523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2088215109561221120/RRW_EVG_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 08:11:34 GMT
x-content-type-options
nosniff
age
412647
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80180
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 18:41:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Feb 2023 08:11:34 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 4B53 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 14:35:30 GMT
x-content-type-options
nosniff
age
216811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Feb 2023 14:35:30 GMT
container.html
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 60E9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 25 Feb 2022 02:48:59 GMT
expires
Sat, 25 Feb 2023 02:48:59 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.02&b=1&r=hawtcelebs.com_native_multi_native_home_7&sy=aaeaab77-6889-46a7-8f18-d0f35f11edfb&ts=96&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=570x600&mlbw=4g&mlcs=NaN&mltp=865488bb-8c8c-4b61-8ad6-a294019cea83&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:49:01 GMT
cf-cache-status
HIT
age
328900
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e36ebcd8c8f-EWR
container.html
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5BD6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 25 Feb 2022 02:48:59 GMT
expires
Sat, 25 Feb 2023 02:48:59 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=2&r=hawtcelebs.com_responsive_h_archive-3&sy=aaeaab77-6889-46a7-8f18-d0f35f11edfb&ts=96&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=530x100&mlbw=4g&mlcs=NaN&mltp=865488bb-8c8c-4b61-8ad6-a294019cea83&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:49:01 GMT
cf-cache-status
HIT
age
328900
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e36fbf58c8f-EWR
radApi
edge.udmserve.net/ 		20 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.udmserve.net/radApi
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.120 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
underdogmedia.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Feb 2022 02:49:01 GMT
Content-Length
20
Content-Type
application/json
pixel
googleads.g.doubleclick.net/xbbe/ Frame EA1E 		668 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxit6L6-ATAB&v=APEucNUmui-boBxaEyS4YJyL_sAmrIduoUWs9wgHhgy79hXS3mEjuurA8u371FkhA_t8UKj8LXbiq8E5YVtSE6ov7Ift8nCTRGCj8qwMKKoLnd3ozu6x6oo
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 25 Feb 2022 02:49:01 GMT
server
cafe
cache-control
private
content-length
304
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 2D54 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfT9nLiro8ibywr8pw6ZBrw1t82Ka0d1GVcq88nrapWdRVYmKoKjjaa4tuJ_0MaO-CTt2nIFGAk22yOCdq8lPXvBChKHfoX9Bj2ph1eY8x4Asv6-Tgm47WcgxV-7mPSpWXusKE1cPtJSiUVp3A8enKeNgJng&dbm_d=AKAmf-A0Bwa2wIoDPkQomMziQVoEZVJxoJo9P4mBvHz-tjlAncyaU1wZpbRBU7fTEBAE6J8OChHvShzbTS24ApUIHoWa3CRd6TxJ6Akga0LJbTstZfZSUVOTrEgLCnvSedeyrTamNTZs3SWpldrxhk0q0Di8ZeX6hnCFOZ5p9QByJzKq4HyUIzeibYQRCiIx1AKi2B-Y0Z5jEWtRwBpoSQj3ZMvtQXv-1M4T8hMSr7JHsQRtvyyEKWrE4cM_wz-mD9qtkpHXAO7Vek0q6TnxN5QBsXu7Ub1hEHAi_0imxUDrq_BA8dgAxxyjEQ0f1ldbCnfr1tK9LnfL78LBWQovX3nKs55OIOZlZ9Sa7vpHKIY9v01HcOJe73yxtrXcGcWB2ZUpWoG72kAEL1XAdD1T4izZ_FOAAVM5Y2gB9ZumK5P00FhQDP3snwsCGG2wZBdHHVN0QRRx2oqguJBGhxrJUmjk9dhu-RIMHXQ8BsTEeWN3vLF1DH4yzcjbPxAT1w88o7P3jzhK86JShZQXzJGz10LVHdkKCJWzXK6RvlaXzYbmhs-eRxC1eqRUcPb3HYcspQQGXyT8Sk8DuFLfPK5w3ZJRZrWu9XXoV7qyyUhtG5Yktht6sf7Iuy_7GMVKex_SgDr2K8CrMlczWoX28e3IE3UFsHk9AFeR6r2GnuD0jc9TpsPFG-c3EiWPs3WSPRyijgBrhR4uF5M5ZG2xjESTGCTVwqFrYXdix5F-iKCXJJ9IWf-9D6lzon6vzLDAUEAlyk-GkPlBw_xPJjHZjEm3CHNCfAKCUoyMAuUx0RMVisOdaQTdYtZhmwhpI41osDlpUMduyVvN2pFQnC3923oqfch2lhT1pb9Q4CWCP1vGNOOHIM-qhAUl7cFW32CHw4EFcbo9adK0UBsylr2CrijhzwQ1vR55G0dK8HkeKux3YWXQx1mEO7ogNLzGDB0hXexIbL_smuRUq5L18UDkbrI5H0iO1oau1IK-MbdIgja4LBlIElLFvemQ1l-uUPwmTNinHsmcudTzzcL5Pukyovjfz30JmLpoJmBJRcmsHBK9rsGmt3ONyZLznVzRTSJf5WslJNlQ3BFZLXddeXqo9kDEGZ2YptYuqrLh1qL_cvcI0EwmmVxYZshZov8lmJWmKtRJMIcvC_HYdpsVMcRyCDugZRfXciWfJqZxiQlc-pPP6F7tfYZAaUGMCByM-QzZ3sdxcVEJiKCI4eX0M8zOtWQyrd3-WLgeb_y817BlNZaKpg0-oksl198PgX5EgiU9gUUnrvXpZcFu8sN1ZXdvJNJMqO-6S1d0G6qRoDALzfVuIWXUcCEdEB7UcHwmzvR36oJtCnbJVAAa_LyQfTKkom7UBQcZRktpjPCC8MdKxFLnSn39MdftmlT2f2KnBK2FZScdqDm6lZgDprNvVK8EFLnrrbYDxWLC9xlUrPEjHbKr0ukRmOxyb3NSXnASQ2UmpsI3RqvlqybwMu_k06luEJum_DCfxp_i9t8oCQzwmEu4PHa1uPtOncOQvU5vU3t2MvPhsCyQ_9zf3Vs0xSYLJ1Sh6ZV0TvaIRTAMtNZ-Qlb5Z0yatUc8o47j0BT8Hvl4SAJhn6AR_HXgcxKAJ8geJCsBKI530eeZmKxSW-HItcLmOr2c8OpcicxjMS21QdCLCxjvidQDaakh_QF-IFhwla9ITh0XkVh69wIvIoPvk-szKRqB2_JiDxZCkGGfB0RwpXPyXV7c6LKsRYxPboEyKIrUc5TUYG4gQSmuvCSDqqJqA9HxuuL17HY0jKVt5yPNLzu2LbxHDaJhlNMFnEOd1ELSmXRdAR7WpI-kMfkPaZvoYypmyaNrSbCqv6LrE1B-OBb9dRCCyEpfgRBzLda3RFvxpDpQDg_FPAlryFprK3Lxaj7Y_A6RQy8qwlNAyT5gme0dlIP8suudPPChElMLDnuDrb0Uhz093efLBWLvUGzxgQf84iSV6A0qhiuCs9QWW-6d-DeJj8b-rluhxXIPky9IrYoyOBUWH2dpCL0razRN3b-s0y7YMm_hZadwoEhPSByTnOXoYFGUnVwfZhTX1GYCLDAGqVJxgRukkpuF0gFvH2bP2eDFw8LBagN_EDpn2h7i7toHhIMpQ3WYx-85_CrGFDhQ2QN7uo7MlLzurvCFPoI9MxVtZSjObancw90bTod3txNx47rZFMxXC34nzkVlP6BbyZNkWBzH14V_zHYd9vELsduecobbaAs3tchbYacMJfyC3Rqs9cmQ0vJwVyg-dBgkzNBmZcny9kT-js10psVOHuynGBDXHAd4QSL7PGBZm10vQHuCDrBCtXO_RvkamiOy8kvVz6xQkn6o33-gvPUn66sJoiD8lS6IWBkHUJUIIOgtnqsgmFPV1D2du3VqMgkvx1G-s3dECp7V47tAcwuJaiIpLRyhCwJjjl0zXFdcMxv1gQNffkKw9QTEbb1lxbC65_v2S3NmlZcIQfu1Tg6IoLFehwmXv7aPx1YsvjuijGtgR1KaPHf6iy6LGj-MJqrPVp9LvXPjkWlbv8HUXUnG1kDcaVPb2gMrVxBKFoZrydwLEIh8a_AZwUxcbPSX0v4CW38YUp__Fb6hq4-56HSP7fZFMcmYFZLyG8L2vRztaThtTEcepJscajQidm_QmChQ5VZTl-ccTrIlNYzVTiUtyDuEso7ye7A3bBW2-j8NNPqSVlFCpirM-VDuO-CFngTUOkD_r2gz2CTJ6ixVPaY570pXRJ3ELR26TkZxbONuGBb0i3iCXTI9xVQB1UmsUPKv-Noi1iZAp8GkRMQHYrmS9YkL0WvhAS9J5buJW0ynP3jPKm4ULwLpluK4FRAoxxXLmEkycHDnVaxOaS7sVwJpfmZVdqi3cFl6sau-SibsZntAdjpmketd2KZ-ILDzqQ5w7FrSjHbONMWCKZ5UhcvJxtR7alnN1274FH4cVYUmtOknXFGbrHydPSEQdy9ibCGteXAi8gZ9QHsEyh22XVfp5oJntDX0q5mbWp5WwXMv0ujrSTmt96ShnP5EeJsw4lMYEK6qFwHvPzfdaYCYWf8KNkFAXK2u_xT8ytFnoU264kW0saDPq2UK7OmDNWJhKY_5e1WivRqGgWcF80Pk5gya3L60lZqOkuekSxsgrM53gB7yzwkylW1AiugMVrrxJYsDAh7VxCEXSGRVsW0MRtTNfgiC5JqElZe56m4JlJ2eP6UhsWdRcGE3&cid=CAASEuRowyBk4pgcZY0mE8s4ILD8RQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
057b46b923fe2c30b7bd7a95a6e4657ab35cbb65e0e29705de4c13083feb83de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35376
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D54 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dy9Jq2F46QkgZKhuqIzDxQyjjxSRByvNq47P1kTTJK1qdAKNDpwMjHLE75-1WrJhKy5oGGkJtaIia_GQFTx6Scd5lcCnaB2nK0dfN1vVKR3e4LF8E
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 2D54 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:46:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 2D54 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:45:17 GMT
l
www.google.com/ads/measurement/ Frame 2D54 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSY2rpD5h1Jx8M8U_Iw26tXV83IhI1gDrLwOiMBd4QIVmJY12xiTzbkCSYtcsdTTDbezd8P7SzrGYLeRs6cy3roci15Lg
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2D54 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 02:49:01 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/904480/59616675/ Frame 180D 		231 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/904480/59616675/skeleton.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.13.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-13-84.compute-1.amazonaws.com
Software
/
Resource Hash
e9a4a6c168c4fb144ff9ee620cac43878f8c6ba4df69ba01167210830fac9333

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 180D 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
Origin
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 17:56:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31925
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Feb 2022 17:56:56 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/ Frame 180D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BrZp1YBoXLczN_gTEGtPU9nzUSJsME0JLL15yDGrJC0hBX5xpj-7UAkzOuXv1Ms2RiDBPMVnh6kAMqptA1zheDNTQ2Mz7vUk1o7fUnQ4VpkwRc3fxBY92sNj1fays1gZkwhIqtH87ua5Fwf_j6KIg7bfLDTA&dbm_d=AKAmf-BanRCUOHy17irofWco61_p74hP9Z7yYyd5PuJeCxfG1LeCi41IvIfT206nb46PoyBvlb0vdQ6kyDOKVKuVEsItxC7FWOO7h8LirunQPiSDvKbPX141Rud72jgoHufBFnwbWcMdnvAFX3xnopS9H0NqcOunShXfrWAq3Cdldyo1fsVSw5QUWgF2cnlhVUwVnrb5Iepb5mlXLMcG3JuSEXvUmEOfoNpjOJ_BzLyiMZoOZH3ZZqrSK_gi17g7AkxnM4VU26Vtk0NIRLlUapTXkg43QvH-5-gimUxcRiyc9y5j5FM9mSFJFDA9jk0OKVy01mjJCKjL7fbTZsY4CayuurxyxFAgDDEv81HwVZGtCVcKQeduQttvhP86qwH-0ez39Xsb8ON47GVe2-dDRWGm2zvpBR9gulx7QAGCBdWQJY2Rl3QF1HcQCsU_2xTZMw-7WU49HBbigNJ7QnClULDZ5nNcAnH_QaMo2k3CCNAXqM7G0B8JPRJlX-HD_1CRPQpEgs5LEFehxTmWXmxBMA5VvbZ6OGFoyxdJsieeMeTpk6dALFU0dI2GVwlJ0xyou_PTruFH-i4941XuvGahLKCewrPx21X93SSLNAXsl14JJY3jr7dj32hRqyqLTsav0iXaq9wSmHgmrY7rOUTiA7YlsOw_bBbo--CtF9OtSUvCVMrCQAYIPC4fWVnCSYx_lfmlkyn52K-qzRjKPGyCJTaHRa4G4DW1kAu0bogKkL1SJgBIL89LGm69jS9eqc39NXbsnhaLv9BPxSBq6D90mRkc7lPa6sPeczHF14X7-vu11KYfFMJu5OGAklJV2iywH09hQJOHGfrQo0r0Dlq7ospQhahyEHpSB_SZ3E1i90wTpF14KfOVohw9_HQrI1Dl0iifrFruoXnbwIKOWW38ANOt4fSKIHQ47wSwnJLQZDGhv7eqWInfpruVIcSr3cajizypPhtdD6LbdWbKJ-ofWe8VMDH_BKUJh1Ieg8F7ktPjU57Y4auO4X6vteiN7L2eg8Sl6M6DxzjWWOOtvHbgGNOgybOagvvQnQz9FSFgJnXvlioEytFjC4glz355WdK4rfY1LzfODB4esTDug0d0mUsn8Rs0Z_lG7e_MmcZVTKv5RpZ080-EFaP80Dszs-knPcbzpa5w7nwWQ4ha4qLwbl-jq7rn59ihSyg53FcfXqYP964WWG3_Fg53lK2g_RMAjrBr868NGnKJ8sDxaNZFLwlG3YzVGdDklKLOxr-PWLsQb7Rj-z1pie98ZVLCuqeLgPQdLH60quom4bNnuZPJ1gFECllqqLgd-RY6a84lE0j_TTaMZAA-9nYCUr9PxFZcYJ41jac5YDSxEx0paCN85rIL2gOkKl9j2PpPDc6jxl7o92HysOU2voak83C45qKRE6uh-BiomAUuSzqCJzTbGcKZmiHMButUvFDsHS0lKiR0UHRTVUe3czLITqO6Mm9j7JI5Y9tVH7XRNpUBR48DmVrjbc3sco-0rdbyc5BUJPK-XBDSp17URYcsfzyb0lvdqpIpci174KNR_vLzZ1ilsuySKOXs6JLCwX14Ga4g8wQYih7Lf645wuUWw8YDsB3EA_EaY9c_3bII9tBXVt516XHZLxcFgp9SEkgx4-aq8-xg3X_kCHNcZMxH4uOmI8LQn8tAfGxcfmxdJwKrxjAinAD9DBKm_oSzm9jib0Cjctez-B6feN7UD8sbt9kO70lyDkzi1h_PB8ZWJ6JqbsA7TQ7ZwpqtKg8-MKs9zUU1wsz1Hf3dapbNcOzgA3vhnxMxapYVMQ7n1hiLg8XBgrWUzMSveg2bFKVYQvQLRGJtmFQMoGI5CXcP0Gjnw7d084GJwwWWaOFCOwOs9YwNGCvUZ1tCwXZYbjRRXV3fSSFWljoffJoMjoqPdo2aDAWoQmUIrPknpGsnpk_4tWGRGCP6tsYZ_PpFQMalM1dCy_SBSmPRSUyKZhCKIbAWuMGtH9hBBEqyFb20h0XdPIkMmQgcnA7QX7rOJ6FdylkaKHqFIUJMLylk9JreSCw7a5lTyLxNhFwrkadnSePOaPF9boxhTgK34IvdWm7ZEzM35TFZYYTNU_X2_Nh7VNTbWXo3gDSUt43LIuhT5N1ysvopM_8j8a7rTzPyJtx1r-Mok2bHDgDn7t4q3l93MxoK3vxEvdaE-ZpTfPqQ1xxkYo_MVoBtsVnFUFTzpj_Xp7oOFsqAV0aRDTGio_ms_DqR3_xjEhyFtZbfQeJ-Me6AhXytajCKzljzfeMCGGCwwJL2f8gPK4twBQj2rp0wv06Uu6xbFGbffQcjfNw6Dm4U1NRmvJBqHnJEDxKfzynFlCpg1DA6tmAuQ6ozG-RT1IrXc6cNVwYeLMCiXaSPxhheovZNDQne3bV8B0uyw1DY_mrYi6oAaEfEWFmz2VDoYX-WYhFyd6e6Epb6lKMPlI6ffr2UIlSbbN3eRjaPYxUsQQsBtiEaZGDpqJKKeESDmPXEIppFucdg_4_4HqB_p1Q_0IPukEZAmRaYYrccj2ah7LUvDJY2in2jYckIwHENvy4WUdPa5rdi1sY9uq-JbadE4b3cgYWpiidsVceL312yHHvY0ppz6lysoR7ep22vHMZrvHUf0Yd-TocD87jcQQmW1XXyNtAmnpYPXKHnxMJ0PslVS7CO2EN3mJzlqa1ahFt-ZEq3aY7gBYuShctSadkQccGsQsZ_QHcJhhRscEOsnp0H4oHk5F8KrwVqLZJAiNMD0DMOCko_-6rZv8LFTuPoNeLsQHfJK_DKTlUXTPrE7e_cXBbRk4p8BC2e8sFpPOPiGG2RAKgitWAurG7zg5AdyOIbwt1QdhANmUVU2-J4EreAmputN5yvfqwA1GzplAQRp38m-bY7dSgsyqIUUXyNwzPiD-2TyQUiRYhD29D-1dbl0hLbB1bM-GqFvKTsceozprrnVfH7B0lkyocDn9_Swa-YS2AbBJEZHkSrTPLD0SGP-pcb000FUTOojH1juLK3EtkHmE8-fJqxx4mnXC_EPkaPva_QYSIZpPWuDuYcedauVkDEbM1Y-TG_g8p7v30xKaZ7oOVEzT33SHY2dgMaUc0g1CyDnCc-AqfJFdib1it5Barq1KJlH3QlQ2VDA9QxvLyLdXcaLCccUansKXSX2VLvwggcOpXLiMHNOazoDbfpX0tqPHCXG_ppD32wNjQOHzidowrBjX5A0BpECXs1ekZcJc0n0AtcnE_BHYJFXw&cid=CAASEuRo7MOyahBENSbSYXn8soO9nw&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:44:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/ Frame 180D 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BrZp1YBoXLczN_gTEGtPU9nzUSJsME0JLL15yDGrJC0hBX5xpj-7UAkzOuXv1Ms2RiDBPMVnh6kAMqptA1zheDNTQ2Mz7vUk1o7fUnQ4VpkwRc3fxBY92sNj1fays1gZkwhIqtH87ua5Fwf_j6KIg7bfLDTA&dbm_d=AKAmf-BanRCUOHy17irofWco61_p74hP9Z7yYyd5PuJeCxfG1LeCi41IvIfT206nb46PoyBvlb0vdQ6kyDOKVKuVEsItxC7FWOO7h8LirunQPiSDvKbPX141Rud72jgoHufBFnwbWcMdnvAFX3xnopS9H0NqcOunShXfrWAq3Cdldyo1fsVSw5QUWgF2cnlhVUwVnrb5Iepb5mlXLMcG3JuSEXvUmEOfoNpjOJ_BzLyiMZoOZH3ZZqrSK_gi17g7AkxnM4VU26Vtk0NIRLlUapTXkg43QvH-5-gimUxcRiyc9y5j5FM9mSFJFDA9jk0OKVy01mjJCKjL7fbTZsY4CayuurxyxFAgDDEv81HwVZGtCVcKQeduQttvhP86qwH-0ez39Xsb8ON47GVe2-dDRWGm2zvpBR9gulx7QAGCBdWQJY2Rl3QF1HcQCsU_2xTZMw-7WU49HBbigNJ7QnClULDZ5nNcAnH_QaMo2k3CCNAXqM7G0B8JPRJlX-HD_1CRPQpEgs5LEFehxTmWXmxBMA5VvbZ6OGFoyxdJsieeMeTpk6dALFU0dI2GVwlJ0xyou_PTruFH-i4941XuvGahLKCewrPx21X93SSLNAXsl14JJY3jr7dj32hRqyqLTsav0iXaq9wSmHgmrY7rOUTiA7YlsOw_bBbo--CtF9OtSUvCVMrCQAYIPC4fWVnCSYx_lfmlkyn52K-qzRjKPGyCJTaHRa4G4DW1kAu0bogKkL1SJgBIL89LGm69jS9eqc39NXbsnhaLv9BPxSBq6D90mRkc7lPa6sPeczHF14X7-vu11KYfFMJu5OGAklJV2iywH09hQJOHGfrQo0r0Dlq7ospQhahyEHpSB_SZ3E1i90wTpF14KfOVohw9_HQrI1Dl0iifrFruoXnbwIKOWW38ANOt4fSKIHQ47wSwnJLQZDGhv7eqWInfpruVIcSr3cajizypPhtdD6LbdWbKJ-ofWe8VMDH_BKUJh1Ieg8F7ktPjU57Y4auO4X6vteiN7L2eg8Sl6M6DxzjWWOOtvHbgGNOgybOagvvQnQz9FSFgJnXvlioEytFjC4glz355WdK4rfY1LzfODB4esTDug0d0mUsn8Rs0Z_lG7e_MmcZVTKv5RpZ080-EFaP80Dszs-knPcbzpa5w7nwWQ4ha4qLwbl-jq7rn59ihSyg53FcfXqYP964WWG3_Fg53lK2g_RMAjrBr868NGnKJ8sDxaNZFLwlG3YzVGdDklKLOxr-PWLsQb7Rj-z1pie98ZVLCuqeLgPQdLH60quom4bNnuZPJ1gFECllqqLgd-RY6a84lE0j_TTaMZAA-9nYCUr9PxFZcYJ41jac5YDSxEx0paCN85rIL2gOkKl9j2PpPDc6jxl7o92HysOU2voak83C45qKRE6uh-BiomAUuSzqCJzTbGcKZmiHMButUvFDsHS0lKiR0UHRTVUe3czLITqO6Mm9j7JI5Y9tVH7XRNpUBR48DmVrjbc3sco-0rdbyc5BUJPK-XBDSp17URYcsfzyb0lvdqpIpci174KNR_vLzZ1ilsuySKOXs6JLCwX14Ga4g8wQYih7Lf645wuUWw8YDsB3EA_EaY9c_3bII9tBXVt516XHZLxcFgp9SEkgx4-aq8-xg3X_kCHNcZMxH4uOmI8LQn8tAfGxcfmxdJwKrxjAinAD9DBKm_oSzm9jib0Cjctez-B6feN7UD8sbt9kO70lyDkzi1h_PB8ZWJ6JqbsA7TQ7ZwpqtKg8-MKs9zUU1wsz1Hf3dapbNcOzgA3vhnxMxapYVMQ7n1hiLg8XBgrWUzMSveg2bFKVYQvQLRGJtmFQMoGI5CXcP0Gjnw7d084GJwwWWaOFCOwOs9YwNGCvUZ1tCwXZYbjRRXV3fSSFWljoffJoMjoqPdo2aDAWoQmUIrPknpGsnpk_4tWGRGCP6tsYZ_PpFQMalM1dCy_SBSmPRSUyKZhCKIbAWuMGtH9hBBEqyFb20h0XdPIkMmQgcnA7QX7rOJ6FdylkaKHqFIUJMLylk9JreSCw7a5lTyLxNhFwrkadnSePOaPF9boxhTgK34IvdWm7ZEzM35TFZYYTNU_X2_Nh7VNTbWXo3gDSUt43LIuhT5N1ysvopM_8j8a7rTzPyJtx1r-Mok2bHDgDn7t4q3l93MxoK3vxEvdaE-ZpTfPqQ1xxkYo_MVoBtsVnFUFTzpj_Xp7oOFsqAV0aRDTGio_ms_DqR3_xjEhyFtZbfQeJ-Me6AhXytajCKzljzfeMCGGCwwJL2f8gPK4twBQj2rp0wv06Uu6xbFGbffQcjfNw6Dm4U1NRmvJBqHnJEDxKfzynFlCpg1DA6tmAuQ6ozG-RT1IrXc6cNVwYeLMCiXaSPxhheovZNDQne3bV8B0uyw1DY_mrYi6oAaEfEWFmz2VDoYX-WYhFyd6e6Epb6lKMPlI6ffr2UIlSbbN3eRjaPYxUsQQsBtiEaZGDpqJKKeESDmPXEIppFucdg_4_4HqB_p1Q_0IPukEZAmRaYYrccj2ah7LUvDJY2in2jYckIwHENvy4WUdPa5rdi1sY9uq-JbadE4b3cgYWpiidsVceL312yHHvY0ppz6lysoR7ep22vHMZrvHUf0Yd-TocD87jcQQmW1XXyNtAmnpYPXKHnxMJ0PslVS7CO2EN3mJzlqa1ahFt-ZEq3aY7gBYuShctSadkQccGsQsZ_QHcJhhRscEOsnp0H4oHk5F8KrwVqLZJAiNMD0DMOCko_-6rZv8LFTuPoNeLsQHfJK_DKTlUXTPrE7e_cXBbRk4p8BC2e8sFpPOPiGG2RAKgitWAurG7zg5AdyOIbwt1QdhANmUVU2-J4EreAmputN5yvfqwA1GzplAQRp38m-bY7dSgsyqIUUXyNwzPiD-2TyQUiRYhD29D-1dbl0hLbB1bM-GqFvKTsceozprrnVfH7B0lkyocDn9_Swa-YS2AbBJEZHkSrTPLD0SGP-pcb000FUTOojH1juLK3EtkHmE8-fJqxx4mnXC_EPkaPva_QYSIZpPWuDuYcedauVkDEbM1Y-TG_g8p7v30xKaZ7oOVEzT33SHY2dgMaUc0g1CyDnCc-AqfJFdib1it5Barq1KJlH3QlQ2VDA9QxvLyLdXcaLCccUansKXSX2VLvwggcOpXLiMHNOazoDbfpX0tqPHCXG_ppD32wNjQOHzidowrBjX5A0BpECXs1ekZcJc0n0AtcnE_BHYJFXw&cid=CAASEuRo7MOyahBENSbSYXn8soO9nw&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87b3beae1d08bf029d04938bc1d76c7870d450fd75609a85dfafd761cd472047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9647
x-xss-protection
0
server
cafe
etag
6462939580093197770
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:46:03 GMT
data
bcp.crwdcntrl.net/6/ 		237 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-102.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
4480f1d4169526319c669c76e67c78cffcdbb3752ec0b458d3b21287d9899cf2

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache
x-server
10.40.5.149
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
237
expires
0
sd
us-u.openx.net/w/1.0/ Frame 9859
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIiquuE_leaGRlrV8tQbqo&google_cver=1&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIiquuE_leaGRlrV8tQbqo&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxjJ4b6-ATAB&v=APEucNUGST--5JYdefJ8egEYkFIkPzbe9lcPNL6KvAIS0mNNxjeCqDaTnnGteuXeZO9Noc-iGocr84FKm3Jj7P3aTX-5uLEXue9vJdU2GxSR1_2-94I-t70
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIiquuE_leaGRlrV8tQbqo&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9859
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI1YmQ1YTctN2VmOC0yOTM0LWQzMmItYzQ5NDAwZmRiMTg3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI1YmQ1YTctN2VmOC0yOTM0LWQzMmItYzQ5NDAwZmRiMTg3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxjJ4b6-ATAB&v=APEucNUGST--5JYdefJ8egEYkFIkPzbe9lcPNL6KvAIS0mNNxjeCqDaTnnGteuXeZO9Noc-iGocr84FKm3Jj7P3aTX-5uLEXue9vJdU2GxSR1_2-94I-t70
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI1YmQ1YTctN2VmOC0yOTM0LWQzMmItYzQ5NDAwZmRiMTg3
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 9859
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0
  • https://sync.teads.tv/um?eid=3&uid=CAESEOKx3JLeeKA5iURGcmwcVf4&google_cver=1&gdpr=0
23 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOKx3JLeeKA5iURGcmwcVf4&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxjJ4b6-ATAB&v=APEucNUGST--5JYdefJ8egEYkFIkPzbe9lcPNL6KvAIS0mNNxjeCqDaTnnGteuXeZO9Noc-iGocr84FKm3Jj7P3aTX-5uLEXue9vJdU2GxSR1_2-94I-t70
Protocol
H2
Server
23.200.197.46 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-197-46.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 25 Feb 2022 02:49:01 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEOKx3JLeeKA5iURGcmwcVf4&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9859
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjRlY2I1NDEtYjBiZS00MzIyLWIwZDgtNjhiOTU3YjVhNWY4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjRlY2I1NDEtYjBiZS00MzIyLWIwZDgtNjhiOTU3YjVhNWY4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxjJ4b6-ATAB&v=APEucNUGST--5JYdefJ8egEYkFIkPzbe9lcPNL6KvAIS0mNNxjeCqDaTnnGteuXeZO9Noc-iGocr84FKm3Jj7P3aTX-5uLEXue9vJdU2GxSR1_2-94I-t70
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
server
akka-http/10.2.7
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjRlY2I1NDEtYjBiZS00MzIyLWIwZDgtNjhiOTU3YjVhNWY4
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Fri, 25 Feb 2022 02:49:01 GMT
test_oracle
pd.sharethis.com/pd/ Frame 2997 		438 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/test_oracle
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.858.22963&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.135.27.102 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-27-102.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
b5e54483757344e3e1469f45085bcc3020ecc71d582814036e93f7c7c0004a8f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
438
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
application/javascript
ttd
sync.sharethis.com/ Frame 06FF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/ttd?uid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/ttd?uid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
3.15.117.250 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-117-250.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Date
Fri, 25 Feb 2022 02:49:01 GMT
Content-Length
42
Stid
ZGIABGIYQ5wAAAAJVZ0CAw==
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.sharethis.com/ttd?uid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
215
396846.gif
idsync.rlcdn.com/ Frame 06FF
Redirect Chain
  • https://idsync.rlcdn.com/386076.gif?partner_uid=ZGIABGIYQ5wAAAAJVZ0CAw%3D%3D&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=1bf2790b-7ac8-41f0-99b2-1edef3841e3f
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=1bf2790b-7ac8-41f0-99b2-1edef3841e3f
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:49:01 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=1bf2790b-7ac8-41f0-99b2-1edef3841e3f
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
eyeota
sync.sharethis.com/ Frame 06FF
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/eyeota?uid=2z1kG8sVWY0E9a8_OwliUHdl9_r3rRjBv9muxsTweptg&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/eyeota?uid=2z1kG8sVWY0E9a8_OwliUHdl9_r3rRjBv9muxsTweptg&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
3.15.117.250 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-117-250.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Date
Fri, 25 Feb 2022 02:49:01 GMT
Content-Length
42
Stid
ZGIABGIYQ5wAAAAJVZ0CAw==
Content-Type
image/gif

Redirect headers

Location
https://sync.sharethis.com/eyeota?uid=2z1kG8sVWY0E9a8_OwliUHdl9_r3rRjBv9muxsTweptg&gdpr=0&gdpr_consent=
Date
Fri, 25 Feb 2022 02:49:01 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
m.gif
tag.crsspxl.com/ Frame 06FF
Redirect Chain
  • https://tag.crsspxl.com/c.gif?t=50173&r=https%3A%2F%2Fp.nexac.com%2Fe%2Fsr%2Fa-1625%2Fs-3300%2Fs-3300.xgi%3Fcb%3D%7BCPCB%7D
  • https://tag.crsspxl.com/c.gif?cc=1&t=50173&r=https%3A%2F%2Fp.nexac.com%2Fe%2Fsr%2Fa-1625%2Fs-3300%2Fs-3300.xgi%3Fcb%3D%7BCPCB%7D
  • https://sync.sharethis.com/crosspixel?uid=7426497872870003229&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3DCPX12%26google_cm%26cb%3D1645757341430
  • https://cm.g.doubleclick.net/pixel?google_nid=CPX12&google_cm&cb=1645757341430/ZGIABGIYQ5wAAAAJVZ0CAw==
  • https://tag.crsspxl.com/m.gif?id=&cb=1645757341430/ZGIABGIYQ5wAAAAJVZ0CAw==&google_gid=CAESEDKGmA3fF-HoH7x1-7t8y2Q&google_cver=1
43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.crsspxl.com/m.gif?id=&cb=1645757341430/ZGIABGIYQ5wAAAAJVZ0CAw==&google_gid=CAESEDKGmA3fF-HoH7x1-7t8y2Q&google_cver=1
Protocol
HTTP/1.1
Server
34.232.140.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-140-51.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:01 GMT
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://tag.crsspxl.com/m.gif?id=&cb=1645757341430/ZGIABGIYQ5wAAAAJVZ0CAw==&google_gid=CAESEDKGmA3fF-HoH7x1-7t8y2Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csync.ashx
ml314.com/ Frame 06FF
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGIABGIYQ5wAAAAJVZ0CAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3625379462841368613
  • https://ml314.com/csync.ashx?fp=f0d7c2ae351f02d8b586e3161b8b7ab9d3277b1ba7eb45aad44b97aa83f1e12cf4cb09cee1a4f8eb&person_id=3625379462841368613&eid=50082
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=f0d7c2ae351f02d8b586e3161b8b7ab9d3277b1ba7eb45aad44b97aa83f1e12cf4cb09cee1a4f8eb&person_id=3625379462841368613&eid=50082
Protocol
HTTP/1.1
Server
34.235.23.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-23-231.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:00 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Fri, 25 Feb 2022 21:49:01 GMT

Redirect headers

date
Fri, 25 Feb 2022 02:49:01 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=f0d7c2ae351f02d8b586e3161b8b7ab9d3277b1ba7eb45aad44b97aa83f1e12cf4cb09cee1a4f8eb&person_id=3625379462841368613&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
oracle
sync.sharethis.com/ Frame 06FF
Redirect Chain
  • https://tags.bluekai.com/site/59574?id=ZGIABGIYQ5wAAAAJVZ0CAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
  • https://sync.sharethis.com/oracle?uid=hmISw1Ze999g3hCi&BK_SWAP_DEST=5957
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/oracle?uid=hmISw1Ze999g3hCi&BK_SWAP_DEST=5957
Protocol
HTTP/1.1
Server
3.15.117.250 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-117-250.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Date
Fri, 25 Feb 2022 02:49:01 GMT
Content-Length
42
Stid
ZGIABGIYQ5wAAAAJVZ0CAw==
Content-Type
image/gif

Redirect headers

Location
https://sync.sharethis.com/oracle?uid=hmISw1Ze999g3hCi&BK_SWAP_DEST=5957
Date
Fri, 25 Feb 2022 02:49:01 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
singleAnimationOnFeed.js
widgets.outbrain.com/nanoWidget/2000614/module/ 		503 B
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000614/module/singleAnimationOnFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.69.74 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-69-74.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
651fa87b8ab0da2e4d72b3a97116502b1d0256585e8c98d2d49e7022215a6ac2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
last-modified
Wed, 23 Feb 2022 15:29:35 GMT
server
AkamaiNetStorage
etag
"11a483e50171879a5e804858b52b913e:1645632057.797578"
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
503
expires
Fri, 25 Feb 2022 06:49:01 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=0f4b7ab3c6b3b7746cda8579ddceb494&pvId=e425071cb83ccd494093c7494c57b56b&sid=6155583&pid=34839&idx=3&wId=1096&pad=0&org=0&tm=1691&eT=0&cnsnt=1---&widgetWidth=537&widgetHeight=0&widgetX=452&widgetY=1437&tpcs=0&wRV=2000614&pVis=0&lsd=f9aa7d49-234c-44ee-959a-dfcb03ef529f&eIdx=&ccpa=1---&rtt=329&oo=false&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
8b3e762c6c7890e836758652573d17b9
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=c8a5799046a6fb73e01867a19168758b&pvId=e425071cb83ccd494093c7494c57b56b&sid=6155583&pid=34839&idx=4&wId=1096&pad=0&org=0&tm=1695&eT=0&cnsnt=1---&widgetWidth=537&widgetHeight=0&widgetX=452&widgetY=1437&wRV=2000614&pVis=0&lsd=f9aa7d49-234c-44ee-959a-dfcb03ef529f&eIdx=&ccpa=1---&rtt=329&oo=false&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
2feb94bd570dfae9869bf1e54b6c41c5
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=a4a49a7de101f20907270b05cc4bdc28&pvId=e425071cb83ccd494093c7494c57b56b&sid=6155583&pid=34839&idx=5&wId=1096&pad=0&org=0&tm=1696&eT=0&cnsnt=1---&widgetWidth=537&widgetHeight=0&widgetX=452&widgetY=1437&wRV=2000614&pVis=0&lsd=f9aa7d49-234c-44ee-959a-dfcb03ef529f&eIdx=&ccpa=1---&rtt=329&oo=false&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
cf83d1155f3c243e85c4db5a5f58e2a2
Content-Length
4
Expires
0
get
mv.outbrain.com/Multivac/api/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=undefined&settings=true&recs=true&widgetJSId=SB_1&key=NANOWDGT01&version=2000614&apv=false&sig=kALZuDUJ&format=html&rand=74488&lsd=f9aa7d49-234c-44ee-959a-dfcb03ef529f&lsdt=1645757340802&pdobuid=0&osLang=en-US&va=true&et=true&cmpStat=1&ccpa=1---&ccpaStat=1&scrW=1600&scrH=1200&t=ZTQyNTA3MWNiODNjY2Q0OTQwOTNjNzQ5NGM1N2I1NmI=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=5&lastCardIdx=0&fAB=no_abtest&clss=YvbnAvM7U6HV5AuqerhjWJMk0xYsBTNxcuJZ0Zipadlb6NSTA14d92DyxmJL45u27yBA0iQr1CJXdAt4&dpr=1&cw=160&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.hawtcelebs.com%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000614/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.30.132 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2aac9128011dfa99ac7de74f4488e50e7065d6b5502d88b8fd457a301c09defc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
gzip
traffic-path
NYDC1, IAD, USA_EAST1
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-cache-hits
0
x-traceid
f51abfe1516b8f6d2b45e7e675e69821
content-length
1721
x-served-by
cache-iad-kiad7000088-IAD
pragma
no-cache
x-timer
S1645757341.407728,VS0,VE49
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
RRW_Evergreen_300x600Text1.png
s0.2mdn.net/sadbundle/2088215109561221120/images/ Frame CBE3 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2088215109561221120/images/RRW_Evergreen_300x600Text1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb2aa20b06bfd0165c28aaca2544cecfab90b4ca313ae96a885a92985857b414
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2088215109561221120/RRW_EVG_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 08:11:34 GMT
x-content-type-options
nosniff
age
412647
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22867
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 18:41:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Feb 2023 08:11:34 GMT
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame C329 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.230.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-85.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

content-type
text/html
date
Fri, 25 Feb 2022 01:25:11 GMT
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
etag
W/"6fcf4f5197ab24c92d090f6ac8d87e01"
x-amz-server-side-encryption
AES256
cache-control
max-age: 86400
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 2370a7eb0d75907a0fd422bb3f42bcb6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
K2eGVkeFJ4O580-0x8rskLRBV4Io7othh7CK3bjTOwMTh2FTTB0_2g==
age
5031
activeview
pagead2.googlesyndication.com/pcs/ Frame 2CF6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsso4rZaM0G29dXPBOpqkcyalMkm7j8tcCib5X7Mb5lDgfvTdn2O9Nc1H4Jjvdh6eowsVMu4rK2SqbU4X2FPMmfqFA29_N9jN4IiKP8h1COynvGgV2M&sai=AMfl-YSUj5nTaM_BhB8MBg-SYyZ22LG1MbxdlAyHSY6U8n3VxPpHbwnM1eWUPC88LqZxRVEeBUtNwT97nYivCyXfeOy1W-rAGsv9sUbheZ6FgEDPkJpleZUqaQIoSkk&sig=Cg0ArKJSzFcBoUn8q48TEAE&cid=CAASEuRofWOBRWruTc8-eMuCv5viLw&id=lidar2&mcvt=1032&p=760,1029,1378,1329&mtos=0,0,1032,1032,1032&tos=0,0,1032,0,0&v=20220223&bin=7&avms=nio&bs=0,0&mc=0.71&if=1&app=0&itpl=20&adk=3161547873&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645757340137&rpt=230&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/904480/59616658/ Frame 2D54 		231 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/904480/59616658/skeleton.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.13.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-13-84.compute-1.amazonaws.com
Software
/
Resource Hash
5246c86891c9f4f25899166508bcc4ce4adeee9743904e7283435ce6e527cd13

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 2D54 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
Origin
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 17:56:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31925
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Feb 2022 17:56:56 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/ Frame 2D54 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfT9nLiro8ibywr8pw6ZBrw1t82Ka0d1GVcq88nrapWdRVYmKoKjjaa4tuJ_0MaO-CTt2nIFGAk22yOCdq8lPXvBChKHfoX9Bj2ph1eY8x4Asv6-Tgm47WcgxV-7mPSpWXusKE1cPtJSiUVp3A8enKeNgJng&dbm_d=AKAmf-A0Bwa2wIoDPkQomMziQVoEZVJxoJo9P4mBvHz-tjlAncyaU1wZpbRBU7fTEBAE6J8OChHvShzbTS24ApUIHoWa3CRd6TxJ6Akga0LJbTstZfZSUVOTrEgLCnvSedeyrTamNTZs3SWpldrxhk0q0Di8ZeX6hnCFOZ5p9QByJzKq4HyUIzeibYQRCiIx1AKi2B-Y0Z5jEWtRwBpoSQj3ZMvtQXv-1M4T8hMSr7JHsQRtvyyEKWrE4cM_wz-mD9qtkpHXAO7Vek0q6TnxN5QBsXu7Ub1hEHAi_0imxUDrq_BA8dgAxxyjEQ0f1ldbCnfr1tK9LnfL78LBWQovX3nKs55OIOZlZ9Sa7vpHKIY9v01HcOJe73yxtrXcGcWB2ZUpWoG72kAEL1XAdD1T4izZ_FOAAVM5Y2gB9ZumK5P00FhQDP3snwsCGG2wZBdHHVN0QRRx2oqguJBGhxrJUmjk9dhu-RIMHXQ8BsTEeWN3vLF1DH4yzcjbPxAT1w88o7P3jzhK86JShZQXzJGz10LVHdkKCJWzXK6RvlaXzYbmhs-eRxC1eqRUcPb3HYcspQQGXyT8Sk8DuFLfPK5w3ZJRZrWu9XXoV7qyyUhtG5Yktht6sf7Iuy_7GMVKex_SgDr2K8CrMlczWoX28e3IE3UFsHk9AFeR6r2GnuD0jc9TpsPFG-c3EiWPs3WSPRyijgBrhR4uF5M5ZG2xjESTGCTVwqFrYXdix5F-iKCXJJ9IWf-9D6lzon6vzLDAUEAlyk-GkPlBw_xPJjHZjEm3CHNCfAKCUoyMAuUx0RMVisOdaQTdYtZhmwhpI41osDlpUMduyVvN2pFQnC3923oqfch2lhT1pb9Q4CWCP1vGNOOHIM-qhAUl7cFW32CHw4EFcbo9adK0UBsylr2CrijhzwQ1vR55G0dK8HkeKux3YWXQx1mEO7ogNLzGDB0hXexIbL_smuRUq5L18UDkbrI5H0iO1oau1IK-MbdIgja4LBlIElLFvemQ1l-uUPwmTNinHsmcudTzzcL5Pukyovjfz30JmLpoJmBJRcmsHBK9rsGmt3ONyZLznVzRTSJf5WslJNlQ3BFZLXddeXqo9kDEGZ2YptYuqrLh1qL_cvcI0EwmmVxYZshZov8lmJWmKtRJMIcvC_HYdpsVMcRyCDugZRfXciWfJqZxiQlc-pPP6F7tfYZAaUGMCByM-QzZ3sdxcVEJiKCI4eX0M8zOtWQyrd3-WLgeb_y817BlNZaKpg0-oksl198PgX5EgiU9gUUnrvXpZcFu8sN1ZXdvJNJMqO-6S1d0G6qRoDALzfVuIWXUcCEdEB7UcHwmzvR36oJtCnbJVAAa_LyQfTKkom7UBQcZRktpjPCC8MdKxFLnSn39MdftmlT2f2KnBK2FZScdqDm6lZgDprNvVK8EFLnrrbYDxWLC9xlUrPEjHbKr0ukRmOxyb3NSXnASQ2UmpsI3RqvlqybwMu_k06luEJum_DCfxp_i9t8oCQzwmEu4PHa1uPtOncOQvU5vU3t2MvPhsCyQ_9zf3Vs0xSYLJ1Sh6ZV0TvaIRTAMtNZ-Qlb5Z0yatUc8o47j0BT8Hvl4SAJhn6AR_HXgcxKAJ8geJCsBKI530eeZmKxSW-HItcLmOr2c8OpcicxjMS21QdCLCxjvidQDaakh_QF-IFhwla9ITh0XkVh69wIvIoPvk-szKRqB2_JiDxZCkGGfB0RwpXPyXV7c6LKsRYxPboEyKIrUc5TUYG4gQSmuvCSDqqJqA9HxuuL17HY0jKVt5yPNLzu2LbxHDaJhlNMFnEOd1ELSmXRdAR7WpI-kMfkPaZvoYypmyaNrSbCqv6LrE1B-OBb9dRCCyEpfgRBzLda3RFvxpDpQDg_FPAlryFprK3Lxaj7Y_A6RQy8qwlNAyT5gme0dlIP8suudPPChElMLDnuDrb0Uhz093efLBWLvUGzxgQf84iSV6A0qhiuCs9QWW-6d-DeJj8b-rluhxXIPky9IrYoyOBUWH2dpCL0razRN3b-s0y7YMm_hZadwoEhPSByTnOXoYFGUnVwfZhTX1GYCLDAGqVJxgRukkpuF0gFvH2bP2eDFw8LBagN_EDpn2h7i7toHhIMpQ3WYx-85_CrGFDhQ2QN7uo7MlLzurvCFPoI9MxVtZSjObancw90bTod3txNx47rZFMxXC34nzkVlP6BbyZNkWBzH14V_zHYd9vELsduecobbaAs3tchbYacMJfyC3Rqs9cmQ0vJwVyg-dBgkzNBmZcny9kT-js10psVOHuynGBDXHAd4QSL7PGBZm10vQHuCDrBCtXO_RvkamiOy8kvVz6xQkn6o33-gvPUn66sJoiD8lS6IWBkHUJUIIOgtnqsgmFPV1D2du3VqMgkvx1G-s3dECp7V47tAcwuJaiIpLRyhCwJjjl0zXFdcMxv1gQNffkKw9QTEbb1lxbC65_v2S3NmlZcIQfu1Tg6IoLFehwmXv7aPx1YsvjuijGtgR1KaPHf6iy6LGj-MJqrPVp9LvXPjkWlbv8HUXUnG1kDcaVPb2gMrVxBKFoZrydwLEIh8a_AZwUxcbPSX0v4CW38YUp__Fb6hq4-56HSP7fZFMcmYFZLyG8L2vRztaThtTEcepJscajQidm_QmChQ5VZTl-ccTrIlNYzVTiUtyDuEso7ye7A3bBW2-j8NNPqSVlFCpirM-VDuO-CFngTUOkD_r2gz2CTJ6ixVPaY570pXRJ3ELR26TkZxbONuGBb0i3iCXTI9xVQB1UmsUPKv-Noi1iZAp8GkRMQHYrmS9YkL0WvhAS9J5buJW0ynP3jPKm4ULwLpluK4FRAoxxXLmEkycHDnVaxOaS7sVwJpfmZVdqi3cFl6sau-SibsZntAdjpmketd2KZ-ILDzqQ5w7FrSjHbONMWCKZ5UhcvJxtR7alnN1274FH4cVYUmtOknXFGbrHydPSEQdy9ibCGteXAi8gZ9QHsEyh22XVfp5oJntDX0q5mbWp5WwXMv0ujrSTmt96ShnP5EeJsw4lMYEK6qFwHvPzfdaYCYWf8KNkFAXK2u_xT8ytFnoU264kW0saDPq2UK7OmDNWJhKY_5e1WivRqGgWcF80Pk5gya3L60lZqOkuekSxsgrM53gB7yzwkylW1AiugMVrrxJYsDAh7VxCEXSGRVsW0MRtTNfgiC5JqElZe56m4JlJ2eP6UhsWdRcGE3&cid=CAASEuRowyBk4pgcZY0mE8s4ILD8RQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:44:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/ Frame 2D54 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfT9nLiro8ibywr8pw6ZBrw1t82Ka0d1GVcq88nrapWdRVYmKoKjjaa4tuJ_0MaO-CTt2nIFGAk22yOCdq8lPXvBChKHfoX9Bj2ph1eY8x4Asv6-Tgm47WcgxV-7mPSpWXusKE1cPtJSiUVp3A8enKeNgJng&dbm_d=AKAmf-A0Bwa2wIoDPkQomMziQVoEZVJxoJo9P4mBvHz-tjlAncyaU1wZpbRBU7fTEBAE6J8OChHvShzbTS24ApUIHoWa3CRd6TxJ6Akga0LJbTstZfZSUVOTrEgLCnvSedeyrTamNTZs3SWpldrxhk0q0Di8ZeX6hnCFOZ5p9QByJzKq4HyUIzeibYQRCiIx1AKi2B-Y0Z5jEWtRwBpoSQj3ZMvtQXv-1M4T8hMSr7JHsQRtvyyEKWrE4cM_wz-mD9qtkpHXAO7Vek0q6TnxN5QBsXu7Ub1hEHAi_0imxUDrq_BA8dgAxxyjEQ0f1ldbCnfr1tK9LnfL78LBWQovX3nKs55OIOZlZ9Sa7vpHKIY9v01HcOJe73yxtrXcGcWB2ZUpWoG72kAEL1XAdD1T4izZ_FOAAVM5Y2gB9ZumK5P00FhQDP3snwsCGG2wZBdHHVN0QRRx2oqguJBGhxrJUmjk9dhu-RIMHXQ8BsTEeWN3vLF1DH4yzcjbPxAT1w88o7P3jzhK86JShZQXzJGz10LVHdkKCJWzXK6RvlaXzYbmhs-eRxC1eqRUcPb3HYcspQQGXyT8Sk8DuFLfPK5w3ZJRZrWu9XXoV7qyyUhtG5Yktht6sf7Iuy_7GMVKex_SgDr2K8CrMlczWoX28e3IE3UFsHk9AFeR6r2GnuD0jc9TpsPFG-c3EiWPs3WSPRyijgBrhR4uF5M5ZG2xjESTGCTVwqFrYXdix5F-iKCXJJ9IWf-9D6lzon6vzLDAUEAlyk-GkPlBw_xPJjHZjEm3CHNCfAKCUoyMAuUx0RMVisOdaQTdYtZhmwhpI41osDlpUMduyVvN2pFQnC3923oqfch2lhT1pb9Q4CWCP1vGNOOHIM-qhAUl7cFW32CHw4EFcbo9adK0UBsylr2CrijhzwQ1vR55G0dK8HkeKux3YWXQx1mEO7ogNLzGDB0hXexIbL_smuRUq5L18UDkbrI5H0iO1oau1IK-MbdIgja4LBlIElLFvemQ1l-uUPwmTNinHsmcudTzzcL5Pukyovjfz30JmLpoJmBJRcmsHBK9rsGmt3ONyZLznVzRTSJf5WslJNlQ3BFZLXddeXqo9kDEGZ2YptYuqrLh1qL_cvcI0EwmmVxYZshZov8lmJWmKtRJMIcvC_HYdpsVMcRyCDugZRfXciWfJqZxiQlc-pPP6F7tfYZAaUGMCByM-QzZ3sdxcVEJiKCI4eX0M8zOtWQyrd3-WLgeb_y817BlNZaKpg0-oksl198PgX5EgiU9gUUnrvXpZcFu8sN1ZXdvJNJMqO-6S1d0G6qRoDALzfVuIWXUcCEdEB7UcHwmzvR36oJtCnbJVAAa_LyQfTKkom7UBQcZRktpjPCC8MdKxFLnSn39MdftmlT2f2KnBK2FZScdqDm6lZgDprNvVK8EFLnrrbYDxWLC9xlUrPEjHbKr0ukRmOxyb3NSXnASQ2UmpsI3RqvlqybwMu_k06luEJum_DCfxp_i9t8oCQzwmEu4PHa1uPtOncOQvU5vU3t2MvPhsCyQ_9zf3Vs0xSYLJ1Sh6ZV0TvaIRTAMtNZ-Qlb5Z0yatUc8o47j0BT8Hvl4SAJhn6AR_HXgcxKAJ8geJCsBKI530eeZmKxSW-HItcLmOr2c8OpcicxjMS21QdCLCxjvidQDaakh_QF-IFhwla9ITh0XkVh69wIvIoPvk-szKRqB2_JiDxZCkGGfB0RwpXPyXV7c6LKsRYxPboEyKIrUc5TUYG4gQSmuvCSDqqJqA9HxuuL17HY0jKVt5yPNLzu2LbxHDaJhlNMFnEOd1ELSmXRdAR7WpI-kMfkPaZvoYypmyaNrSbCqv6LrE1B-OBb9dRCCyEpfgRBzLda3RFvxpDpQDg_FPAlryFprK3Lxaj7Y_A6RQy8qwlNAyT5gme0dlIP8suudPPChElMLDnuDrb0Uhz093efLBWLvUGzxgQf84iSV6A0qhiuCs9QWW-6d-DeJj8b-rluhxXIPky9IrYoyOBUWH2dpCL0razRN3b-s0y7YMm_hZadwoEhPSByTnOXoYFGUnVwfZhTX1GYCLDAGqVJxgRukkpuF0gFvH2bP2eDFw8LBagN_EDpn2h7i7toHhIMpQ3WYx-85_CrGFDhQ2QN7uo7MlLzurvCFPoI9MxVtZSjObancw90bTod3txNx47rZFMxXC34nzkVlP6BbyZNkWBzH14V_zHYd9vELsduecobbaAs3tchbYacMJfyC3Rqs9cmQ0vJwVyg-dBgkzNBmZcny9kT-js10psVOHuynGBDXHAd4QSL7PGBZm10vQHuCDrBCtXO_RvkamiOy8kvVz6xQkn6o33-gvPUn66sJoiD8lS6IWBkHUJUIIOgtnqsgmFPV1D2du3VqMgkvx1G-s3dECp7V47tAcwuJaiIpLRyhCwJjjl0zXFdcMxv1gQNffkKw9QTEbb1lxbC65_v2S3NmlZcIQfu1Tg6IoLFehwmXv7aPx1YsvjuijGtgR1KaPHf6iy6LGj-MJqrPVp9LvXPjkWlbv8HUXUnG1kDcaVPb2gMrVxBKFoZrydwLEIh8a_AZwUxcbPSX0v4CW38YUp__Fb6hq4-56HSP7fZFMcmYFZLyG8L2vRztaThtTEcepJscajQidm_QmChQ5VZTl-ccTrIlNYzVTiUtyDuEso7ye7A3bBW2-j8NNPqSVlFCpirM-VDuO-CFngTUOkD_r2gz2CTJ6ixVPaY570pXRJ3ELR26TkZxbONuGBb0i3iCXTI9xVQB1UmsUPKv-Noi1iZAp8GkRMQHYrmS9YkL0WvhAS9J5buJW0ynP3jPKm4ULwLpluK4FRAoxxXLmEkycHDnVaxOaS7sVwJpfmZVdqi3cFl6sau-SibsZntAdjpmketd2KZ-ILDzqQ5w7FrSjHbONMWCKZ5UhcvJxtR7alnN1274FH4cVYUmtOknXFGbrHydPSEQdy9ibCGteXAi8gZ9QHsEyh22XVfp5oJntDX0q5mbWp5WwXMv0ujrSTmt96ShnP5EeJsw4lMYEK6qFwHvPzfdaYCYWf8KNkFAXK2u_xT8ytFnoU264kW0saDPq2UK7OmDNWJhKY_5e1WivRqGgWcF80Pk5gya3L60lZqOkuekSxsgrM53gB7yzwkylW1AiugMVrrxJYsDAh7VxCEXSGRVsW0MRtTNfgiC5JqElZe56m4JlJ2eP6UhsWdRcGE3&cid=CAASEuRowyBk4pgcZY0mE8s4ILD8RQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87b3beae1d08bf029d04938bc1d76c7870d450fd75609a85dfafd761cd472047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9647
x-xss-protection
0
server
cafe
etag
6462939580093197770
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:46:03 GMT
sd
us-u.openx.net/w/1.0/ Frame EA1E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIiquuE_leaGRlrV8tQbqo&google_cver=1&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIiquuE_leaGRlrV8tQbqo&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxit6L6-ATAB&v=APEucNUmui-boBxaEyS4YJyL_sAmrIduoUWs9wgHhgy79hXS3mEjuurA8u371FkhA_t8UKj8LXbiq8E5YVtSE6ov7Ift8nCTRGCj8qwMKKoLnd3ozu6x6oo
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIiquuE_leaGRlrV8tQbqo&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EA1E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI1YmQ1YTctN2VmOC0yOTM0LWQzMmItYzQ5NDAwZmRiMTg3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI1YmQ1YTctN2VmOC0yOTM0LWQzMmItYzQ5NDAwZmRiMTg3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxit6L6-ATAB&v=APEucNUmui-boBxaEyS4YJyL_sAmrIduoUWs9wgHhgy79hXS3mEjuurA8u371FkhA_t8UKj8LXbiq8E5YVtSE6ov7Ift8nCTRGCj8qwMKKoLnd3ozu6x6oo
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI1YmQ1YTctN2VmOC0yOTM0LWQzMmItYzQ5NDAwZmRiMTg3
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame EA1E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0
  • https://sync.teads.tv/um?eid=3&uid=CAESEOKx3JLeeKA5iURGcmwcVf4&google_cver=1&gdpr=0
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOKx3JLeeKA5iURGcmwcVf4&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxit6L6-ATAB&v=APEucNUmui-boBxaEyS4YJyL_sAmrIduoUWs9wgHhgy79hXS3mEjuurA8u371FkhA_t8UKj8LXbiq8E5YVtSE6ov7Ift8nCTRGCj8qwMKKoLnd3ozu6x6oo
Protocol
H2
Server
23.200.197.46 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-197-46.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 25 Feb 2022 02:49:01 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEOKx3JLeeKA5iURGcmwcVf4&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EA1E
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjRlYzQwN2QtYTk2Yy00NjM1LTllMDctYjZlNzRjNjNmMGNl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjRlYzQwN2QtYTk2Yy00NjM1LTllMDctYjZlNzRjNjNmMGNl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxit6L6-ATAB&v=APEucNUmui-boBxaEyS4YJyL_sAmrIduoUWs9wgHhgy79hXS3mEjuurA8u371FkhA_t8UKj8LXbiq8E5YVtSE6ov7Ift8nCTRGCj8qwMKKoLnd3ozu6x6oo
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
server
akka-http/10.2.7
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjRlYzQwN2QtYTk2Yy00NjM1LTllMDctYjZlNzRjNjNmMGNl
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Fri, 25 Feb 2022 02:49:01 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 60E9 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 23:55:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Feb 2023 23:55:17 GMT
css
fonts.googleapis.com/ Frame 60E9 		2 KB
448 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cardo:400,700&lang=en
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99102e527161666787f96e02feaaf9416de6b06d3fcea9635c500ef4662d238b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 02:49:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Feb 2022 02:49:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Feb 2022 02:49:01 GMT
15509668166230846236
tpc.googlesyndication.com/simgad/ Frame 60E9 		936 KB
936 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15509668166230846236?
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb8ae618006941b6b9f90f644b3fffa993586c2ceb817a5fab715a0a7b543c47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 14:03:17 GMT
x-content-type-options
nosniff
age
45944
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
958606
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 13:33:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 24 Feb 2023 14:03:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 60E9 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 02:49:01 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5BD6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2pfgnUMYYvqaAZS4jAa5hp2QCpyB77Bc0papqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0oAGs3f7oA8gBCeACAKgDAaoEogJP0CiGxNmDm-Q3BgDa9MSA8_cQ9njJI-PQKgpIV8vQYt83GbrdtuWgSd90EYYMN3uUcRR0cj5z6WkWg5FPg8YjtyzL3CDmwZnvu8r2-j_b65M4CUVGJ2U7ai7ywAF3BhEulvM_A233QJiH5emKRK8Ztm4LwVy92T0tmjVWe5nuQdkKZ9iCOFee85RlYGlj0ZC0O9zcxw5Tk2hLe_OW-QcYS3CawMERBCSvDQoXgw2qKIbYkI09TofyDDf_361R3aPdWQlRyuzHJTWfyFOqP_Fab0D9K7HkY8pRCTF5ArEisLwmltgxvwiIU0y1qJFS6oBjV-nFlkOHoHhzoPLeFHpqCDS0g5ULOV-S-z9wjuXJk6NoEAM6vHMWikn_F8TT2HG7UeAEAYAG9Yvlv-nKwfkXoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0NjgwgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=RavCX53EeTo&uach_m=[UACH]&cid=CAQSOwCNIrLMVdwSdWc5bFhwb9mXuX2pUzndCEMcpYvekfO_xySL2Mgd6nuI0CMjWuxXfHYX2Lekn7IgdhP2GAE
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
notify
rtb.va.us.criteo.com/google/auction/ Frame 5BD6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=UOe3Ed3ESJIEZOIinRcCAAAAehsU7mqCfbIQnEMYYqGg1lprDNqNQ0_gABI&wp=YhhDnQAATXoKwxwUAAdDOYl3wyDaalxuagroXw
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
server
Kestrel
server-processing-duration-in-ticks
234836
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.us.criteo.com/delivery/r/ Frame A32E 		109 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=YhhDnQAATXoKwxwUAAdDOYl3wyDaalxuagroXw&u=%7CQDj83vHWx0wXbtjzFAkzAL%2BuWMtKkp%2Fqh4uzMXc1cnI%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRK0-mK9eySrGdwSHSu897btvMBogid8AEIo2RE9h5UXo4MSYUWSbCD_Cy3hGzRL1RFaxQbQhKjVM4eA6w18k_IevvKblVS1NxBWjyYeGGBvW6nzxYfPWlAzNpJ-bMouWZgSCenxD0uAp8yQpRjfSvJvoJOKhENTiVfVlGrH-7Fjq9u1VD9rjusajBLCT26q-EUEj1DAg_PtPG-0nkR701huzeTQIYfLZEV_udPIJHzLhMLlEYRTzhT_sfQ2ytI4ERHaWbfLXW3uQVCwG8ak2zwOyoJc8S9JgMuL525ZISq0MWRqpbGWktD-uyKSFvWm9-eMGX0j6S3FjP8IEtzNLOxnNCZwy3tb13KeyVjh-3nqPpfxoluFf6vhFmMUIjNZExhYwWOIcKNzmioJAtz6sybiIlU5DEGS-A4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtA3vnUMYYvqaAZS4jAa5hp2QCpyB77Bc0papqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0oAGs3f7oA8gBCeACAKgDAaoEpQJP0CiGxNmDm-Q3BgDa9MSA8_cQ9njJI-PQKgpIV8vQYt83GbrdtuWgSd90EYYMN3uUcRR0cj5z6WkWg5FPg8YjtyzL3CDmwZnvu8r2-j_b65M4CUVGJ2U7ai7ywAF3BhEulvM_A233QJiH5emKRK8Ztm4LwVy92T0tmjVWe5nuQdkKZ9iCOFee85RlYGlj0ZC0O9zcxw5Tk2hLe_OW-QcYS3CawMERBCSvDQoXgw2qKIbYkI09TofyDDf_361R3aPdWQlRyuzHJTWfyFOqP_Fab0D9K7HkY8pRCTF5ArEisLwmltgxvwiIU0y1qJFS6oBjV-nFlkOHoHhzoPLeVnhKmp9GCpXIsDIeEEX5TVL1u6pGCMehTwmfQ_fhO9x6DuC7kuCKjeAEAYAG9Yvlv-nKwfkXoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0Njgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NhBVDM7qN07Uaeq5kubbf4NeJxA%26client%3Dca-pub-3831894559014614%26adurl%3D
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4d03c1f5e6992de9fcb07e22533b40366b45a89a0e3feaeecd3cbda06dafcf7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/

Response headers

date
Fri, 25 Feb 2022 02:49:00 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=T7l0u4jhpyfn17texkUgDeq2-RZW1yJDyTfxudItOzC4vSwRxByXcFXn_BianeW4lJtpfq5sT-_wtHvaTd93chCz-0LN7vg4Mcixf3Qm1BcOL8Qic4GAI1Au6243JXhpuiZwrZS_vaNI0prA9fZmRyrsyKiKkTnv_LOEsU5EACkLBfhoEbG8mH2veQDm7e-Jjsw5_bEFNFkCaTuj1YJtOBy5VzB0nCFG23jusxU0OxuWZMJlsxwmuDRaTUzwFV2K4aWCjKwrZ-P2Uzht"}], "max_age": 86400}
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
50765080
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 5BD6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:46:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A5C4 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 24 Feb 2022 19:21:13 GMT
expires
Fri, 25 Feb 2022 19:21:13 GMT
cache-control
public, max-age=86400
age
26868
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 5BD6 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:45:17 GMT
l
www.google.com/ads/measurement/ Frame 5BD6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkSRge0sbnowcI6jYWVQJAEACMFiQn001sNk6YXQfBCRZj5syjPbhkEImbRIDVoTvfrjrjmQ0T6snGVw_2ud9I_SfI3w
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5BD6 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 23:55:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Feb 2023 23:55:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5BD6 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 02:49:01 GMT
bk-coretag.js
tags.bkrtx.com/js/ Frame 2997 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.123.160.80 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-123-160-80.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 May 2021 19:14:21 GMT
Server
nginx/1.15.8
ETag
W/"60a8068d-cbc2"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Date
Fri, 25 Feb 2022 02:49:01 GMT
Connection
keep-alive
Content-Length
16078
Expires
Fri, 04 Mar 2022 02:49:01 GMT
4.js
static.adsafeprotected.com/ Frame 180D
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/904480/59616675/4.js?adContainerId=brand_safety_nUMYYtDkBZavNfvskNgJ&cbFunctionName=goog_wrapCb_nUMYYtDkBZavNfvskNgJ&true_pb=https%3A%2F%2Fstatic.adsafeprotect...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_nUMYYtDkBZavNfvskNgJ&cbFunctionName=goog_wrapCb_nUMYYtDkBZavNfvskNgJ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_3...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_nUMYYtDkBZavNfvskNgJ&cbFunctionName=goog_wrapCb_nUMYYtDkBZavNfvskNgJ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:21ec:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
p4D58djWyqdpee_b5TyWT62p_gIxYTQF
content-encoding
gzip
etag
W/"96e16e7453ae2e6952bc6d2a20ea29f7"
age
208620
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 15 Feb 2022 16:51:56 GMT
server
AmazonS3
date
Tue, 22 Feb 2022 16:52:02 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
ioURUYUG7ciiRXRJVLJYz4de99hmwBqimVXL_JEf-CUCsvzeHcOqYQ==

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
x-server-name
app02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_nUMYYtDkBZavNfvskNgJ&cbFunctionName=goog_wrapCb_nUMYYtDkBZavNfvskNgJ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame A14C 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 03:16:10 GMT
content-encoding
gzip
age
7774372
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
JFK51-C1
content-type
application/javascript
x-amz-cf-id
moIip1pIeiJYeOhGASgVmd0d8IAAQVyaKW55cZB6YlbKUf7WUiEfMQ==
RRW_Evergreen_300x600Text2.png
s0.2mdn.net/sadbundle/2088215109561221120/images/ Frame CBE3 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2088215109561221120/images/RRW_Evergreen_300x600Text2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
411b26fc8c8b012090d9bb1b588eea09222161f8970186de37af16fce1ab1bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2088215109561221120/RRW_EVG_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 08:11:34 GMT
x-content-type-options
nosniff
age
412647
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20437
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 18:41:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Feb 2023 08:11:34 GMT
dpixel
cms.quantserve.com/ Frame E67D 		35 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED7qV7sWXH1evBylkZRW1iM&google_cver=1&google_push=AYg5qPIK6Uw6BJ8z04fEgx3GcdTitTOrYzMCXMgaGp84Gqu9zlr3lKzRLDULN9rxmaamTDFqS7zW1W7BcMzP3wxI0svG22-V7A
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E67D
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGo44BA3rAYMuFlo7eK_BE4&google_cver=1&google_push=AYg5qPLSh4IlmNtpk07YtNb5N2MEy8MyjR2xkFavXuLN-z6vhwo5jDym1C9I13k1IAGZ3BCZE0l3B6zT6wBtZOSFambfacau8Z8
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1D6054FD4F7741E7A2A9A9482C6BE4F4&google_push=AYg5qPLSh4IlmNtpk07YtNb5N2MEy8MyjR2xkFavXuLN-z6vhwo5jDym1C9I13k1IAGZ3BCZE0l3B6zT6wBtZOS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1D6054FD4F7741E7A2A9A9482C6BE4F4&google_push=AYg5qPLSh4IlmNtpk07YtNb5N2MEy8MyjR2xkFavXuLN-z6vhwo5jDym1C9I13k1IAGZ3BCZE0l3B6zT6wBtZOSFambfacau8Z8
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 25 Feb 2022 02:49:01 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1D6054FD4F7741E7A2A9A9482C6BE4F4&google_push=AYg5qPLSh4IlmNtpk07YtNb5N2MEy8MyjR2xkFavXuLN-z6vhwo5jDym1C9I13k1IAGZ3BCZE0l3B6zT6wBtZOSFambfacau8Z8
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 24 Feb 2022 02:49:01 GMT
gg_pixel
sync.adaptv.advertising.com/ Frame E67D 		0
0
pixel
cm.g.doubleclick.net/ Frame E67D
Redirect Chain
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEGGbgp-RTISBwqpsFp3Q3nU&google_cver=1&google_push=AYg5qPJjtgHPkS6q3OsK6WgkF1lL4hfdcNDx5UnR1WWs4S5_X...
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEGGbgp-RTISBwqpsFp3Q3nU&google_cver=1&google_push=AYg5qPJjtgHPkS6q3OsK6WgkF1lL4hfdcNDx5UnR1WWs4S5_X...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AYg5qPJjtgHPkS6q3OsK6WgkF1lL4hfdcNDx5UnR1WWs4S5_X2LwUZIXuSu_N4ncqLMMNMutzmP-FoGbVFFSvyPS8Fi_Y9zA6Qs&google_hm=MDYwMzAwMDJfN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AYg5qPJjtgHPkS6q3OsK6WgkF1lL4hfdcNDx5UnR1WWs4S5_X2LwUZIXuSu_N4ncqLMMNMutzmP-FoGbVFFSvyPS8Fi_Y9zA6Qs&google_hm=MDYwMzAwMDJfNjIxODQzOWQ4YzUwZg%3D%3D
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 25 Feb 2022 02:49:01 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AYg5qPJjtgHPkS6q3OsK6WgkF1lL4hfdcNDx5UnR1WWs4S5_X2LwUZIXuSu_N4ncqLMMNMutzmP-FoGbVFFSvyPS8Fi_Y9zA6Qs&google_hm=MDYwMzAwMDJfNjIxODQzOWQ4YzUwZg%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame E67D
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEBlCa3LK7cbKUXWIafYEajo&c_param1=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
0
0
pixel
cm.g.doubleclick.net/ Frame E67D
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESECKpqUu_HaywLAqpL4oOPlM&google_cver=1&google_push=AYg5qPKShnz6K2YK_n1bjY16a_o5uC7_QA1vdsMozJHIVxdbBQEHppEkh7ZH_FfMq940czW0x8CvF...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPKShnz6K2YK_n1bjY16a_o5uC7_QA1vdsMozJHIVxdbBQEHppEkh7ZH_FfMq940czW0x8CvFX5EP_oTlp3HyKIP3Isywg&google_hm=WWhoRG5jQ281d...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPKShnz6K2YK_n1bjY16a_o5uC7_QA1vdsMozJHIVxdbBQEHppEkh7ZH_FfMq940czW0x8CvFX5EP_oTlp3HyKIP3Isywg&google_hm=WWhoRG5jQ281dVlBQUl3RHlwa0FBQUFB
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
10
Date
Fri, 25 Feb 2022 02:49:01 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESECKpqUu_HaywLAqpL4oOPlM&google_cver=1&google_push=AYg5qPKShnz6K2YK_n1bjY16a_o5uC7_QA1vdsMozJHIVxdbBQEHppEkh7ZH_FfMq940czW0x8CvFX5EP_oTlp3HyKIP3Isywg","cluster_id":10,"gdpr":false,"ipv4":"5.181.234.158","key":"YhhDncCo5uYAAIwDypkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40326"}
X-SO-Ads-Time
1
X-SO-Key
YhhDncCo5uYAAIwDypkAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40326
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPKShnz6K2YK_n1bjY16a_o5uC7_QA1vdsMozJHIVxdbBQEHppEkh7ZH_FfMq940czW0x8CvFX5EP_oTlp3HyKIP3Isywg&google_hm=WWhoRG5jQ281dVlBQUl3RHlwa0FBQUFB
Cache-Control
private
X-SO-HostName
a-ad40326.dc2p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
a-tgng40015.dc2p.scaleout.jp
X-SO-IP
5.181.234.158
pixel
cm.g.doubleclick.net/ Frame E67D
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEO1eXJriEImjccxt6MO2G94&google_cver=1&google_push=AYg5qPLDIkRv_6K9kijUK8rV1loBDPzJzzDMc-WPKf5mQMvLGcZFVVvbDtDs7iedtMaqph2jHKTy...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=fxL99tvKTmmN3PdEdP9gBQ==&no_redirect=1&google_push=AYg5qPLDIkRv_6K9kijUK8rV1loBDPzJzzDMc-WPKf5mQMvLGcZFVV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=fxL99tvKTmmN3PdEdP9gBQ==&no_redirect=1&google_push=AYg5qPLDIkRv_6K9kijUK8rV1loBDPzJzzDMc-WPKf5mQMvLGcZFVVvbDtDs7iedtMaqph2jHKTySiNVL1fQQXeCcpNbmvvo9Eia
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=fxL99tvKTmmN3PdEdP9gBQ==&no_redirect=1&google_push=AYg5qPLDIkRv_6K9kijUK8rV1loBDPzJzzDMc-WPKf5mQMvLGcZFVVvbDtDs7iedtMaqph2jHKTySiNVL1fQQXeCcpNbmvvo9Eia
date
Fri, 25 Feb 2022 02:49:01 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
attr
cm.g.doubleclick.net/pixel/ Frame E67D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IuXV-ZcNN8nSPbZli4AVJc7Au_u-lzLPjHnsIbCKII4MtzZQ7TKs00tykCrtiuq9VHx0JG9g
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rtimp
g.algbid.app/ Frame 4B53 		0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.algbid.app/rtimp?sid=7c3130ae-95e5-11ec-ac1b-4eb6034c3f60&d=www.hawtcelebs.com&cr=rgn_gen11&gid=CAESELikZ1sbL1lwzq8LFReT2Fo&a=imload&p=YhhDnAAG83sE0AnKAAdbxUNqUm3_m2WZhuoQkQ&r=1689429458&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
via
1.1 google
access-control-allow-headers
Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
expires
0
dt
dt.adsafeprotected.com/ Frame 180D 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=904480&asId=5c400c75-17ed-378a-4476-88378025a091&tv=%7Bc:5chsyY,pingTime:-3,time:93,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:300,h:0,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:94,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.0,am:sp,cc:0.0.300.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B87~0%5D,as:%5B87~300.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYpU5jB+11%7C12%7C13%7C14%7C151%7C152%7C153%7C1541%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i*.904480-59616675%7C1i1%7C1j1%7C1k%7C1l1%7C1l2%7C1m,idMap:1i*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
X-Server-Name
dt39.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 180D 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=904480&asId=5c400c75-17ed-378a-4476-88378025a091&tv=%7Bc:5chsz0,pingTime:-6,time:95,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:96,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.0,am:sp,cc:0.0.300.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B89~0%5D,as:%5B89~300.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYpU5jB+11%7C12%7C13%7C14%7C151%7C152%7C153%7C1541%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i*.904480-59616675%7C1i1%7C1j1%7C1k%7C1l1%7C1l2%7C1m,idMap:1i*,rmeas:1,rend:0,renddet:svg.us%7D&tpiLookup=ao:www.hawtcelebs.com*&br=c
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
X-Server-Name
dt35.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
/
px.vliplatform.com/tmo-v4/ 		0
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/tmo-v4/?e=rNKMRrtNrtl0zghRleNplRzdNwqBtraUY-Bqye-PYTM-awZA-MAAtTrZtBMPARmNKYUZTRzodtgxzNTAAARworrtkNgftzqu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7y7TWnHtUoBXpWygqaT1Earu0KXycqL6soBL3A7es9loGvKG6mIT7f7j9aDsQSSbMPXwoveTbQLoP1iXyP18qh5OHdQYssCDK7TvEGNX4ujo9JYacPebxXaxNyTarV8%2BMKjIkxHazgn%2FCbJjALC3Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e38faad8c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
/
px.vliplatform.com/tmo-v4/ 		0
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/tmo-v4/?e=rNKMRrtNrtl0zghRleNplRzdNqTTyYqUY-tYBr-PAtt-aaBY-tMZywayPMAUyRmNKYUZTRzodtgxzNTAAARworrtkNgftzqu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Q5Nkpje7QjEfuzthBG%2BMOoJ78l3ruKBSNdxuEXoFRVsr4tnbyT%2FbtuXDhGuID3L2qfZG0lq%2FuGXW%2FbWpPfH44HYmSht0CVS2SeGAqjbLCeJQqQqPw85dXObEILlKY6mgBPc2XN5gAi9%2B7TEVka%2BmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e38faaf8c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Feb 2022 02:49:01 GMT
hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y.html
s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/ Frame 8E6B 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90c8d20c1bb5bdaa36bb11c97802fc356f47880dc413ae6617955af506d625bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
5583
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 24 Feb 2022 11:47:30 GMT
expires
Fri, 25 Feb 2022 11:47:30 GMT
cache-control
public, max-age=86400
age
54091
last-modified
Tue, 25 Jan 2022 01:58:43 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 180D 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvjxwDPqln1Cjjzuw78JMRpBRonpE1COWx7h_OP9fpR4oAln1kMFev8xGLsTdew-XEhuZlWs3nuyRT1M7yeLhpwWhhSl7_7y7q__p_fWgC_sgyyZSVA-X4_1WTnBY5DXueHVNnjXXf8ruvDF7WsxmIrZULM6QruMjTiRrlLNrjSKNE0BPJEJxEIJqxBKRjjMD1a7cWiPZLblB6N1jj3Pm8OD49H5dJPR8V3rZ6wMSEIqxkHJElkbJPHQcUDfi2CGkrym_Qt1e0uFFXo2RsuCzrxE6qUxVOHuhEuX9Qh1rz8lGYJfin71C3A7fuHrjx3GiOHDolv5V6jtB_reZP8Kiqj3nZ_IVuN0qeNz_46jVl4AxaRy02MY0ShbSW6WLEs-uf4YqK3q5aA5HgD0XY7epC8wIaqmSf6G9RAVvdJLDcdonnn6tOH4zIqXeNICA7n1MKCHXBneOO6wQC0rScRZGti7OJspO6Bq4KoquzFCoFzcJ9u09LFCQdHevtUwy7oREXuoIBvkft-A0b7xl0MaPEUgG_-JFhheQDaGAEtO8wBQjv_7OIKD3JrjG3R0JIb4-vW9yyD9k17_4XEz2lYoJ73GVCjEPSwWmop0nlwpEpF37XdC0mFH-4tzQ7jfN51GlxHfhKuSH2NPw8qIllkZzoBIKq175RVM2jttTQRD7HNUSyLWMTqUihO5E-HPPMwYRv3wm2WRa0RAHIJveiuZYbq-gHmHW9O2daHeELhqZegGSHg8NOw1mXiC5L17gCfaEAGz2-zp2Is0T-3ILBpQu_E-wfQ7myjjl0FPbqRymvxGLRL9V5wtWeHYyKUAyGo9c_wMENwPPJP_W2c0371Qm6pFSpkF9W4qDZ91ju9WwZNmXFLAwnbu_OA9ULFvkonKRz5dSBs8eGI0b2csI8WARrECd5zJ1qagq8MN_3igOE506Y_3imbGtYdqgj0n_lKx4PoV3XCWmY_lJRbD_uWZDAU34BltQvMWFL8aJse5d8yvtrALHXs3o7CGg8dLt8IqHO-7wuxf2q3VUq-Vp3uuKshT6-UAvMjdEAz84tGDEz-YbzhvuNEbhidMT2IpPHRidkhARp9gSH8p4JbqeysL-ZbfPQNUUiTC5Sh1ui-sVq40Uat6XYu3fNlfcJr77NeQU06FFfFs9sfofGj-Z-UhhmexmUKPrTW9-Zeza-V4UwA2W6HJTpEeY80pp2x_vOzzGYIaWs4jEjPYgVbwLk3FM6J4pEEUUQ8uy9VY4xlzAZnyN0COlUH6rIrq66O1bzshC23XCGtRKqSUh_ZmQbV3jOgK2EBqdA3Wr_zcdX-u4-Yxi-T&sai=AMfl-YRrSVlpI1M0ThTu-H088ExH9IS-3SiHh0AQTWoBJdnsruaq1O8tHUrUaM8YcJUHMzEm0LYmkL3-xRIJZ7sDSeIRnKCHN8ABb87e5kW97QfS50Ddae6yBS8w6B7Gi46vEKasrNfRAADvcDYo4K2hI5Re398OdUtioBy1QikHNvUfacBOuwObtaQ&sig=Cg0ArKJSzD5wfxwmGXevEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=291&cbvp=1&cstd=289&cisv=r20220223.11243&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 25 Feb 2022 02:49:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
v1
p.tvpixel.com/com.snowplowanalytics.iglu/ Frame 180D 		43 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.tvpixel.com/com.snowplowanalytics.iglu/v1?schema=iglu:com.dataplusmath/display_impression/jsonschema/1-0-0&aid=hr-block-3b2605dc-5ccc-4a88-9436-5cddea1827c1&cb=401790807&pub_id=7166125&adv_id=9121585&adv_nm=&c_id=26947108&c_nm=&pl_id=324736738&pl_nm=&ad_id=517412820&ad_nm=165260629&width=&height=&u_id=&u_ip=&app_id=&app_nm=&dvc_typ=&dvc_id=&dvc_lat=&us_privacy=
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.89.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-89-215.compute-1.amazonaws.com
Software
akka-http/10.1.12 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
server
akka-http/10.1.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
43
vi-logo.svg
assets.vlitag.com/media/icon/ 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/media/icon/vi-logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1439052
cf-ray
6e2d9e3919a78cec-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:49 GMT
server
cloudflare
etag
W/"5dbbbcf1-2c34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
dt
dt.adsafeprotected.com/ Frame 180D 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=904480&asId=5c400c75-17ed-378a-4476-88378025a091&tv=%7Bc:5chszY,pingTime:-2,time:155,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:432,mdZ:511,beA:616,beZ:617,mfA:619,cmA:621,inA:621,inZ:625,prA:625,prZ:635,si:642,poA:643,poZ:664,cmZ:664,mfZ:664,loA:711,loZ:715,ltA:770,ltZ:771%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:300,h:0,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:155,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.0,am:sp,cc:0.0.300.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B148~0%5D,as:%5B148~300.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYpU5jB+11%7C12%7C13%7C14%7C151%7C152%7C153%7C1541%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i*.904480-59616675%7C1i1%7C1j1%7C1k%7C1l1%7C1l2%7C1m,idMap:1i*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,sinceFw:127,readyFired:false%7D&br=c
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
X-Server-Name
dt35.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
/
tag.vlitag.com/pbk/ 		738 B
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/pbk/?t=1645695160&d=78&z=390&divID=vi_78390_1&w=300&h=250
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1645695160/036e05035cbef88431e89138f2969605.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d11bf5cc02f893e5237c37c2716f2abfa60e35efb82365d185c078412409585c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Feb 2022 09:34:26 GMT
server
cloudflare
age
53283
cf-polished
origSize=740
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
6e2d9e394a3f8cec-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-bgj
minify
/
px.vliplatform.com/tmo-v4/ 		0
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/tmo-v4/?e=rNKMRrtNrtl0zghRleNplRzdNBBAYUqYU-eaww-PYet-qreP-MPtUyPtMeBYTRmNBaARzodtgxzNTAAARworrtkNgftzqu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7QZlt5Ds7WPk6NOxKlsrjAkT3uOI47eAYbrlj1uVlB4KVxOfv70OcBKUlgCQjGX9dPiPdyKz%2FGe%2F0lj3nserRE9Xw2FQ7MgIjoTStytV4YbJNcrpz4r3irjwA%2F3ox7lAWhnfq%2BUwkuYMeE2tTz3TA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e394b798c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 180D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 17:56:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
204725
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Feb 2023 17:56:56 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 761B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 24 Feb 2022 19:21:13 GMT
expires
Fri, 25 Feb 2022 19:21:13 GMT
cache-control
public, max-age=86400
age
26868
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 180D 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3facad7b835ccdaa4cbc049170426ef72d0d42fb306c771a188666adedb1c6d6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
RRW_Evergreen_300x600Text3.png
s0.2mdn.net/sadbundle/2088215109561221120/images/ Frame CBE3 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2088215109561221120/images/RRW_Evergreen_300x600Text3.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87cc521960c98ca00b8a9ad5408d876a1fe89b55cba2eb28ee70aa71800bc852
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2088215109561221120/RRW_EVG_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 08:11:34 GMT
x-content-type-options
nosniff
age
412647
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18284
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 18:41:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Feb 2023 08:11:34 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=dc94c78a4af2a82db81e4760f6d0c4ed&pvId=e425071cb83ccd494093c7494c57b56b&sid=6155583&pid=34839&idx=7&wId=1987&pad=0&org=0&tm=1988&eT=0&cnsnt=1---&widgetWidth=160&widgetHeight=0&widgetX=272&widgetY=1060&wRV=2000614&pVis=0&lsd=f9aa7d49-234c-44ee-959a-dfcb03ef529f&eIdx=&ccpa=1---&rtt=289&oo=false&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
2885e6e00e0cbe936e19a8e54469481d
Content-Length
4
Expires
0
4.js
static.adsafeprotected.com/ Frame 2D54
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/904480/59616658/4.js?adContainerId=brand_safety_nUMYYqmGE6CBoPMPysiz-A0&cbFunctionName=goog_wrapCb_nUMYYqmGE6CBoPMPysiz-A0&true_pb=https%3A%2F%2Fstatic.adsafep...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_nUMYYqmGE6CBoPMPysiz-A0&cbFunctionName=goog_wrapCb_nUMYYqmGE6CBoPMPysiz-A0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_nUMYYqmGE6CBoPMPysiz-A0&cbFunctionName=goog_wrapCb_nUMYYqmGE6CBoPMPysiz-A0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:21ec:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
p4D58djWyqdpee_b5TyWT62p_gIxYTQF
content-encoding
gzip
etag
W/"96e16e7453ae2e6952bc6d2a20ea29f7"
age
208620
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 15 Feb 2022 16:51:56 GMT
server
AmazonS3
date
Tue, 22 Feb 2022 16:52:02 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
UYBDV8NoxkzpdEHoBPvvKpzRYeD0Vq-ytQLggxMnOvR_gAKu-verow==

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
x-server-name
app01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_nUMYYqmGE6CBoPMPysiz-A0&cbFunctionName=goog_wrapCb_nUMYYqmGE6CBoPMPysiz-A0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame D526 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 03:16:10 GMT
content-encoding
gzip
age
7774372
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
JFK51-C1
content-type
application/javascript
x-amz-cf-id
9iOG6bZG12dG_DJGY3YxuXu3g6pdECt7ks5xZL1PBBDaW-KNzRlouQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame C1DD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BU5Eom0MYYqPLHpqAjAaBrb3AAwAAAAA4AeAEAg&bg=!np2lndnNAAas2QJZrNk7ACkAdvg8Woq5aj2kaTRcAwvNJv5df_SJ9GYcp8flej8rB2ZNPiCWkNOVYQIAAAJeUgAAAAdoAQeZAyOAtLzH6Xm9xj7uKeCCyAl50Z641eUeM5C0RZ9PQFvxDv_2GmreRRW9a-8YL-l2zmXLxjWPiLzgTvtagxUfn7Gg9pldtWi5zS3byNaAzFeoA5TVfEwi1RQFNcqk-42r1sWQacc5OQ1ALXeeXREiJPaR-4hemxQQclGiOJaDJ0xuQdRfaD_UW7tUN3vuxAhD1IQ_Cp_vWRmuJVcAQtiJTjmh9K909dZxZgkHRfr5djJhY5EQckB3-jH4J8EdqudKJbRwsCFcD9jaMMpSu5QCOiDeJCfYXBdH3ruweACPPQJtz7NXybsGM-PrvEAU8uPa-36_t74qZzbGAXEGE6xWgztkvxqj4cmxDozVf5V75OLANyMum9DooCqo18WFi5AI6RxXBB1BzsOcZhrsT1LoP7-qDCWHWKhgpNT6YH9DkW-jD5c-iYGjDEeERE8LNKI3DCscFK21rIWpxjpvZjkrQ5R0ZyempYQ3mweBNLtZQM5xyEvzzKfFdEtsL_EQLInqkdmeLxWfGIb5-fpy8W-tRoSIjf1Om-BeDLPvpZTMHJaQl6E0jz91Fyg79LhZtXRR7dmUnbJAqSnJ8kszNRi9XtHw-GFi3YtuMKYJropRmzMBivTnmcBXDEcEaNMhuXT6XPebCXUGd2x1A0-4Z7-zprt09ap_-YR0xCZN86vIMczOmzimlzlFrT3Pc9cP1zQ_ZNnqrT6nvRNJBBc27KoD7Oo8Pe9s6jV5v-tRuqf1o-RyIzk4-mphPA61IRbswVD5VUeQVy7iwWlk4vns1m9UGNnXvZ7CQIaEhQ5S5-N9fsTK0vIBbrZ7QVe3mJ-f3Ppj3R_a2KdLIP0g6Q_o5keISL9qjUxvRttzno790ZKgcRVpF8_T1KxQfU3Ed3zXOZvbNc76PVB8T-OwhGutIIO_6ChuG1HxX44jUBzIu6EvImhljkQdpzBzNOQj1_d2cW9S8X49qvDoTLq06GYBOiSrKw22w3ToEwp2GwcMsKKiKfCRRoKEDiF7Y-KiVX_F12b1dquJMRHURGrqgjAPySN1iZ9Ubs2tKGfqDbLCo8Bfm0u2ugrgow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 60E9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvB6KCOnlB5A84ELKL7mQoOMtCZc4iMoWnvQxm86-DBdW09LJ2c-hFx6H6NLThX4qWQ2iZ8GDsEkhR2_2ahdFncx3Sigu7bZ7P6RBkpNgFodN4unOTRdvC_oNh0YmZZ2GiSYEaScRHFq7r5uqim_7Ev0DIJM2KCjPARjd_zWxpnUgZswg-vX_xydZozETyiwYuuUbgQdrFTP9RDPKdgq7eDmFijL3JwOHt1jCsChd_wiE3riXNiW6e4Um7CtxVkWyjmHU-VN7RChn9Ns4zkdww2RlxO2TTa1_QWPELI2hzb8HjEQpUis2Dwg7W13S0GcxnnE5vIqBa6i1MHceOqQm7VtqBykJWi7wfczoP_9bSHR312g&sig=Cg0ArKJSzJejhgn625d1EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:49:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
wlp_gwjKBV1pqhv43IE.woff2
fonts.gstatic.com/s/cardo/v18/ Frame 60E9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cardo/v18/wlp_gwjKBV1pqhv43IE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cardo:400,700&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1346360729e77380edf8f17fa421b76452289ae1b5f4be290b19c4d204e9587
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 21:04:26 GMT
x-content-type-options
nosniff
age
107075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14880
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:30 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 21:04:26 GMT
wlpygwjKBV1pqhND-ZQW-WM.woff2
fonts.gstatic.com/s/cardo/v18/ Frame 60E9 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cardo/v18/wlpygwjKBV1pqhND-ZQW-WM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cardo:400,700&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 21:04:26 GMT
x-content-type-options
nosniff
age
107075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18852
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 21:04:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 60E9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVCwJM934oXg4n3YVK1S137A8in5ho2AYuoDfHecmAx9tI5yzPdQXgOeX5fKYw3V7JjaMREBXzznT6Y1-L7lVm0dw-tDY8ZtVkGVzCDQZ68jXp4y1mxuBarxTSdrhDbg0WWvRLFKiEBSe06ra6I9he4adQ0jy8et6o2s6rOA8h-_bjPA4XgXbj_iaRUiAf0x7H5ExzAyY2_nve_VszHV4dG2Wbrc9qDyZpLCkpHlSUS-EaIVx1p-qeaJs_TnAqV9SqBrjkxtCW2cIbNH5Q4Y82onPhr6pU-wcPRX07XG9noIWjS7BkXAqO6P7RBVuPVyxeKVFZnAHHsekUnDEHRpZh0RS43bG41Dw4R2EF0H6mgIDOoSbI&sig=Cg0ArKJSzFlBQJCzM-5HEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:49:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 25 Feb 2022 02:49:01 GMT
truncated
/ Frame 60E9 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8eeb516fff35cd38e387caaa02b71ccb530653e6a46b3bf9053d1cdf63b39be4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame 2D54 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=904480&asId=41c325b9-c60f-b543-be1b-add61f823207&tv=%7Bc:5chsCN,pingTime:-3,time:111,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:160,h:0,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:111,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.0,am:sp,cc:0.0.160.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B105~0%5D,as:%5B105~160.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYpU5n8+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j*.904480-59616658%7C1j1%7C1k%7C1l1%7C1l2%7C1m%7C1n%7C1o,idMap:1j*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
X-Server-Name
dt35.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 2D54 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=904480&asId=41c325b9-c60f-b543-be1b-add61f823207&tv=%7Bc:5chsCP,pingTime:-6,time:113,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:113,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.0,am:sp,cc:0.0.160.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B107~0%5D,as:%5B107~160.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYpU5n8+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j*.904480-59616658%7C1j1%7C1k%7C1l1%7C1l2%7C1m%7C1n%7C1o,idMap:1j*,rmeas:1,rend:0,renddet:svg.us%7D&tpiLookup=ao:www.hawtcelebs.com*&br=c
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
X-Server-Name
dt39.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img.html
s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/ Frame F8E8 		20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1be1de76b984abf298b3b55533b792aeb4476054db9ed3ffeff8c62cc990565
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
5843
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 24 Feb 2022 11:47:03 GMT
expires
Fri, 25 Feb 2022 11:47:03 GMT
cache-control
public, max-age=86400
age
54118
last-modified
Fri, 21 Jan 2022 21:31:24 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 2D54 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvC30Y9dfIVDfKq-UHBgz30zwU_7pQ9c5S1xuKAziCxuSVkPMOmHeC4q8DPoWTTYvTHH26JnVR1ZxTJ4ThLH9s0N7fvtcjlGXWUce9QphYvYOsY8LENKroQFj7Mh9mAihFKI7b_ccO9nvzosF9CR1810zvV_3exBKSs4thr1pPfW1s-CdOoghJ-XS4518HV2gpCu9LhZOefSnYGLU3qAQLAVzEvH9OdQ3Ndww30YsI1gq5AJ2uIzIfsm_G_mr8ltuNgJ5q9Muy_mZ3rWPuEJ3_geU_FUfOkW7Au_tmuFZ0Z-m8iyPN9GdQymrErNX3Xeq3TL8ogFKiZHSIgA5lRTnnFQrA7qzfcGtRt3U6epB3RqewsDoGoCOjzLw0VqmtEhGBAouEJKJi8fdNwe8ate96oA1nhAnC1jINkuL2slObZdyPwkBj5IfdABNbswIz7UDiB5Vl47MTZCV7m9HzigRBdYo587NpWBDjbL_jjkAET4JnkwVLZz7jiqYlXJfhsPPL-xMi6yE5CJA_69GqwrQPAj8mPGYCArHPLJUAqy-Idy_Bw-bXjLG9kwNZaCb-nxXpIEwseQUj4a2XZf2UHiU-tgAygfDHUf1iTYQmarXPaVXTqKBt8e1PngLsDehL8JMj1OqY7jfTgiidFU4gy9UaAxdzWigO7kWvwVRqC7dZYhq5nvbr-fsjErEGc2kOSN5VVLFfj46pQSzCNCpkwpdP1ssETIdgwM6iyfqoychxUE02gVp3caP8YbVO_lv289-VFgOGDT4Exy_Dr5qifkbIeKl6qKiIRcjhmdy-qrr2QFoVEwSu0DaxUAanI_nuW3hpuhT6uWElgS8Pw66oLfcWtEhb-JmUYXbjVNdJ3x3GtyKGyXTqCEw2VEw4V9UlTDjyrNyCG4Ic2gZ1KHS2lDnwIdUNMYPy5ktnXEZd56Xeh-1OoMltGYcASryxe2ErllkljlGuw1bx23vTq385hRfnbJlhfJ3ptbFP1tmNPRnUEvwYajMjzWH9Rts2LZFsX8gv2QY80_rO0uxWUsqrDme5hEtE0pVPiyV8exL6LmvxEiZi6NBYJPMth4MV8CdBA88jp_Dx6cw22jR0vYvXH3J0oiw8IimNxDBDT5m_mNTnvomE62J-gFxTKQxGk8kDLp1d3Jwfw21UcHT3Y9y1bCKX6_4CDEGaG-vVVbrcLa0XOpc_kQqsV7my7v6GwdxGWksFrT5yYHQvLszp1PYTwYA--hQiQJ-vbtKUa6P8Sq4KKTtQfw6lznLYwv0SW3iE4JrywlawHU3wYqfmiVLo-JLI4Vd_Uw_CDGYJZTM9&sai=AMfl-YRSol6lPDtuxHfjpDZvVtETx4aYQINCs3y0J80UMakXwuHnc-4h7jb3VqzEEtyW2y11Cxr6ClcZ0e7GKfG5RYz0i2AY6uBPgBBicFJnERFE6YBwe-q_nq_PeKQ2bm5S36JRo_ReMpLYN_gEld43g5nRzt2nZhRp7a020qu9kQGeWVh1MgYD18c&sig=Cg0ArKJSzGW21TlzLSt0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=382&cbvp=1&cstd=380&cisv=r20220223.51687&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 25 Feb 2022 02:49:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
v1
p.tvpixel.com/com.snowplowanalytics.iglu/ Frame 2D54 		43 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.tvpixel.com/com.snowplowanalytics.iglu/v1?schema=iglu:com.dataplusmath/display_impression/jsonschema/1-0-0&aid=hr-block-3b2605dc-5ccc-4a88-9436-5cddea1827c1&cb=1814425453&pub_id=7166125&adv_id=9121585&adv_nm=&c_id=26947108&c_nm=&pl_id=324518315&pl_nm=&ad_id=517413651&ad_nm=165184367&width=&height=&u_id=&u_ip=&app_id=&app_nm=&dvc_typ=&dvc_id=&dvc_lat=&us_privacy=
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.89.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-89-215.compute-1.amazonaws.com
Software
akka-http/10.1.12 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
server
akka-http/10.1.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
43
2981
tags.bluekai.com/site/ Frame AA34
Redirect Chain
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGIABGIYQ5wAAAAJVZ0CAw%3D%3D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.858.22963%26cid%3Dc010%26cl...
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=TnkwU3dCb1E5OTlUdU9DaQ%3D%3D
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEMTnHL2U-pGr6qGIXQZDMpU&google_cver=1
62 B
660 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEMTnHL2U-pGr6qGIXQZDMpU&google_cver=1
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
about:blank

Response headers

Content-Type
image/gif
Content-Length
62
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Pragma
no-cache
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control
max-age=0, no-cache, no-store
BK-Server
b1af
Date
Fri, 25 Feb 2022 02:49:02 GMT
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEMTnHL2U-pGr6qGIXQZDMpU&google_cver=1
date
Fri, 25 Feb 2022 02:49:01 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
296
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
privacy_small.svg
static.criteo.net/flash/icon/ Frame A32E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YhhDnQAATXoKwxwUAAdDOYl3wyDaalxuagroXw&u=%7CQDj83vHWx0wXbtjzFAkzAL%2BuWMtKkp%2Fqh4uzMXc1cnI%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRK0-mK9eySrGdwSHSu897btvMBogid8AEIo2RE9h5UXo4MSYUWSbCD_Cy3hGzRL1RFaxQbQhKjVM4eA6w18k_IevvKblVS1NxBWjyYeGGBvW6nzxYfPWlAzNpJ-bMouWZgSCenxD0uAp8yQpRjfSvJvoJOKhENTiVfVlGrH-7Fjq9u1VD9rjusajBLCT26q-EUEj1DAg_PtPG-0nkR701huzeTQIYfLZEV_udPIJHzLhMLlEYRTzhT_sfQ2ytI4ERHaWbfLXW3uQVCwG8ak2zwOyoJc8S9JgMuL525ZISq0MWRqpbGWktD-uyKSFvWm9-eMGX0j6S3FjP8IEtzNLOxnNCZwy3tb13KeyVjh-3nqPpfxoluFf6vhFmMUIjNZExhYwWOIcKNzmioJAtz6sybiIlU5DEGS-A4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtA3vnUMYYvqaAZS4jAa5hp2QCpyB77Bc0papqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0oAGs3f7oA8gBCeACAKgDAaoEpQJP0CiGxNmDm-Q3BgDa9MSA8_cQ9njJI-PQKgpIV8vQYt83GbrdtuWgSd90EYYMN3uUcRR0cj5z6WkWg5FPg8YjtyzL3CDmwZnvu8r2-j_b65M4CUVGJ2U7ai7ywAF3BhEulvM_A233QJiH5emKRK8Ztm4LwVy92T0tmjVWe5nuQdkKZ9iCOFee85RlYGlj0ZC0O9zcxw5Tk2hLe_OW-QcYS3CawMERBCSvDQoXgw2qKIbYkI09TofyDDf_361R3aPdWQlRyuzHJTWfyFOqP_Fab0D9K7HkY8pRCTF5ArEisLwmltgxvwiIU0y1qJFS6oBjV-nFlkOHoHhzoPLeVnhKmp9GCpXIsDIeEEX5TVL1u6pGCMehTwmfQ_fhO9x6DuC7kuCKjeAEAYAG9Yvlv-nKwfkXoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0Njgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NhBVDM7qN07Uaeq5kubbf4NeJxA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 02:49:01 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame A32E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YhhDnQAATXoKwxwUAAdDOYl3wyDaalxuagroXw&u=%7CQDj83vHWx0wXbtjzFAkzAL%2BuWMtKkp%2Fqh4uzMXc1cnI%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRK0-mK9eySrGdwSHSu897btvMBogid8AEIo2RE9h5UXo4MSYUWSbCD_Cy3hGzRL1RFaxQbQhKjVM4eA6w18k_IevvKblVS1NxBWjyYeGGBvW6nzxYfPWlAzNpJ-bMouWZgSCenxD0uAp8yQpRjfSvJvoJOKhENTiVfVlGrH-7Fjq9u1VD9rjusajBLCT26q-EUEj1DAg_PtPG-0nkR701huzeTQIYfLZEV_udPIJHzLhMLlEYRTzhT_sfQ2ytI4ERHaWbfLXW3uQVCwG8ak2zwOyoJc8S9JgMuL525ZISq0MWRqpbGWktD-uyKSFvWm9-eMGX0j6S3FjP8IEtzNLOxnNCZwy3tb13KeyVjh-3nqPpfxoluFf6vhFmMUIjNZExhYwWOIcKNzmioJAtz6sybiIlU5DEGS-A4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtA3vnUMYYvqaAZS4jAa5hp2QCpyB77Bc0papqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0oAGs3f7oA8gBCeACAKgDAaoEpQJP0CiGxNmDm-Q3BgDa9MSA8_cQ9njJI-PQKgpIV8vQYt83GbrdtuWgSd90EYYMN3uUcRR0cj5z6WkWg5FPg8YjtyzL3CDmwZnvu8r2-j_b65M4CUVGJ2U7ai7ywAF3BhEulvM_A233QJiH5emKRK8Ztm4LwVy92T0tmjVWe5nuQdkKZ9iCOFee85RlYGlj0ZC0O9zcxw5Tk2hLe_OW-QcYS3CawMERBCSvDQoXgw2qKIbYkI09TofyDDf_361R3aPdWQlRyuzHJTWfyFOqP_Fab0D9K7HkY8pRCTF5ArEisLwmltgxvwiIU0y1qJFS6oBjV-nFlkOHoHhzoPLeVnhKmp9GCpXIsDIeEEX5TVL1u6pGCMehTwmfQ_fhO9x6DuC7kuCKjeAEAYAG9Yvlv-nKwfkXoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0Njgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NhBVDM7qN07Uaeq5kubbf4NeJxA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 02:49:01 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A32E 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YhhDnQAATXoKwxwUAAdDOYl3wyDaalxuagroXw&u=%7CQDj83vHWx0wXbtjzFAkzAL%2BuWMtKkp%2Fqh4uzMXc1cnI%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRK0-mK9eySrGdwSHSu897btvMBogid8AEIo2RE9h5UXo4MSYUWSbCD_Cy3hGzRL1RFaxQbQhKjVM4eA6w18k_IevvKblVS1NxBWjyYeGGBvW6nzxYfPWlAzNpJ-bMouWZgSCenxD0uAp8yQpRjfSvJvoJOKhENTiVfVlGrH-7Fjq9u1VD9rjusajBLCT26q-EUEj1DAg_PtPG-0nkR701huzeTQIYfLZEV_udPIJHzLhMLlEYRTzhT_sfQ2ytI4ERHaWbfLXW3uQVCwG8ak2zwOyoJc8S9JgMuL525ZISq0MWRqpbGWktD-uyKSFvWm9-eMGX0j6S3FjP8IEtzNLOxnNCZwy3tb13KeyVjh-3nqPpfxoluFf6vhFmMUIjNZExhYwWOIcKNzmioJAtz6sybiIlU5DEGS-A4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtA3vnUMYYvqaAZS4jAa5hp2QCpyB77Bc0papqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0oAGs3f7oA8gBCeACAKgDAaoEpQJP0CiGxNmDm-Q3BgDa9MSA8_cQ9njJI-PQKgpIV8vQYt83GbrdtuWgSd90EYYMN3uUcRR0cj5z6WkWg5FPg8YjtyzL3CDmwZnvu8r2-j_b65M4CUVGJ2U7ai7ywAF3BhEulvM_A233QJiH5emKRK8Ztm4LwVy92T0tmjVWe5nuQdkKZ9iCOFee85RlYGlj0ZC0O9zcxw5Tk2hLe_OW-QcYS3CawMERBCSvDQoXgw2qKIbYkI09TofyDDf_361R3aPdWQlRyuzHJTWfyFOqP_Fab0D9K7HkY8pRCTF5ArEisLwmltgxvwiIU0y1qJFS6oBjV-nFlkOHoHhzoPLeVnhKmp9GCpXIsDIeEEX5TVL1u6pGCMehTwmfQ_fhO9x6DuC7kuCKjeAEAYAG9Yvlv-nKwfkXoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0Njgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NhBVDM7qN07Uaeq5kubbf4NeJxA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 20 Feb 2023 02:49:01 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame A32E 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YhhDnQAATXoKwxwUAAdDOYl3wyDaalxuagroXw&u=%7CQDj83vHWx0wXbtjzFAkzAL%2BuWMtKkp%2Fqh4uzMXc1cnI%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRK0-mK9eySrGdwSHSu897btvMBogid8AEIo2RE9h5UXo4MSYUWSbCD_Cy3hGzRL1RFaxQbQhKjVM4eA6w18k_IevvKblVS1NxBWjyYeGGBvW6nzxYfPWlAzNpJ-bMouWZgSCenxD0uAp8yQpRjfSvJvoJOKhENTiVfVlGrH-7Fjq9u1VD9rjusajBLCT26q-EUEj1DAg_PtPG-0nkR701huzeTQIYfLZEV_udPIJHzLhMLlEYRTzhT_sfQ2ytI4ERHaWbfLXW3uQVCwG8ak2zwOyoJc8S9JgMuL525ZISq0MWRqpbGWktD-uyKSFvWm9-eMGX0j6S3FjP8IEtzNLOxnNCZwy3tb13KeyVjh-3nqPpfxoluFf6vhFmMUIjNZExhYwWOIcKNzmioJAtz6sybiIlU5DEGS-A4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtA3vnUMYYvqaAZS4jAa5hp2QCpyB77Bc0papqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0oAGs3f7oA8gBCeACAKgDAaoEpQJP0CiGxNmDm-Q3BgDa9MSA8_cQ9njJI-PQKgpIV8vQYt83GbrdtuWgSd90EYYMN3uUcRR0cj5z6WkWg5FPg8YjtyzL3CDmwZnvu8r2-j_b65M4CUVGJ2U7ai7ywAF3BhEulvM_A233QJiH5emKRK8Ztm4LwVy92T0tmjVWe5nuQdkKZ9iCOFee85RlYGlj0ZC0O9zcxw5Tk2hLe_OW-QcYS3CawMERBCSvDQoXgw2qKIbYkI09TofyDDf_361R3aPdWQlRyuzHJTWfyFOqP_Fab0D9K7HkY8pRCTF5ArEisLwmltgxvwiIU0y1qJFS6oBjV-nFlkOHoHhzoPLeVnhKmp9GCpXIsDIeEEX5TVL1u6pGCMehTwmfQ_fhO9x6DuC7kuCKjeAEAYAG9Yvlv-nKwfkXoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0Njgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NhBVDM7qN07Uaeq5kubbf4NeJxA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 20 Feb 2023 02:49:01 GMT
lg.php
cat.va.us.criteo.com/m/delivery/ Frame A32E 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/m/delivery/lg.php?cppv=3&cpp=T8fE1htGV3QY04URq7FNfbDr5pNRRbY_V833r5BTmcrC0ieXC50ZtN4hRumu28soH6ZPcvIG4ajcyvxwdlDBI9f0DB1KdXgkw54NXmyKgo4bYpV1iSsU-OwwDPNdUuOOZFvbrm2F8Xr1aFRHUok2uppkZ7PDFmOD51ctWKKJ_Wk73F5Aje_6FqRVqL2XfVo6-1G7eAG2cV__cU3JMz5c-ufiW48346pmc_aumbwIpJ8vNFKMfTZwB99loW2Y-u8RSf-fPSjgbhgFgdTIpHQKUdKAup0tkfBs6Ikci7yV4wlH0im0ndLs0qjEFBz0yaTIJuiGlYNNMzyZbpVdOCWGpgJy6-Sn9aVKwtuPSm7LEqJo4ukZ7Ii5oakKALMuvwDi-0aYJprW0w5KcM46RElagBX8z5LSH7wVExy5hDuW-0Ncj1hiUeSarIR8bKQlaJhvF1Dmuw
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YhhDnQAATXoKwxwUAAdDOYl3wyDaalxuagroXw&u=%7CQDj83vHWx0wXbtjzFAkzAL%2BuWMtKkp%2Fqh4uzMXc1cnI%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRK0-mK9eySrGdwSHSu897btvMBogid8AEIo2RE9h5UXo4MSYUWSbCD_Cy3hGzRL1RFaxQbQhKjVM4eA6w18k_IevvKblVS1NxBWjyYeGGBvW6nzxYfPWlAzNpJ-bMouWZgSCenxD0uAp8yQpRjfSvJvoJOKhENTiVfVlGrH-7Fjq9u1VD9rjusajBLCT26q-EUEj1DAg_PtPG-0nkR701huzeTQIYfLZEV_udPIJHzLhMLlEYRTzhT_sfQ2ytI4ERHaWbfLXW3uQVCwG8ak2zwOyoJc8S9JgMuL525ZISq0MWRqpbGWktD-uyKSFvWm9-eMGX0j6S3FjP8IEtzNLOxnNCZwy3tb13KeyVjh-3nqPpfxoluFf6vhFmMUIjNZExhYwWOIcKNzmioJAtz6sybiIlU5DEGS-A4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtA3vnUMYYvqaAZS4jAa5hp2QCpyB77Bc0papqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0oAGs3f7oA8gBCeACAKgDAaoEpQJP0CiGxNmDm-Q3BgDa9MSA8_cQ9njJI-PQKgpIV8vQYt83GbrdtuWgSd90EYYMN3uUcRR0cj5z6WkWg5FPg8YjtyzL3CDmwZnvu8r2-j_b65M4CUVGJ2U7ai7ywAF3BhEulvM_A233QJiH5emKRK8Ztm4LwVy92T0tmjVWe5nuQdkKZ9iCOFee85RlYGlj0ZC0O9zcxw5Tk2hLe_OW-QcYS3CawMERBCSvDQoXgw2qKIbYkI09TofyDDf_361R3aPdWQlRyuzHJTWfyFOqP_Fab0D9K7HkY8pRCTF5ArEisLwmltgxvwiIU0y1qJFS6oBjV-nFlkOHoHhzoPLeVnhKmp9GCpXIsDIeEEX5TVL1u6pGCMehTwmfQ_fhO9x6DuC7kuCKjeAEAYAG9Yvlv-nKwfkXoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0Njgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NhBVDM7qN07Uaeq5kubbf4NeJxA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1953868
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=dc94c78a4af2a82db81e4760f6d0c4ed&pvId=e425071cb83ccd494093c7494c57b56b&sid=6155583&pid=34839&idx=7&wId=1987&pad=0&org=0&tm=2140&eT=3&cnsnt=1---&wRV=2000614&pVis=0&lsd=f9aa7d49-234c-44ee-959a-dfcb03ef529f&eIdx=1&oo=false&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
892ac16d952a3ba4e46cca91df5af537
Content-Length
4
Expires
0
Graphik-Bold.woff2
s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/fonts/ Frame 8E6B 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/fonts/Graphik-Bold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
967ff8234f92c23a8b49e563a7d6d737634ab5c62b1f227505bd59147a8d3370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y.html
Origin
https://s0.2mdn.net
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:47:29 GMT
x-content-type-options
nosniff
age
54092
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21556
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 01:58:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Feb 2022 11:47:29 GMT
Graphik-Regular.woff2
s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/fonts/ Frame 8E6B 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/fonts/Graphik-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d676790cf5fb78e031970275c9ec7e5e6a9ded28edd02912aa8535840328186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y.html
Origin
https://s0.2mdn.net
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:47:29 GMT
x-content-type-options
nosniff
age
54092
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20628
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 01:58:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Feb 2022 11:47:29 GMT
Graphik-Medium.woff2
s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/fonts/ Frame 8E6B 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/fonts/Graphik-Medium.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2f1186fbef585443e2da57208e35cfd5a33f2de348c1497feec9254ca89d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y.html
Origin
https://s0.2mdn.net
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:47:29 GMT
x-content-type-options
nosniff
age
54092
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21672
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 01:58:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Feb 2022 11:47:29 GMT
Graphik-Semibold.woff2
s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/fonts/ Frame 8E6B 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/fonts/Graphik-Semibold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56275d6f348c93a8cbd4e39347d343252f39f7a9f2ef157d47d120ddb68059d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y.html
Origin
https://s0.2mdn.net
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:47:29 GMT
x-content-type-options
nosniff
age
54092
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21752
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 01:58:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Feb 2022 11:47:29 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ Frame 8E6B 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9121585/1643075923387/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y/hrb_ct_diy_filefreeonline_html_6_300x250_v1_na_y.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 04:29:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166801
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Feb 2023 04:29:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2D54 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 17:56:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
204725
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Feb 2023 17:56:56 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7067 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 24 Feb 2022 19:21:13 GMT
expires
Fri, 25 Feb 2022 19:21:13 GMT
cache-control
public, max-age=86400
age
26868
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 2D54 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fb666be8468c624a000211deaf926619b087012bead05fb392ddf10ccc75c25

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
WB_logo_waiAssets.png
s0.2mdn.net/sadbundle/2088215109561221120/images/ Frame CBE3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2088215109561221120/images/WB_logo_waiAssets.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
706f2631e614932c3bf65293ed1269463b8f9f015ffb867a4b8e0e94488270b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2088215109561221120/RRW_EVG_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 08:11:34 GMT
x-content-type-options
nosniff
age
412647
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1889
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 18:41:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Feb 2023 08:11:34 GMT
dt
dt.adsafeprotected.com/ Frame 2D54 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=904480&asId=41c325b9-c60f-b543-be1b-add61f823207&tv=%7Bc:5chsE6,pingTime:-2,time:192,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:427,mdZ:453,beA:693,beZ:694,mfA:696,cmA:697,inA:697,inZ:701,prA:701,prZ:710,si:716,poA:717,poZ:737,cmZ:737,mfZ:737,loA:806,loZ:809,ltA:885,ltZ:885%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:160,h:0,t:22%7D,%7Br:r,h:600,t:173%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:192,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B186~0%5D,as:%5B167~160.0,19~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYpU5jB+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i.904480-59616675%7C1i1%7C1i2%7C1i3%7C1i4%7C1j*.904480-59616658%7C1j1%7C1k%7C1l1%7C1l2%7C1m%7C1n%7C1o,idMap:1j*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,sinceFw:168,readyFired:true%7D&br=c
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
X-Server-Name
dt39.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
syncframe
gum.criteo.com/ Frame 0FC0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.hawtcelebs.com&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2572
date
Fri, 25 Feb 2022 02:49:01 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ 		90 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 09:04:35 GMT
server
nginx
etag
W/"61f7a623-16685"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Feb 2022 02:49:01 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C346 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 22 Feb 2022 17:56:57 GMT
expires
Wed, 22 Feb 2023 17:56:57 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
204724
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 5BD6 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a686eacf277c26d7f8dc7905369a528dcef9854b9f9720403732858ab1fe3394

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
i.match
s.tribalfusion.com/z/ Frame A5C4
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIDZhC6LAwxwfrK1egEAvS0&google_cver=1&google_push=AYg5qPKTIBfI8rSFROYhMFaTl2PxrnyXyys62YoAd1JMtJZc1GikR4vPQXPg3cXYuZIoO7gXYvJW_cE4v4umZbr9QuZUwiZov-w&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIDZhC6LAwxwfrK1egEAvS0&google_cver=1&google_push=AYg5qPKTIBfI8rSFROYhMFaTl2PxrnyXyys62YoAd1JMtJZc1GikR4vPQXPg3cXYuZIoO7gXYvJW_cE4v4umZbr9QuZUwiZov-w...
43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIDZhC6LAwxwfrK1egEAvS0&google_cver=1&google_push=AYg5qPKTIBfI8rSFROYhMFaTl2PxrnyXyys62YoAd1JMtJZc1GikR4vPQXPg3cXYuZIoO7gXYvJW_cE4v4umZbr9QuZUwiZov-w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKTIBfI8rSFROYhMFaTl2PxrnyXyys62YoAd1JMtJZc1GikR4vPQXPg3cXYuZIoO7gXYvJW_cE4v4umZbr9QuZUwiZov-w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6e2d9e3c7fe7f039-EWR
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
3325
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6e2d9e3b7efbf039-EWR
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIDZhC6LAwxwfrK1egEAvS0&google_cver=1&google_push=AYg5qPKTIBfI8rSFROYhMFaTl2PxrnyXyys62YoAd1JMtJZc1GikR4vPQXPg3cXYuZIoO7gXYvJW_cE4v4umZbr9QuZUwiZov-w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKTIBfI8rSFROYhMFaTl2PxrnyXyys62YoAd1JMtJZc1GikR4vPQXPg3cXYuZIoO7gXYvJW_cE4v4umZbr9QuZUwiZov-w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A5C4
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEDpvD4K6smLoehxq6F2c16Y&google_cver=1&google_push=AYg5qPJj_PqnjZOyyT7LScgKb1m4OlEZcAgjWhGgfdN5Dek5qG1OnH1CzdJkOV5Pf58RzpLeu4STbAy...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEDpvD4K6smLoehxq6F2c16Y&google_cver=1&google_push=AYg5qPJj_PqnjZOyyT7LScgKb1m4OlEZcAgjWhGgfdN5Dek5qG1OnH1CzdJkOV5Pf58Rz...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Fk2my_LlQ3qT9qCD7KNwrmIYQ54
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Fk2my_LlQ3qT9qCD7KNwrmIYQ54
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Fk2my_LlQ3qT9qCD7KNwrmIYQ54
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame A5C4
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEGvYdZbLY-WGH7uP-o7lRyw&google_cver=1&google_push=AYg5qPJowwo2XUJxvLgswD1b9D-17ZfSv4Grsdwtvwshkr5hqCIuk1lvqPgEyXGmOH9XtvrJfAUiNKZOYYCAR9T48dd1OPG2Hzc
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Mzg0ODAyNTg3NDg2MTBDNA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Mzg0ODAyNTg3NDg2MTBDNA==
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Mzg0ODAyNTg3NDg2MTBDNA==
date
Fri, 25 Feb 2022 02:49:02 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
dot.gif
s0.2mdn.net/ Frame A5C4 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEDSAbeFOeQHgwIP8pXIII4k&google_cver=1&google_push=AYg5qPLNZ7xEY0v7kbObNofQk4KzrRGJEIVW6cpI-o2TyrB4n7jfC4pg6GJax864LtEPUlKB34riNwQwavxa0Fc7xjuD1ie4_g
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 26 Feb 2022 02:49:01 GMT
pixel
cm.g.doubleclick.net/ Frame A5C4
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEH_0vmFqjLyjcmg3RSQeSSc&google_cver=1&google_push=AYg5qPKIuYHypbH1kht0LIXN8hwIg8XqsNHUbwxwCmEjmCxZ8vP827UPNm_NjUo9WDIRm0IRAeC44icBaHbeBOPe08ZkYvoqtw
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKIuYHypbH1kht0LIXN8hwIg8XqsNHUbwxwCmEjmCxZ8vP827UPNm_NjUo9WDIRm0IRAeC44icBaHbeBOPe08ZkYvoqtw&google_hm=kWKMUR4Jzr4gv9KaGQZFXQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKIuYHypbH1kht0LIXN8hwIg8XqsNHUbwxwCmEjmCxZ8vP827UPNm_NjUo9WDIRm0IRAeC44icBaHbeBOPe08ZkYvoqtw&google_hm=kWKMUR4Jzr4gv9KaGQZFXQ==
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKIuYHypbH1kht0LIXN8hwIg8XqsNHUbwxwCmEjmCxZ8vP827UPNm_NjUo9WDIRm0IRAeC44icBaHbeBOPe08ZkYvoqtw&google_hm=kWKMUR4Jzr4gv9KaGQZFXQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
uvn190mpkd4u0u7k9tl9gjh3mf33pt5l
pixel
cm.g.doubleclick.net/ Frame A5C4
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEIgqju86Llf2Pu6KuAkB59g&google_cver=1&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
0
0
pixel
cm.g.doubleclick.net/ Frame A5C4
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEB7jxCtUfCP_BYknXsMRLnc&google_cver=1&google_push=AYg5qPJPrPnYkFu3QY2lxqrbgFT_hBrvMPs70qrd7KyQPTAZZTGFPTKg...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEB7jxCtUfCP_BYknXsMRLnc&google_cver=1&google_push=AYg5qPJPrPnYkFu3QY2lxqrbgFT_hBrvMPs70qrd7KyQPTAZZTGFPT...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA3Y2I3ZWFlZS05NWU1LTExZWMtYmM1NC0wMjQwZjg1ZDA3YjE%3D&google_push=AYg5qPJPrPnYkFu3QY2lxqrbgFT_hBrvMPs70qrd7KyQPTAZZTGFPTKgRfrfvWKBki...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA3Y2I3ZWFlZS05NWU1LTExZWMtYmM1NC0wMjQwZjg1ZDA3YjE%3D&google_push=AYg5qPJPrPnYkFu3QY2lxqrbgFT_hBrvMPs70qrd7KyQPTAZZTGFPTKgRfrfvWKBkiv4UG4IyalG18xK2VfjhbSDwA3S4f82OT81
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA3Y2I3ZWFlZS05NWU1LTExZWMtYmM1NC0wMjQwZjg1ZDA3YjE%3D&google_push=AYg5qPJPrPnYkFu3QY2lxqrbgFT_hBrvMPs70qrd7KyQPTAZZTGFPTKgRfrfvWKBkiv4UG4IyalG18xK2VfjhbSDwA3S4f82OT81
date
Fri, 25 Feb 2022 02:49:02 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame A5C4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LWRy8exhq2Wf3VL-aDPJJozIbCNCrRSTumj0Xc9VB_Ym_pAhMJYUQzK6RoMC1sche8FAMFlw
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A32E 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YhhDnQAATXoKwxwUAAdDOYl3wyDaalxuagroXw&u=%7CQDj83vHWx0wXbtjzFAkzAL%2BuWMtKkp%2Fqh4uzMXc1cnI%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRK0-mK9eySrGdwSHSu897btvMBogid8AEIo2RE9h5UXo4MSYUWSbCD_Cy3hGzRL1RFaxQbQhKjVM4eA6w18k_IevvKblVS1NxBWjyYeGGBvW6nzxYfPWlAzNpJ-bMouWZgSCenxD0uAp8yQpRjfSvJvoJOKhENTiVfVlGrH-7Fjq9u1VD9rjusajBLCT26q-EUEj1DAg_PtPG-0nkR701huzeTQIYfLZEV_udPIJHzLhMLlEYRTzhT_sfQ2ytI4ERHaWbfLXW3uQVCwG8ak2zwOyoJc8S9JgMuL525ZISq0MWRqpbGWktD-uyKSFvWm9-eMGX0j6S3FjP8IEtzNLOxnNCZwy3tb13KeyVjh-3nqPpfxoluFf6vhFmMUIjNZExhYwWOIcKNzmioJAtz6sybiIlU5DEGS-A4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtA3vnUMYYvqaAZS4jAa5hp2QCpyB77Bc0papqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0oAGs3f7oA8gBCeACAKgDAaoEpQJP0CiGxNmDm-Q3BgDa9MSA8_cQ9njJI-PQKgpIV8vQYt83GbrdtuWgSd90EYYMN3uUcRR0cj5z6WkWg5FPg8YjtyzL3CDmwZnvu8r2-j_b65M4CUVGJ2U7ai7ywAF3BhEulvM_A233QJiH5emKRK8Ztm4LwVy92T0tmjVWe5nuQdkKZ9iCOFee85RlYGlj0ZC0O9zcxw5Tk2hLe_OW-QcYS3CawMERBCSvDQoXgw2qKIbYkI09TofyDDf_361R3aPdWQlRyuzHJTWfyFOqP_Fab0D9K7HkY8pRCTF5ArEisLwmltgxvwiIU0y1qJFS6oBjV-nFlkOHoHhzoPLeVnhKmp9GCpXIsDIeEEX5TVL1u6pGCMehTwmfQ_fhO9x6DuC7kuCKjeAEAYAG9Yvlv-nKwfkXoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0Njgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NhBVDM7qN07Uaeq5kubbf4NeJxA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tlU1YvB7sUZf8KgOYg2TAgNj3V1HSb6BGxSB6DnPDXYP%2FTiL3PDpxK0n1oMlOCWV2Z0e6IV6zj1500kb81RW0YEnLXGhLEXNV6rVg39H781tFZKviSfWU3QOsbBoWZbrZfNsYW7Fc6x5Z6qADAlrnqA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e2d9e3b8c778c3f-EWR
expires
Wed, 15 Feb 2023 02:49:02 GMT
animejs.js
static.criteo.net/animejs/ Frame A32E 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YhhDnQAATXoKwxwUAAdDOYl3wyDaalxuagroXw&u=%7CQDj83vHWx0wXbtjzFAkzAL%2BuWMtKkp%2Fqh4uzMXc1cnI%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRK0-mK9eySrGdwSHSu897btvMBogid8AEIo2RE9h5UXo4MSYUWSbCD_Cy3hGzRL1RFaxQbQhKjVM4eA6w18k_IevvKblVS1NxBWjyYeGGBvW6nzxYfPWlAzNpJ-bMouWZgSCenxD0uAp8yQpRjfSvJvoJOKhENTiVfVlGrH-7Fjq9u1VD9rjusajBLCT26q-EUEj1DAg_PtPG-0nkR701huzeTQIYfLZEV_udPIJHzLhMLlEYRTzhT_sfQ2ytI4ERHaWbfLXW3uQVCwG8ak2zwOyoJc8S9JgMuL525ZISq0MWRqpbGWktD-uyKSFvWm9-eMGX0j6S3FjP8IEtzNLOxnNCZwy3tb13KeyVjh-3nqPpfxoluFf6vhFmMUIjNZExhYwWOIcKNzmioJAtz6sybiIlU5DEGS-A4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtA3vnUMYYvqaAZS4jAa5hp2QCpyB77Bc0papqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0oAGs3f7oA8gBCeACAKgDAaoEpQJP0CiGxNmDm-Q3BgDa9MSA8_cQ9njJI-PQKgpIV8vQYt83GbrdtuWgSd90EYYMN3uUcRR0cj5z6WkWg5FPg8YjtyzL3CDmwZnvu8r2-j_b65M4CUVGJ2U7ai7ywAF3BhEulvM_A233QJiH5emKRK8Ztm4LwVy92T0tmjVWe5nuQdkKZ9iCOFee85RlYGlj0ZC0O9zcxw5Tk2hLe_OW-QcYS3CawMERBCSvDQoXgw2qKIbYkI09TofyDDf_361R3aPdWQlRyuzHJTWfyFOqP_Fab0D9K7HkY8pRCTF5ArEisLwmltgxvwiIU0y1qJFS6oBjV-nFlkOHoHhzoPLeVnhKmp9GCpXIsDIeEEX5TVL1u6pGCMehTwmfQ_fhO9x6DuC7kuCKjeAEAYAG9Yvlv-nKwfkXoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0Njgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NhBVDM7qN07Uaeq5kubbf4NeJxA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 02:49:01 GMT
img
pix.us.criteo.net/img/ Frame A32E 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90645&q=80&r=0&u=https%3A%2F%2Fassets.investingoutlook.co%2Fuploads%2F2022%2F02%2FMarcMap6.png&v=3&w=800&s=LZGR7jj6oXSaowCRjKGzzCR2&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YhhDnQAATXoKwxwUAAdDOYl3wyDaalxuagroXw&u=%7CQDj83vHWx0wXbtjzFAkzAL%2BuWMtKkp%2Fqh4uzMXc1cnI%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRK0-mK9eySrGdwSHSu897btvMBogid8AEIo2RE9h5UXo4MSYUWSbCD_Cy3hGzRL1RFaxQbQhKjVM4eA6w18k_IevvKblVS1NxBWjyYeGGBvW6nzxYfPWlAzNpJ-bMouWZgSCenxD0uAp8yQpRjfSvJvoJOKhENTiVfVlGrH-7Fjq9u1VD9rjusajBLCT26q-EUEj1DAg_PtPG-0nkR701huzeTQIYfLZEV_udPIJHzLhMLlEYRTzhT_sfQ2ytI4ERHaWbfLXW3uQVCwG8ak2zwOyoJc8S9JgMuL525ZISq0MWRqpbGWktD-uyKSFvWm9-eMGX0j6S3FjP8IEtzNLOxnNCZwy3tb13KeyVjh-3nqPpfxoluFf6vhFmMUIjNZExhYwWOIcKNzmioJAtz6sybiIlU5DEGS-A4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtA3vnUMYYvqaAZS4jAa5hp2QCpyB77Bc0papqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0oAGs3f7oA8gBCeACAKgDAaoEpQJP0CiGxNmDm-Q3BgDa9MSA8_cQ9njJI-PQKgpIV8vQYt83GbrdtuWgSd90EYYMN3uUcRR0cj5z6WkWg5FPg8YjtyzL3CDmwZnvu8r2-j_b65M4CUVGJ2U7ai7ywAF3BhEulvM_A233QJiH5emKRK8Ztm4LwVy92T0tmjVWe5nuQdkKZ9iCOFee85RlYGlj0ZC0O9zcxw5Tk2hLe_OW-QcYS3CawMERBCSvDQoXgw2qKIbYkI09TofyDDf_361R3aPdWQlRyuzHJTWfyFOqP_Fab0D9K7HkY8pRCTF5ArEisLwmltgxvwiIU0y1qJFS6oBjV-nFlkOHoHhzoPLeVnhKmp9GCpXIsDIeEEX5TVL1u6pGCMehTwmfQ_fhO9x6DuC7kuCKjeAEAYAG9Yvlv-nKwfkXoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0Njgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NhBVDM7qN07Uaeq5kubbf4NeJxA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fe4ac64ff8960ad51a9d8fec5f438009921f3540bb657d59c4b8df9499675771
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
15296
expires
Fri, 25 Feb 2022 02:49:02 GMT
all
csm.us.criteo.net/ Frame A32E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=T7l0u4jhpyfn17texkUgDeq2-RZW1yJDyTfxudItOzC4vSwRxByXcFXn_BianeW4lJtpfq5sT-_wtHvaTd93chCz-0LN7vg4Mcixf3Qm1BcOL8Qic4GAI1Au6243JXhpuiZwrZS_vaNI0prA9fZmRyrsyKiKkTnv_LOEsU5EACkLBfhoEbG8mH2veQDm7e-Jjsw5_bEFNFkCaTuj1YJtOBy5VzB0nCFG23jusxU0OxuWZMJlsxwmuDRaTUzwFV2K4aWCjKwrZ-P2Uzht&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YhhDnQAATXoKwxwUAAdDOYl3wyDaalxuagroXw&u=%7CQDj83vHWx0wXbtjzFAkzAL%2BuWMtKkp%2Fqh4uzMXc1cnI%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRK0-mK9eySrGdwSHSu897btvMBogid8AEIo2RE9h5UXo4MSYUWSbCD_Cy3hGzRL1RFaxQbQhKjVM4eA6w18k_IevvKblVS1NxBWjyYeGGBvW6nzxYfPWlAzNpJ-bMouWZgSCenxD0uAp8yQpRjfSvJvoJOKhENTiVfVlGrH-7Fjq9u1VD9rjusajBLCT26q-EUEj1DAg_PtPG-0nkR701huzeTQIYfLZEV_udPIJHzLhMLlEYRTzhT_sfQ2ytI4ERHaWbfLXW3uQVCwG8ak2zwOyoJc8S9JgMuL525ZISq0MWRqpbGWktD-uyKSFvWm9-eMGX0j6S3FjP8IEtzNLOxnNCZwy3tb13KeyVjh-3nqPpfxoluFf6vhFmMUIjNZExhYwWOIcKNzmioJAtz6sybiIlU5DEGS-A4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtA3vnUMYYvqaAZS4jAa5hp2QCpyB77Bc0papqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0oAGs3f7oA8gBCeACAKgDAaoEpQJP0CiGxNmDm-Q3BgDa9MSA8_cQ9njJI-PQKgpIV8vQYt83GbrdtuWgSd90EYYMN3uUcRR0cj5z6WkWg5FPg8YjtyzL3CDmwZnvu8r2-j_b65M4CUVGJ2U7ai7ywAF3BhEulvM_A233QJiH5emKRK8Ztm4LwVy92T0tmjVWe5nuQdkKZ9iCOFee85RlYGlj0ZC0O9zcxw5Tk2hLe_OW-QcYS3CawMERBCSvDQoXgw2qKIbYkI09TofyDDf_361R3aPdWQlRyuzHJTWfyFOqP_Fab0D9K7HkY8pRCTF5ArEisLwmltgxvwiIU0y1qJFS6oBjV-nFlkOHoHhzoPLeVnhKmp9GCpXIsDIeEEX5TVL1u6pGCMehTwmfQ_fhO9x6DuC7kuCKjeAEAYAG9Yvlv-nKwfkXoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0Njgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NhBVDM7qN07Uaeq5kubbf4NeJxA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 25 Feb 2022 02:49:01 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A32E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YhhDnQAATXoKwxwUAAdDOYl3wyDaalxuagroXw&u=%7CQDj83vHWx0wXbtjzFAkzAL%2BuWMtKkp%2Fqh4uzMXc1cnI%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRK0-mK9eySrGdwSHSu897btvMBogid8AEIo2RE9h5UXo4MSYUWSbCD_Cy3hGzRL1RFaxQbQhKjVM4eA6w18k_IevvKblVS1NxBWjyYeGGBvW6nzxYfPWlAzNpJ-bMouWZgSCenxD0uAp8yQpRjfSvJvoJOKhENTiVfVlGrH-7Fjq9u1VD9rjusajBLCT26q-EUEj1DAg_PtPG-0nkR701huzeTQIYfLZEV_udPIJHzLhMLlEYRTzhT_sfQ2ytI4ERHaWbfLXW3uQVCwG8ak2zwOyoJc8S9JgMuL525ZISq0MWRqpbGWktD-uyKSFvWm9-eMGX0j6S3FjP8IEtzNLOxnNCZwy3tb13KeyVjh-3nqPpfxoluFf6vhFmMUIjNZExhYwWOIcKNzmioJAtz6sybiIlU5DEGS-A4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtA3vnUMYYvqaAZS4jAa5hp2QCpyB77Bc0papqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0oAGs3f7oA8gBCeACAKgDAaoEpQJP0CiGxNmDm-Q3BgDa9MSA8_cQ9njJI-PQKgpIV8vQYt83GbrdtuWgSd90EYYMN3uUcRR0cj5z6WkWg5FPg8YjtyzL3CDmwZnvu8r2-j_b65M4CUVGJ2U7ai7ywAF3BhEulvM_A233QJiH5emKRK8Ztm4LwVy92T0tmjVWe5nuQdkKZ9iCOFee85RlYGlj0ZC0O9zcxw5Tk2hLe_OW-QcYS3CawMERBCSvDQoXgw2qKIbYkI09TofyDDf_361R3aPdWQlRyuzHJTWfyFOqP_Fab0D9K7HkY8pRCTF5ArEisLwmltgxvwiIU0y1qJFS6oBjV-nFlkOHoHhzoPLeVnhKmp9GCpXIsDIeEEX5TVL1u6pGCMehTwmfQ_fhO9x6DuC7kuCKjeAEAYAG9Yvlv-nKwfkXoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0Njgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NhBVDM7qN07Uaeq5kubbf4NeJxA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 02:49:02 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A32E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YhhDnQAATXoKwxwUAAdDOYl3wyDaalxuagroXw&u=%7CQDj83vHWx0wXbtjzFAkzAL%2BuWMtKkp%2Fqh4uzMXc1cnI%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRK0-mK9eySrGdwSHSu897btvMBogid8AEIo2RE9h5UXo4MSYUWSbCD_Cy3hGzRL1RFaxQbQhKjVM4eA6w18k_IevvKblVS1NxBWjyYeGGBvW6nzxYfPWlAzNpJ-bMouWZgSCenxD0uAp8yQpRjfSvJvoJOKhENTiVfVlGrH-7Fjq9u1VD9rjusajBLCT26q-EUEj1DAg_PtPG-0nkR701huzeTQIYfLZEV_udPIJHzLhMLlEYRTzhT_sfQ2ytI4ERHaWbfLXW3uQVCwG8ak2zwOyoJc8S9JgMuL525ZISq0MWRqpbGWktD-uyKSFvWm9-eMGX0j6S3FjP8IEtzNLOxnNCZwy3tb13KeyVjh-3nqPpfxoluFf6vhFmMUIjNZExhYwWOIcKNzmioJAtz6sybiIlU5DEGS-A4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtA3vnUMYYvqaAZS4jAa5hp2QCpyB77Bc0papqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0oAGs3f7oA8gBCeACAKgDAaoEpQJP0CiGxNmDm-Q3BgDa9MSA8_cQ9njJI-PQKgpIV8vQYt83GbrdtuWgSd90EYYMN3uUcRR0cj5z6WkWg5FPg8YjtyzL3CDmwZnvu8r2-j_b65M4CUVGJ2U7ai7ywAF3BhEulvM_A233QJiH5emKRK8Ztm4LwVy92T0tmjVWe5nuQdkKZ9iCOFee85RlYGlj0ZC0O9zcxw5Tk2hLe_OW-QcYS3CawMERBCSvDQoXgw2qKIbYkI09TofyDDf_361R3aPdWQlRyuzHJTWfyFOqP_Fab0D9K7HkY8pRCTF5ArEisLwmltgxvwiIU0y1qJFS6oBjV-nFlkOHoHhzoPLeVnhKmp9GCpXIsDIeEEX5TVL1u6pGCMehTwmfQ_fhO9x6DuC7kuCKjeAEAYAG9Yvlv-nKwfkXoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0Njgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NhBVDM7qN07Uaeq5kubbf4NeJxA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 02:49:02 GMT
truncated
/ Frame 8E6B 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
85dce6f3ea3e30168330db951dc0ef20ec01e265b861b5119edf54c95dde133f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021701&jk=3853938541929479&bg=!BAelB0PNAAas2QJZrNk7ACkAdvg8Wl1uDQUdDujv-NygTYVvVRJacieTcbMKcrbE_KDAgtGvfeSsRgIAAAL0UgAAAAJoAQeZAshic0W0ZHDGzKZ6C-czE2TsA6wg81Tjyfs2w8qDEX9snuJnd2OQF_ReFS6Ykv7_YMTB0wIdGCDP_SyjkemD9TW5uegzpyKenuMlRgQ9hSCCvrDGcvp7cF--OznWsMOKDGqcWAiocJQLNLPmfgUWZ7SIuMoLjYE4q1e8NPUKC_Mi-4FluwqqybACXbgs61_8OaAY2lEBkGIUTdS7B94yqs81KEaTKRbVJNfCbhjpBdFAIl4M-vrsfA9gMXvxj1_oxJSDkJRUcR6zPOOYNIyYRzjnJOCnCur50f-MNmPd9KgVKuogdUrcptN7QJdJRyl5tc-8SuE8usCBl7vxrQIWJTZP-k_9XeFvyTSpiCt92w4-axMpoEe7Q43bo7dqNAga9IKvhrUjhdZZViZuSSAK2_cjsKWxFT3VQkPrg8OPb0Mcz19d6ujxm8jfInS-DnIRB7GpfO9ii6vN1gLz4psOCj410l5D9RBb02ZejKA_FxA7rKHQAPMY0bx29yjxEjUNZgP6UVz65lRzytCrzPQTlXwkq4N5dUxmvupe1k5QSWAr9gtI8XxnVHX2URnRZpQxzw3EbXX2SQoa1NzTO_6LkzdPQwZikILDGO1OmLbR-2IuKs3Jod6yl4ZYtpHCvJY6BlQTVaarG7ogZDH7c7eHpTacytW8rjDHIZj3WKjUU8ea3btF2gnqYeNX7D9U_4ialRri_DlW1ha7WmZfv6OymIJYni0Svgk7NFSQaSBK3f6co8QCok2_RGnQHapXPELvrb6DLaAXi-YBfwhBMN7djXVClryK0EnX_QTxG_-5YqcImZeQpSarUEIGrmUnyV7_dG6YA2XlP9W3b5843vx6zL5_Da9bvddBSQ1nSJ7DDoLxVFeRp9zmp1fWic3CJIc_fQ3AlQteJHNZM4VCl6_eUiZBevJ2CrVmbmoD0aeYfyRkNhPea070Pzll
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Graphik-Bold.woff2
s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/fonts/ Frame F8E8 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/fonts/Graphik-Bold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
967ff8234f92c23a8b49e563a7d6d737634ab5c62b1f227505bd59147a8d3370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img.html
Origin
https://s0.2mdn.net
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:47:03 GMT
x-content-type-options
nosniff
age
54119
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21556
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 21:31:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Feb 2022 11:47:03 GMT
Graphik-Regular.woff2
s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/fonts/ Frame F8E8 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/fonts/Graphik-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d676790cf5fb78e031970275c9ec7e5e6a9ded28edd02912aa8535840328186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img.html
Origin
https://s0.2mdn.net
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:47:03 GMT
x-content-type-options
nosniff
age
54119
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20628
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 21:31:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Feb 2022 11:47:03 GMT
Graphik-Medium.woff2
s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/fonts/ Frame F8E8 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/fonts/Graphik-Medium.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2f1186fbef585443e2da57208e35cfd5a33f2de348c1497feec9254ca89d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img.html
Origin
https://s0.2mdn.net
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:47:03 GMT
x-content-type-options
nosniff
age
54119
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21672
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 21:31:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Feb 2022 11:47:03 GMT
Graphik-Semibold.woff2
s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/fonts/ Frame F8E8 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/fonts/Graphik-Semibold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56275d6f348c93a8cbd4e39347d343252f39f7a9f2ef157d47d120ddb68059d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img.html
Origin
https://s0.2mdn.net
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:47:03 GMT
x-content-type-options
nosniff
age
54119
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21752
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 21:31:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Feb 2022 11:47:03 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ Frame F8E8 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 04:29:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Feb 2023 04:29:00 GMT
pixels
bcp.crwdcntrl.net/ Frame 52D6 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-102.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
6fed4c18fc23b54981febcdc481a9847156212cabc4b474319469c8f67306c33

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://tags.crwdcntrl.net/

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
content-type
text/html
content-length
3288
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.40.44.71
server
Jetty(9.4.38.v20210224)
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9A45 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 22 Feb 2022 17:56:57 GMT
expires
Wed, 22 Feb 2023 17:56:57 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
204725
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 180D 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvjxwDPqln1Cjjzuw78JMRpBRonpE1COWx7h_OP9fpR4oAln1kMFev8xGLsTdew-XEhuZlWs3nuyRT1M7yeLhpwWhhSl7_7y7q__p_fWgC_sgyyZSVA-X4_1WTnBY5DXueHVNnjXXf8ruvDF7WsxmIrZULM6QruMjTiRrlLNrjSKNE0BPJEJxEIJqxBKRjjMD1a7cWiPZLblB6N1jj3Pm8OD49H5dJPR8V3rZ6wMSEIqxkHJElkbJPHQcUDfi2CGkrym_Qt1e0uFFXo2RsuCzrxE6qUxVOHuhEuX9Qh1rz8lGYJfin71C3A7fuHrjx3GiOHDolv5V6jtB_reZP8Kiqj3nZ_IVuN0qeNz_46jVl4AxaRy02MY0ShbSW6WLEs-uf4YqK3q5aA5HgD0XY7epC8wIaqmSf6G9RAVvdJLDcdonnn6tOH4zIqXeNICA7n1MKCHXBneOO6wQC0rScRZGti7OJspO6Bq4KoquzFCoFzcJ9u09LFCQdHevtUwy7oREXuoIBvkft-A0b7xl0MaPEUgG_-JFhheQDaGAEtO8wBQjv_7OIKD3JrjG3R0JIb4-vW9yyD9k17_4XEz2lYoJ73GVCjEPSwWmop0nlwpEpF37XdC0mFH-4tzQ7jfN51GlxHfhKuSH2NPw8qIllkZzoBIKq175RVM2jttTQRD7HNUSyLWMTqUihO5E-HPPMwYRv3wm2WRa0RAHIJveiuZYbq-gHmHW9O2daHeELhqZegGSHg8NOw1mXiC5L17gCfaEAGz2-zp2Is0T-3ILBpQu_E-wfQ7myjjl0FPbqRymvxGLRL9V5wtWeHYyKUAyGo9c_wMENwPPJP_W2c0371Qm6pFSpkF9W4qDZ91ju9WwZNmXFLAwnbu_OA9ULFvkonKRz5dSBs8eGI0b2csI8WARrECd5zJ1qagq8MN_3igOE506Y_3imbGtYdqgj0n_lKx4PoV3XCWmY_lJRbD_uWZDAU34BltQvMWFL8aJse5d8yvtrALHXs3o7CGg8dLt8IqHO-7wuxf2q3VUq-Vp3uuKshT6-UAvMjdEAz84tGDEz-YbzhvuNEbhidMT2IpPHRidkhARp9gSH8p4JbqeysL-ZbfPQNUUiTC5Sh1ui-sVq40Uat6XYu3fNlfcJr77NeQU06FFfFs9sfofGj-Z-UhhmexmUKPrTW9-Zeza-V4UwA2W6HJTpEeY80pp2x_vOzzGYIaWs4jEjPYgVbwLk3FM6J4pEEUUQ8uy9VY4xlzAZnyN0COlUH6rIrq66O1bzshC23XCGtRKqSUh_ZmQbV3jOgK2EBqdA3Wr_zcdX-u4-Yxi-T&sai=AMfl-YRrSVlpI1M0ThTu-H088ExH9IS-3SiHh0AQTWoBJdnsruaq1O8tHUrUaM8YcJUHMzEm0LYmkL3-xRIJZ7sDSeIRnKCHN8ABb87e5kW97QfS50Ddae6yBS8w6B7Gi46vEKasrNfRAADvcDYo4K2hI5Re398OdUtioBy1QikHNvUfacBOuwObtaQ&sig=Cg0ArKJSzD5wfxwmGXevEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=790&vt=11&dtpt=499&dett=3&cstd=289&cisv=r20220223.11243&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:49:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
google
pix.impdesk.com/csync/ Frame 761B 		0
0
pixel
cm.g.doubleclick.net/ Frame 761B
Redirect Chain
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEGGbgp-RTISBwqpsFp3Q3nU&google_cver=1&google_push=AYg5qPK_yd16fIiE6EM_S91Xn-QGm_SykqfNmJrU_t2qjIIFq...
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEGGbgp-RTISBwqpsFp3Q3nU&google_cver=1&google_push=AYg5qPK_yd16fIiE6EM_S91Xn-QGm_SykqfNmJrU_t2qjIIFq...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AYg5qPK_yd16fIiE6EM_S91Xn-QGm_SykqfNmJrU_t2qjIIFqgMaNw_hf8US6Eo4Le17MezYYINzKlSkE98Dp0geXrrj2oezIED8&google_hm=MDYwMzAwMDJf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AYg5qPK_yd16fIiE6EM_S91Xn-QGm_SykqfNmJrU_t2qjIIFqgMaNw_hf8US6Eo4Le17MezYYINzKlSkE98Dp0geXrrj2oezIED8&google_hm=MDYwMzAwMDJfNjIxODQzOWQ4YzUwZg%3D%3D
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 25 Feb 2022 02:49:02 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AYg5qPK_yd16fIiE6EM_S91Xn-QGm_SykqfNmJrU_t2qjIIFqgMaNw_hf8US6Eo4Le17MezYYINzKlSkE98Dp0geXrrj2oezIED8&google_hm=MDYwMzAwMDJfNjIxODQzOWQ4YzUwZg%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
dot.gif
s0.2mdn.net/ Frame 761B 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEDSAbeFOeQHgwIP8pXIII4k&google_cver=1&google_push=AYg5qPIi5rZoPc8KL0ZAKm0vz-SVa98T4ZEb0U1vQuwK4QDNz2DHJTD0uDdsQVExzvqZioaBi7t0ByrnF5MogN3ASbG7BfO-V0M
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 26 Feb 2022 02:49:02 GMT
pixel
cm.g.doubleclick.net/ Frame 761B
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEIgqju86Llf2Pu6KuAkB59g&google_cver=1&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
0
0
pixel
cm.g.doubleclick.net/ Frame 761B
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEHAjjo6iS3uHF89dlVmdAqE&google_cver=1&google_push=AYg5qPL1DNbhe7ho77sneo0xuoNznO062b6O64zGmuhNlCC_gHAxz_v_IGSVLXWKAuEzibVBkd-i8uOI9Hf0tmYGAq1SgR_...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZTBjM2VkN2U0YTFmNGZkYjhhZmQzNjM4MWUzOWRiZjc%3D&UIDF=CAESEHAjjo6iS3uHF89dlVmdAqE&google_cver=1&google_push=AYg5qPL1DNbhe7ho77sneo0xuoNz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZTBjM2VkN2U0YTFmNGZkYjhhZmQzNjM4MWUzOWRiZjc%3D&UIDF=CAESEHAjjo6iS3uHF89dlVmdAqE&google_cver=1&google_push=AYg5qPL1DNbhe7ho77sneo0xuoNznO062b6O64zGmuhNlCC_gHAxz_v_IGSVLXWKAuEzibVBkd-i8uOI9Hf0tmYGAq1SgR_yQNQk
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZTBjM2VkN2U0YTFmNGZkYjhhZmQzNjM4MWUzOWRiZjc%3D&UIDF=CAESEHAjjo6iS3uHF89dlVmdAqE&google_cver=1&google_push=AYg5qPL1DNbhe7ho77sneo0xuoNznO062b6O64zGmuhNlCC_gHAxz_v_IGSVLXWKAuEzibVBkd-i8uOI9Hf0tmYGAq1SgR_yQNQk
date
Fri, 25 Feb 2022 02:49:02 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
pixel
cm.g.doubleclick.net/ Frame 761B
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEOQzANwJXCXUR5_HR8MoOio&google_cver=1&google_push=AYg5qPIUa94Gj4HPUE7p9RsqcxiAZSdz5FS25USJQ2evfCEPp2Sl1UF_2M3lpW-Jvi...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AYg5qPIUa94Gj4HPUE7p9RsqcxiAZSdz5FS25USJQ2evfCEPp2Sl1UF_2M3lpW-Jvishz_B7Ex0XLbHa2mqJyatlaP7Z_oA8ufk&google_hm=KRfn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AYg5qPIUa94Gj4HPUE7p9RsqcxiAZSdz5FS25USJQ2evfCEPp2Sl1UF_2M3lpW-Jvishz_B7Ex0XLbHa2mqJyatlaP7Z_oA8ufk&google_hm=KRfnHTdsSia7dA7bu5zzqp4
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AYg5qPIUa94Gj4HPUE7p9RsqcxiAZSdz5FS25USJQ2evfCEPp2Sl1UF_2M3lpW-Jvishz_B7Ex0XLbHa2mqJyatlaP7Z_oA8ufk&google_hm=KRfnHTdsSia7dA7bu5zzqp4
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 761B
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEA8Cgm4tgnlzh0gzNxGIebE&google_cver=1&google_push=AYg5qPIuQwsHiccLCjSayERZYtOseWsHdQLAmt4CVOV7rbu-CL4ReryFpfDOFrfi2P5uZJBPtHCB-ARIPbSHoHGzM8VTk...
  • https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=Nzc3MjE2NDU3NTczNDA1MDk0NjJhNg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=Nzc3MjE2NDU3NTczNDA1MDk0NjJhNg==
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=Nzc3MjE2NDU3NTczNDA1MDk0NjJhNg==
date
Fri, 25 Feb 2022 02:49:01 GMT
content-length
0
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 761B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KMjtI2VnH6C8JeaTmvLo3TtRXtTxBISYxcAMrkl8tlK_zI8_SNcLrzrGhYSJK3AVpu7lIsJ2w
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
6.jpg
assets.vlitag.com/ads//300x250/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/ads//300x250/6.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eabd624454c044535e3af31feea7527234b6824d0049f501d72ad689f4a48ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
626385
cf-polished
qual=85, origFmt=jpeg, origSize=23203
content-disposition
inline; filename="6.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11602
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Fri, 01 Nov 2019 05:04:46 GMT
server
cloudflare
etag
"5dbbbcee-5aa3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Thu, 17 Feb 2022 02:12:02 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6e2d9e3c5c258cec-EWR
cf-bgj
imgq:85,h2pri
sid
mug.criteo.com/ Frame 0FC0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=hawtcelebs.com&sn=ChromeSyncframe&so=0&topUrl=www.hawtcelebs.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=vPpgi3xwSVpDOVAzTVAyVmtoeVRTQk9GN0dWS2FQZmxpZE9GaDZ4Zjh0VWtKbjJrbnRNVUtCSm9KVGxKMTlab3ZMenVEelY0NHR4MS9uSHVrdWpGQlY5VVl1S1dRTUJYbDVPeG4zZkFQYTV1RlY3Nk9qRVRVMS9mVmZxM0...
436 B
636 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=vPpgi3xwSVpDOVAzTVAyVmtoeVRTQk9GN0dWS2FQZmxpZE9GaDZ4Zjh0VWtKbjJrbnRNVUtCSm9KVGxKMTlab3ZMenVEelY0NHR4MS9uSHVrdWpGQlY5VVl1S1dRTUJYbDVPeG4zZkFQYTV1RlY3Nk9qRVRVMS9mVmZxM01sZUt2SnR6NURneWVsbXFFVllkY25wQk9aSFRzRHJqWGhlU2FiMGlScHQzbVNndUJ3WGVjd0dBWVNmTVNxTkVSUldvYVdaNlp3ZWZnaVNDQkIvdkdWR3ZyUW1TbXpLV2FuWkZxcHY2N0VsSG1GTGlzMWVQWXBOREZjN2dHeUl5eUZqUDZrLzlKWlc5ckxnay9uQWxJU2oyUzEzTVVPQT09fA&cppv=2
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.hawtcelebs.com&gdpr=0&gdpr_consent=
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
d8036fe1aa7adbbbfaac2b6a01d844f49920cefe46389aab3ac96c4693942aa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5256
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=vPpgi3xwSVpDOVAzTVAyVmtoeVRTQk9GN0dWS2FQZmxpZE9GaDZ4Zjh0VWtKbjJrbnRNVUtCSm9KVGxKMTlab3ZMenVEelY0NHR4MS9uSHVrdWpGQlY5VVl1S1dRTUJYbDVPeG4zZkFQYTV1RlY3Nk9qRVRVMS9mVmZxM01sZUt2SnR6NURneWVsbXFFVllkY25wQk9aSFRzRHJqWGhlU2FiMGlScHQzbVNndUJ3WGVjd0dBWVNmTVNxTkVSUldvYVdaNlp3ZWZnaVNDQkIvdkdWR3ZyUW1TbXpLV2FuWkZxcHY2N0VsSG1GTGlzMWVQWXBOREZjN2dHeUl5eUZqUDZrLzlKWlc5ckxnay9uQWxJU2oyUzEzTVVPQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1955
content-length
541
expires
0
css
fonts.googleapis.com/ Frame A32E 		3 KB
547 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c0088d08089d4ecfd95333d9db3b56ac6a3b9af2374e083680b39391f7a75ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 02:36:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Feb 2022 02:49:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Feb 2022 02:49:02 GMT
21CL_HRB_3C_AF44241_RFR.jpg
s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/ Frame F8E8 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/21CL_HRB_3C_AF44241_RFR.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a368dc54294b94b6a16f9ac2c5fad6eea42a6dfc7f0dd9879f75302e0f79365
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/9121585/1642800684951/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img/hrb_ct_diy_filefreeonline_html_10_160x600_v1_na_img.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:46:53 GMT
x-content-type-options
nosniff
age
54129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59320
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 21:31:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Feb 2022 11:46:53 GMT
truncated
/ Frame F8E8 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
85dce6f3ea3e30168330db951dc0ef20ec01e265b861b5119edf54c95dde133f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
google2waycm.netmng.com/cm/ Frame 7067 		0
0
pixel
cm.g.doubleclick.net/ Frame 7067
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEHC3JE2pzr8HYWHsDmSq-jw&google_cver=1&google_push=AYg5qPL_kwIsVvzXxNTdSFEvORmDXhjRhuiYhlYiXPSMf974LUMCoyrglNiDAWahsrEz8CgQGDfI5QgL0bGaZ2rRoDFx6RWsNdgAxg
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AYg5qPL_kwIsVvzXxNTdSFEvORmDXhjRhuiYhlYiXPSMf974LUMCoyrglNiDAWahsrEz8CgQGDfI5QgL0bGaZ2rRoDFx6RWsNdgAxg&google_hm=UjFENTMxX0VCRD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AYg5qPL_kwIsVvzXxNTdSFEvORmDXhjRhuiYhlYiXPSMf974LUMCoyrglNiDAWahsrEz8CgQGDfI5QgL0bGaZ2rRoDFx6RWsNdgAxg&google_hm=UjFENTMxX0VCRDJFOTg3Xzk3NjY0QzBG
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AYg5qPL_kwIsVvzXxNTdSFEvORmDXhjRhuiYhlYiXPSMf974LUMCoyrglNiDAWahsrEz8CgQGDfI5QgL0bGaZ2rRoDFx6RWsNdgAxg&google_hm=UjFENTMxX0VCRDJFOTg3Xzk3NjY0QzBG
Date
Fri, 25 Feb 2022 02:49:01 GMT
Cache-Control
private
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
340
Strict-Transport-Security
max-age=-328744142; includeSubDomains
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 7067
Redirect Chain
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEJMr8U5VCwOhTxjbedeXpy8&google_cver=1&google_push=AYg5qPJ3esiqsROij11aiCI3vGxR252V7CWRpQoF0-igQk9wfiTuoEMg1HnI1wV1nq3k-...
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJ3esiqsROij11aiCI3vGxR252V7CWRpQoF0-igQk9wfiTuoEMg1HnI1wV1nq3k-ipyGD5aIN-hY057FDzH81PqWyif8DJGqg&google_hm=QUxVSUl3ZExXSDNsNWN3eU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJ3esiqsROij11aiCI3vGxR252V7CWRpQoF0-igQk9wfiTuoEMg1HnI1wV1nq3k-ipyGD5aIN-hY057FDzH81PqWyif8DJGqg&google_hm=QUxVSUl3ZExXSDNsNWN3eUFpcnlVbXc=
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJ3esiqsROij11aiCI3vGxR252V7CWRpQoF0-igQk9wfiTuoEMg1HnI1wV1nq3k-ipyGD5aIN-hY057FDzH81PqWyif8DJGqg&google_hm=QUxVSUl3ZExXSDNsNWN3eUFpcnlVbXc=
Date
Fri, 25 Feb 2022 02:49:02 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
pixel
cm.g.doubleclick.net/ Frame 7067
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJjEh-eAN0j1MEBCx8M-2kA&google_cver=1&google_push=AYg5qPKmj2zw7IUBj3wQm09sjtOaaCY-E4dEPet8NtcvvKOeuoee0qQQUUrtqLTZgvPEMFA-fbpf6jIBSLwxF...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKmj2zw7IUBj3wQm09sjtOaaCY-E4dEPet8NtcvvKOeuoee0qQQUUrtqLTZgvPEMFA-fbpf6jIBSLwxF1Ml2SxYb4efgU1U&google_hm=LXpaT2gycUVfY3pDTFd1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKmj2zw7IUBj3wQm09sjtOaaCY-E4dEPet8NtcvvKOeuoee0qQQUUrtqLTZgvPEMFA-fbpf6jIBSLwxF1Ml2SxYb4efgU1U&google_hm=LXpaT2gycUVfY3pDTFd1M21WTEs=
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:02 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKmj2zw7IUBj3wQm09sjtOaaCY-E4dEPet8NtcvvKOeuoee0qQQUUrtqLTZgvPEMFA-fbpf6jIBSLwxF1Ml2SxYb4efgU1U&google_hm=LXpaT2gycUVfY3pDTFd1M21WTEs=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7067
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEF2EoFzMf1FEDM8yx5a2LzE&google_cver=1&google_push=AYg5qPIpX8pBF0XiDa6u_FTKIwQF9lSizAwOTP78w5RUbGK4UVUBYpODPbK_ckxW7xXUhkOAP_V_CLxhv6d7NS7hdPAEgaEfYTB51w
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPIpX8pBF0XiDa6u_FTKIwQF9lSizAwOTP78w5RUbGK4UVUBYpODPbK_ckxW7xXUhkOAP_V_CLxhv6d7NS7hdPAEgaEfYTB51w&google_hm=Z2JmOTkxN2VlZjlhYT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPIpX8pBF0XiDa6u_FTKIwQF9lSizAwOTP78w5RUbGK4UVUBYpODPbK_ckxW7xXUhkOAP_V_CLxhv6d7NS7hdPAEgaEfYTB51w&google_hm=Z2JmOTkxN2VlZjlhYTAxOThlMjE=
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPIpX8pBF0XiDa6u_FTKIwQF9lSizAwOTP78w5RUbGK4UVUBYpODPbK_ckxW7xXUhkOAP_V_CLxhv6d7NS7hdPAEgaEfYTB51w&google_hm=Z2JmOTkxN2VlZjlhYTAxOThlMjE=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7067
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBh6CuontJV5YyuV2j0IcF0&google_cver=1&google_push=AYg5qPIa0K5JnWyzDZUwsy8JhpJiNm7sulnmcIvyzOzhA7ICh7SxeNc5ClidEurzbyrpBHOW1NRouN...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIa0K5JnWyzDZUwsy8JhpJiNm7sulnmcIvyzOzhA7ICh7SxeNc5ClidEurzbyrpBHOW1NRouNaey6AmcRur6W5_-MqlouRvfg&google_hm=MTc5MjM1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIa0K5JnWyzDZUwsy8JhpJiNm7sulnmcIvyzOzhA7ICh7SxeNc5ClidEurzbyrpBHOW1NRouNaey6AmcRur6W5_-MqlouRvfg&google_hm=MTc5MjM1MjA2NTUxMTg3NjkzNQ%3D%3D
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIa0K5JnWyzDZUwsy8JhpJiNm7sulnmcIvyzOzhA7ICh7SxeNc5ClidEurzbyrpBHOW1NRouNaey6AmcRur6W5_-MqlouRvfg&google_hm=MTc5MjM1MjA2NTUxMTg3NjkzNQ%3D%3D
date
Fri, 25 Feb 2022 02:49:01 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7067
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEB7jxCtUfCP_BYknXsMRLnc&google_cver=1&google_push=AYg5qPIiRjky_0xCm4TSQ7TZZ-8tCdnBqGGezCUHeFZka5IT2fWwIeAw...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEB7jxCtUfCP_BYknXsMRLnc&google_cver=1&google_push=AYg5qPIiRjky_0xCm4TSQ7TZZ-8tCdnBqGGezCUHeFZka5IT2fWwIe...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA3Y2I3ZWFlZS05NWU1LTExZWMtYmM1NC0wMjQwZjg1ZDA3YjE%3D&google_push=AYg5qPIiRjky_0xCm4TSQ7TZZ-8tCdnBqGGezCUHeFZka5IT2fWwIeAwsSp2RE6Aip...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA3Y2I3ZWFlZS05NWU1LTExZWMtYmM1NC0wMjQwZjg1ZDA3YjE%3D&google_push=AYg5qPIiRjky_0xCm4TSQ7TZZ-8tCdnBqGGezCUHeFZka5IT2fWwIeAwsSp2RE6Aip4-RIDVvwMoQlbSSJXLUOnxUZ7bom4y7V9N4LE
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA3Y2I3ZWFlZS05NWU1LTExZWMtYmM1NC0wMjQwZjg1ZDA3YjE%3D&google_push=AYg5qPIiRjky_0xCm4TSQ7TZZ-8tCdnBqGGezCUHeFZka5IT2fWwIeAwsSp2RE6Aip4-RIDVvwMoQlbSSJXLUOnxUZ7bom4y7V9N4LE
date
Fri, 25 Feb 2022 02:49:02 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 7067 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYOWtCStV_t1N2AcjF_0PwoqlnfjMBrsaQXzA4VSwBANa7WVWddcAKX1B1fxB0u67Iwu9Gow
Requested by
Host: c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
URL: https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
wt.rqtrk.eu/ Frame 52D6 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=e34a6063-e846-4ccb-98d8-0eba4dd66b75&src=www&type=100&sid=0&cb=871302651&gdpr=0&gdpr_consent=&gdpr_pd=0&uid=92b8ad9e8cfdb3848cd04f18d676acf2
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.235.42.103 , Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy-ca-002.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-type
image/gif
content-length
43
expires
Fri, 25 Feb 2022 02:49:01 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152/gdpr=0/ Frame 52D6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152/gdpr=0/gdpr_consent=
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152/gdpr=0/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Server
18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-102.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.15.190
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152/gdpr=0/gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
249
ltm
audex.userreport.com/sync/put/ Frame 52D6 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audex.userreport.com/sync/put/ltm?ltmid=92b8ad9e8cfdb3848cd04f18d676acf2
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.230.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-58.jfk51.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:02 GMT
Via
1.1 9936e6170e9ea67a9517d77d7f053dba.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.18.0
X-Amz-Cf-Pop
JFK51-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
kv5XrdbRwr3e0xq9fAc_LOf_NzgEnhPN_ag1-pqUP0LJugWOGrTq_A==
tpid=99c9dfe3-7960-4e03-b3d1-bfa17a067259
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 52D6
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=92b8ad9e8cfdb3848cd04f18d676acf2&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D99c9dfe3-7960-4e03-b3d1-bfa17a067259%252Chttps%253A...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6237531769661368453&pt=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=99c9dfe3-7960-4e03-b3d1-bfa17a067259
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=99c9dfe3-7960-4e03-b3d1-bfa17a067259
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Server
18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-102.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.0.12
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=99c9dfe3-7960-4e03-b3d1-bfa17a067259
date
Fri, 25 Feb 2022 02:49:02 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
tpid=5f450e0c344f7b146dcd68b5c49d30a2
sync.crwdcntrl.net/map/c=10832/tp=TRUP/ Frame 52D6
Redirect Chain
  • https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
  • https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=5f450e0c344f7b146dcd68b5c49d30a2
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=5f450e0c344f7b146dcd68b5c49d30a2
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Server
18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-102.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.43.139
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Fri, 25 Feb 2022 02:49:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
access-control-allow-origin
*
user-agent
Tru Optik DMP 1.3.1
content-length
142
x-xss-protection
1; mode=block
pragma
no-cache
to-dmp-sync
s6-dmp-ny2-eqx.truoptik.com
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/html
location
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=5f450e0c344f7b146dcd68b5c49d30a2
cache-control
no-store
cf-ray
6e2d9e3d192419aa-EWR
expires
0
tpid=ce21d7cc-805e-f22c-3c34-40f40f60fbaa
bcp.crwdcntrl.net/map/c=10098/tp=SRVT/ Frame 52D6
Redirect Chain
  • https://px.surveywall-api.survata.com/t
  • https://bcp.crwdcntrl.net/map/c=10098/tp=SRVT/tpid=ce21d7cc-805e-f22c-3c34-40f40f60fbaa
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=10098/tp=SRVT/tpid=ce21d7cc-805e-f22c-3c34-40f40f60fbaa
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Server
18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-102.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.45.31
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Fri, 25 Feb 2022 02:49:02 GMT
ETag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
Server
nginx/1.19.2
X-Powered-By
Express
Content-Type
image/gif; charset=utf-8
Location
https://bcp.crwdcntrl.net/map/c=10098/tp=SRVT/tpid=ce21d7cc-805e-f22c-3c34-40f40f60fbaa
Referer
px.surveywall-api.survata.com, px.surveywall-api.survata.com, px.surveywall-api.survata.com
Connection
keep-alive
Content-Length
0
ibs:dpid=121998&dpuuid=92b8ad9e8cfdb3848cd04f18d676acf2&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
dpm.demdex.net/ Frame 52D6 		42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=92b8ad9e8cfdb3848cd04f18d676acf2&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.254.13.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-254-13-75.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v025-0ab3c5f7b.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
5majAP4VRag=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
identity
c.cintnetworks.com/ Frame 52D6 		0
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:92b8ad9e8cfdb3848cd04f18d676acf2
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.11.141 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:02 GMT
Vary
Origin
P3P
CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
Arr-Disable-Session-Affinity
true
Cache-Control
max-age=60, private, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=5
Content-Length
0
sync
sync.tag.clrstm.com/lotame/ Frame 52D6 		0
0
usermatch.gif
beacon.krxd.net/ Frame 52D6 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=92b8ad9e8cfdb3848cd04f18d676acf2
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.145.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-145-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1645757342
x-served-by
beacon-n013-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel.gif
aorta.clickagy.com/ Frame 52D6
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=120&cm=92b8ad9e8cfdb3848cd04f18d676acf2
  • https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=164da6cb-f2e5-437a-93f6-a083eca370ae-6218439e-5553
  • https://stags.bluekai.com/site/51557?id=YhhDnu5nxtEjlUMgr-lALqkj&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=122&cm=aXbSwO3i99eTiCCi
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=YhhDnu5nxtEjlUMgr-lALqkj&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=73108287142213250733347802760755455793
  • https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=WWhoRG51NW54dEVqbFVNZ3ItbEFMcWtq
  • https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEGEr1fgEFIN76lmMHfrFByc&google_cver=1
  • https://idsync.rlcdn.com/420246.gif?partner_uid=YhhDnu5nxtEjlUMgr-lALqkj
  • https://aorta.clickagy.com/pixel.gif?ch=114&cm=732f2f911012933a25dfef8b61d2b8e5bb4bc71b2d0c172a1339770736b093de25abae5358c0e7bc
  • https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=YhhDnu5nxtEjlUMgr-lALqkj&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D
  • https://d.agkn.com/pixel/10751/?che=1645757342755&ip=2a0d:5600:24:1400:1011:d70b:b470:129b&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D163850504073002495601
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=163850504073002495601
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=163850504073002495601
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
HTTP/1.1
Server
52.7.51.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-51-190.compute-1.amazonaws.com
Software
Aorta/20220128.132aca1 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
content-encoding
gzip
server
Aorta/20220128.132aca1
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
Content-Type
image/gif
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-16-203.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
61

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:01 GMT
via
1.1 e60afe88b840ada9af7b8a328e52a866.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK51-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=163850504073002495601
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
dfsz7xi2UR5w-ezKDKGfa9qUH8ILBqBessjk0WNXiUKrVHlDO8RL9g==
expires
Sat, 01 Jan 2000 00:00:00 GMT
image.sbxx
ib.mookie1.com/ Frame 52D6
Redirect Chain
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=92b8ad9e8cfdb3848cd04f18d676acf2
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=92b8ad9e8cfdb3848cd04f18d676acf2
120 B
981 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=92b8ad9e8cfdb3848cd04f18d676acf2
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
HTTP/1.1
Server
64.58.232.180 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:02 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
LAS12
Content-Type
image/png
Content-Length
120
Expires
-1

Redirect headers

Date
Fri, 25 Feb 2022 02:49:02 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Location
https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=92b8ad9e8cfdb3848cd04f18d676acf2
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
X-Server
LAS03
Content-Type
text/html; charset=utf-8
Content-Length
217
utsync.ashx
ml314.com/ Frame 52D6 		43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=92b8ad9e8cfdb3848cd04f18d676acf2&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.23.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-23-231.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:01 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0,Fri, 25 Feb 2022 21:49:02 GMT
tpid=0-3f341e69-736e-41ac-7ec1-92eeb3778bee$ip$5.181.234.158
bcp.crwdcntrl.net/map/c=6569/tp=STKA/ Frame 52D6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=lotame
  • https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-3f341e69-736e-41ac-7ec1-92eeb3778bee$ip$5.181.234.158
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-3f341e69-736e-41ac-7ec1-92eeb3778bee$ip$5.181.234.158
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Server
18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-102.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.38.144
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-3f341e69-736e-41ac-7ec1-92eeb3778bee$ip$5.181.234.158
Date
Fri, 25 Feb 2022 02:49:02 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
tpid=bc3038ad-89f0-4035-9413-31ef3742a335
bcp.crwdcntrl.net/map/c=6584/tp=VIDO/ Frame 52D6
Redirect Chain
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1
  • https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=bc3038ad-89f0-4035-9413-31ef3742a335
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=bc3038ad-89f0-4035-9413-31ef3742a335
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Server
18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-102.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.13.78
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
Apache-Coyote/1.1
location
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=bc3038ad-89f0-4035-9413-31ef3742a335
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
tpid=CI-ff2139a64e14163a0652a9632f4f6866
bcp.crwdcntrl.net/map/c=6220/tp=TRMR/ Frame 52D6
Redirect Chain
  • https://dt-secure.videohub.tv/v1/usync/lo
  • https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-ff2139a64e14163a0652a9632f4f6866
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-ff2139a64e14163a0652a9632f4f6866
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Server
18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-102.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.0.68
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-ff2139a64e14163a0652a9632f4f6866
Date
Fri, 25 Feb 2022 02:49:02 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
qmap
sync.crwdcntrl.net/ Frame 52D6
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26gdpr%3D0
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Server
18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-102.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.10.83
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Fri, 25 Feb 2022 02:49:02 GMT
Server
MT3 4172 645ee8c master ord-pixel-x17 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Feb 2022 02:49:01 GMT
gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=164da6cb-f2e5-437a-93f6-a083eca370ae-6218439e-5553/ Frame 52D6
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=164da6cb-f2e5-437a-93f6-a083eca370ae-6218439e-5553/gdpr=0
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=164da6cb-f2e5-437a-93f6-a083eca370ae-6218439e-5553/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Server
18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-102.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.36.176
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=164da6cb-f2e5-437a-93f6-a083eca370ae-6218439e-5553/gdpr=0
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
token
token.rubiconproject.com/ Frame 52D6 		0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=7&puid=92b8ad9e8cfdb3848cd04f18d676acf2&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
gdpr=0&_test=YhhDngAIwBmCJwBB
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YhhDngAIwBmCJwBB/ Frame 52D6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=YhhDngAIwBmCJwBB
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YhhDngAIwBmCJwBB/gdpr=0&_test=YhhDngAIwBmCJwBB
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YhhDngAIwBmCJwBB/gdpr=0&_test=YhhDngAIwBmCJwBB
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Server
18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-102.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.32.4
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1645757342.429433,VS0,VE0
x-served-by
cache-lga21981-LGA
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YhhDngAIwBmCJwBB/gdpr=0&_test=YhhDngAIwBmCJwBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 52D6 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5907
tags.bluekai.com/site/ Frame 52D6 		62 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=316822abbce9f7841a55e68e170c0abe
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:49:02 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4470016423583563883/ Frame 52D6
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/92b8ad9e8cfdb3848cd04f18d676acf2/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4470016423583563883/gdpr=0
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4470016423583563883/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C95%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Server
18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-102.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.43.135
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4470016423583563883/gdpr=0
pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
view
googleads4.g.doubleclick.net/pcs/ Frame 2D54 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvC30Y9dfIVDfKq-UHBgz30zwU_7pQ9c5S1xuKAziCxuSVkPMOmHeC4q8DPoWTTYvTHH26JnVR1ZxTJ4ThLH9s0N7fvtcjlGXWUce9QphYvYOsY8LENKroQFj7Mh9mAihFKI7b_ccO9nvzosF9CR1810zvV_3exBKSs4thr1pPfW1s-CdOoghJ-XS4518HV2gpCu9LhZOefSnYGLU3qAQLAVzEvH9OdQ3Ndww30YsI1gq5AJ2uIzIfsm_G_mr8ltuNgJ5q9Muy_mZ3rWPuEJ3_geU_FUfOkW7Au_tmuFZ0Z-m8iyPN9GdQymrErNX3Xeq3TL8ogFKiZHSIgA5lRTnnFQrA7qzfcGtRt3U6epB3RqewsDoGoCOjzLw0VqmtEhGBAouEJKJi8fdNwe8ate96oA1nhAnC1jINkuL2slObZdyPwkBj5IfdABNbswIz7UDiB5Vl47MTZCV7m9HzigRBdYo587NpWBDjbL_jjkAET4JnkwVLZz7jiqYlXJfhsPPL-xMi6yE5CJA_69GqwrQPAj8mPGYCArHPLJUAqy-Idy_Bw-bXjLG9kwNZaCb-nxXpIEwseQUj4a2XZf2UHiU-tgAygfDHUf1iTYQmarXPaVXTqKBt8e1PngLsDehL8JMj1OqY7jfTgiidFU4gy9UaAxdzWigO7kWvwVRqC7dZYhq5nvbr-fsjErEGc2kOSN5VVLFfj46pQSzCNCpkwpdP1ssETIdgwM6iyfqoychxUE02gVp3caP8YbVO_lv289-VFgOGDT4Exy_Dr5qifkbIeKl6qKiIRcjhmdy-qrr2QFoVEwSu0DaxUAanI_nuW3hpuhT6uWElgS8Pw66oLfcWtEhb-JmUYXbjVNdJ3x3GtyKGyXTqCEw2VEw4V9UlTDjyrNyCG4Ic2gZ1KHS2lDnwIdUNMYPy5ktnXEZd56Xeh-1OoMltGYcASryxe2ErllkljlGuw1bx23vTq385hRfnbJlhfJ3ptbFP1tmNPRnUEvwYajMjzWH9Rts2LZFsX8gv2QY80_rO0uxWUsqrDme5hEtE0pVPiyV8exL6LmvxEiZi6NBYJPMth4MV8CdBA88jp_Dx6cw22jR0vYvXH3J0oiw8IimNxDBDT5m_mNTnvomE62J-gFxTKQxGk8kDLp1d3Jwfw21UcHT3Y9y1bCKX6_4CDEGaG-vVVbrcLa0XOpc_kQqsV7my7v6GwdxGWksFrT5yYHQvLszp1PYTwYA--hQiQJ-vbtKUa6P8Sq4KKTtQfw6lznLYwv0SW3iE4JrywlawHU3wYqfmiVLo-JLI4Vd_Uw_CDGYJZTM9&sai=AMfl-YRSol6lPDtuxHfjpDZvVtETx4aYQINCs3y0J80UMakXwuHnc-4h7jb3VqzEEtyW2y11Cxr6ClcZ0e7GKfG5RYz0i2AY6uBPgBBicFJnERFE6YBwe-q_nq_PeKQ2bm5S36JRo_ReMpLYN_gEld43g5nRzt2nZhRp7a020qu9kQGeWVh1MgYD18c&sig=Cg0ArKJSzGW21TlzLSt0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=755&vt=11&dtpt=373&dett=3&cstd=380&cisv=r20220223.51687&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:49:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dt
dt.adsafeprotected.com/ Frame 180D 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=904480&asId=5c400c75-17ed-378a-4476-88378025a091&tv=%7Bc:5chsJj,pingTime:-10,time:734,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1645757342208%7C%7Cd8ac0bca00f5910d60097cc3601ca25b%7C%7C920bd99aa4265c459f442b819dba176b%7C%7C28d37591133e57c8430bb83de0efb98e%7C%7Cb3f62e0709294bac255b92d5a0bde3b9%7C%7C5ce153f277e9b4d60922df3c23d5a2fd%7C%7C53e5678bc0855f4b2f0ada1e9755c2bf%7C%7Cc0e657b29c579aa85285348f976b173e%7C%7C1629390669,im:%7Bimprf:%7Bttecl:594,ecd:16,tsecr:273%7D,pci:%7Btdr:593%7D%7D,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:02 GMT
X-Server-Name
dt39.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ Frame A32E 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.us.criteo.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 14:45:22 GMT
x-content-type-options
nosniff
age
216220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Feb 2023 14:45:22 GMT
SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
pagead2.googlesyndication.com/bg/ Frame C346 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 04:08:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
81612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13759
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Feb 2023 04:08:50 GMT
SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
pagead2.googlesyndication.com/bg/ Frame 9A45 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 04:08:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
81612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13759
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Feb 2023 04:08:50 GMT
dt
dt.adsafeprotected.com/ Frame 2D54 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=904480&asId=41c325b9-c60f-b543-be1b-add61f823207&tv=%7Bc:5chsNa,time:754,type:e,im:%7Bimprf:%7Bttecl:604,ecd:4,tsecr:225%7D,pci:%7Btdr:567%7D%7D,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:754,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B748~0%5D,as:%5B167~160.0,581~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:161,fm:sYpU5jB+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i.904480-59616675%7C1i1%7C1i2%7C1i3%7C1i4%7C1j*.904480-59616658%7C1j1%7C1k%7C1l1%7C1l2%7C1m%7C1n%7C1o,idMap:1j*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:02 GMT
X-Server-Name
dt39.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame C346 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoV1_nUMYYtDkBZavNfvskNgJAAAAADgB4AQC&bg=!Li2lLWnNAAas2QJZrNk7ACkAdvg8WuEUv2dVGwhoZtHANFjcLQrItqyYRT8Eo6XVXX-bsQPSPekslAIAAACuUgAAAAFoAQeZAya0RHgmedNXVWwFYULVfcN14YCBs7ZJVynrxgtYLbXaBHMLBzoYvnTqT3NaZPUFPO-wEUn0U6X2_Kyib9Dyq7ctfGMVvsVRFMldvn77q2oKzPc_xuWkP9lpVfDR3etC2X32NLKKnOyZhBXWxLIySkHc3rQ_tpOUly5w26Vd2zwhlycHfrOAIYgzfO-aA2rHO_PFJQsDn5D3KEWW4y_eqcU6bvnmsEdR1fbjsMF_V_LhpVT2SmAB6oOH3QV62w5adxNKWqZOjL9gRs_TKgaBIshO5oUMYWezT4s4gWDhbEH5sbkOMLImY2ZnKz7XaZDQyEz0YAWGq2HbpgE7XONrc-NK9ermYjkVEEtM_tVpXBJslinOUrcgQuG8KmfSw9bT8TDZw3yfCQ9I0vhBORV46apzWsNT4tp0qpaRdaNCi-EWWcwG-Rd8xUDBBhVVWL62JmsTdzbGxpNJbPEWp15IdaY253yMQXHHknCsEOahwmGutm_mjfRsHAXAOaeLkqsTn2dD6KzVq_sZQCOMWjQY9lKBJwao3KItzOBCXiOv3f4jUncJfucLldKxolhchDTaSf0Y16cOBARbgQ7_rziXBIuWM1AkgpdmgvvQqqGQdeExYPAH73I98Dm8lw0n1ezL6HHSLlUEutYxRxj1CffK6rWhneMhJzbtrTWVfSLw5fPZdq16-9Nhgs3voJQfswhB8jb4pQWHJvtLcPAwCDB-q13g_pIDRUv7tIN20qzhQ8IDsc6E9_U5d8lXJEAz_tYHsNZXiT2eTt2JBC99ZuSd4wAybbu6VLnBe_hAP6AlkfY_rLZps3bksUsjvyc1-H3QgJgrJw7LWPHcuYSX-qRRFWVRvFfxJOwnvOt8Rh7P4tiMT-BSI1yFOZ4WMGaIOgEdQJaXRirtGUycbzmyev9W5H_TmZGthFPamuFgFyQZ8gaX1p2mPd95CzpyTWFNd-AEbALW_5XjIP5_xoz23SBwPqkLtFus3D8i18v6D4VB7Pl1g6KzaaKIXdHlzy4JRD2C7qH4x9E8WUuFxzsk7O3VMl2ELRsV8uedno030_SHnKYRER8ozr0B2A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A45 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bs3iTnUMYYqmGE6CBoPMPysiz-A0AAAAAOAHgBAI&bg=!l5SllNDNAAas2QJZrNk7ACkAdvg8WuxuFjxxXF2GfeIQ5FnWTemPDAA9ryCJYWGRYxPYR_EUwaX49AIAAAChUgAAAAJoAQeZAzCMc8stYxOQmxK3l3xbsmCxgeF5JrJmJcS9OHJRQeNf5KitpcHwMOdHvXe66bBIkSUj-7eCvgrxmV5JBZrX1XURzoNuVDT_Bv_Sh7lD1W6Ueceb6gscGgOqowW3sWta4vkqne4cLWvh8dmx9KkL0xABSo6t2_AHkYvECKsSMEklTDfVlT_6H-c6j3WMhWZkqQM9MaWSlUY4qZl6v9Vyh6Z4zDSa_u63LnVrTz6SPf-N7kn0aiNrAD1n6I3JCz3U2tbBiX5DDWLQ4WB9neei-o_mQhBwkneNgIjdwZ3xNwKSPBVq96x4Y49o03eD40u0NmKUBe7ax0cwtODwV9pRZ4TPhWHlSwcXQsOFaM2xbLeWBwsxqYxChEo6hUwnGCKmyXkiaysVHKKt1AQ8B4NiqYezvdHaq3P2vGSa6PstbtC1-pAabb2uIfxPyVYmIxnTgL_d7UbY3obOq5ogS2jRR0qXhSHmUgedJVCukTW31qPhnH5MpN7aTQb9ge47_mMwDGUUMjB9j4p3iAS1CdSvnPmtV7tH4dmf3IMx_UtVuopM9fL_u1aV5gCn03r_kw7yMnYZlacEaXflw0XspPp0f-aQexxv3Eb8ciekR0CZeAWpzuCyHbkHjsAlNIBnxWKcgBW3qbrx0hj7e74W4l8slCqvrPAcVJMZyhdrLNm1dUssl5mbORRr_KeZGmk1wlqP90Ki2Bj-7uL1IfbFmTbyLXMANhifvE-_4bWciveRO4FxSeM_nwWo_Qo2uoDygd9D2jC2-ylLDzT6g9nExt08wohV-yzTYXnD_CdpIlUzeyTD2lT2qxtxoSnUn9Wue2c_zLOKwPYTDHo6QwyR5Cgz4S2h8TONOGH-BE1E4OYJ3Spww4qgRIjFhsr63bnJxkzjT9YTA77imphZ_2ZjDDLx5dE1x8a9Hozf1srZFHooOL5E3ftOZAvCtqeLOkLhM5SIR0CXVXHbe_0aCAi3_bQGT3QFqc1ZqqvOIw4FEyTl7A853bl65Gkx7Aoxv8OUw4PC3D51zEtIU1P6QCtrWX26_0hXAscLUJyZr-_Gqh8OGBAPrkVqZu-JqVS8jj-hT8wq638
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Fri, 25 Feb 2022 02:49:02 GMT
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
v1
btlr.sharethrough.com/universal/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.229.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-229-107.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Fri, 25 Feb 2022 02:49:02 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
cdb
bidder.criteo.com/ 		188 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=117&profileId=185&av=34&wv=6.10.0&cb=68971194406
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6bdd1f14160340930bc96774735b7a8a3ae8c3ab643499197da3b37369ec0337
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
172
c
prebid.a-mo.net/a/ 		471 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
4b5e8c9a2b1e57c126a12c3540c162f1c437b2dd04fcc2e4c7eb98ce9420a6e5

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
50
content-length
254
auction
tlx.3lift.com/header/ 		19 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.10.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.71.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-71-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
x-auction-status
12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
ROS
pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ 		423 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.08936603806633237&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&e_pubcid=483b11f3-554f-467d-b1b6-a457cb60b834
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b25a41c8c7387e1247905dadf132ba889966e5bda993383b3f8a197382725db3

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Fri, 25 Feb 2022 02:49:02 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
423
x-sid
IAD-1216
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
97d01c338afc5de5d5cb0da15bc24435071c1461aff74001b1ce6c87fc1c0d48

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
unruly_prebid
targeting.unrulymedia.com/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
prebid
prebid.ad.smaato.net/oapi/ 		0
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:02 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
b603e878-3b9d-4ae6-9499-34832470637f
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
prebid
prebid.ad.smaato.net/oapi/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:02 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
ba775ab8-ccdf-4f94-a6fd-623f284c4b42
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
quantumdex
useast.quantumdex.io/auction/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
6e2d9e3f6ba80c91-EWR
prebid
ib.adnxs.com/ut/v3/ 		250 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e9a6670ddeb3602d1bd5fbd434301dba16561976962a89a3c87c7c42a8c1cc33
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:02 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
fdfc9314-f3b3-4241-b27e-948677e29fc0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:02 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		19 B
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:02 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
cef3cd35-231b-495b-96f4-0aa497412064
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
px.vliplatform.com/bi-v4/ 		0
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNKYUZTRzdNYKAtrBwU-UMYq-PAeM-Mete-qrqMaYTUKyMyRlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNARkjmNKYMbaARwlNliqktzikgxui,ekoztg,qdb,zkohstsoyz,gftzqu,thsqffofu,nqiggllh,xfkxsn,ldqqzg,jxqfzxdrtb,gyzdtroq,kzwigxlt,qhhftbxl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7eHicccvXbq0NGwGykMEDIKiLYYS2KxtIYIE1XJTdA6ip7vZOCZYyvCwX%2FDqHpog1g%2Bo6puOqwd2gi%2BV0SfoJ5Q5tsTSs41h3UNuOM8ohNW6TRSF7nNhJb2wqS3bpMhT%2F8%2BrBi9w7li83ivJS83cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e3f6efc8c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
/
px.vliplatform.com/bi-v4/ 		0
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNKYUZTRzdNyMqUatPY-AYtw-PyKP-qUqe-aMUKAqKtKaBMRlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNARkjmNaKAbaARwlNqdb,zkohstsoyz,gftzqu,thsqffofu,xfkxsn,ldqqzg,jxqfzxdrtb,gyzdtroq,kzwigxlt,qhhftbxl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hn02KbipgolO89T1blQX%2FcXK%2FCj%2BsxrgfAIrueDOdALdIxWqi451dSXU6VSnz3FXqjhdF7Bgx1X2uQ%2BxmuGB7Ttx%2FOL1VPHL2xclZ8QD80Wex6bWYNgokvvo1J5QVt8w0mUEkExH9VKbMbJPwa2bVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e3f6efe8c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
activeview
pagead2.googlesyndication.com/pcs/ Frame 180D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwNRCzJtOr48iwg3OAr7TYaQgGz-I8gmxAxXoA-j8Slsb-43zdPuo4dAYK5PN2A8CkMstlO2yIjIp20QE8ewxz9LAaXjftcpDG9I5Tqvt4mXPYAnI&sai=AMfl-YTR14fDyjv7z5yC2FpY5DkjbQPKNKYLHIBBtBITjdYTmBlzfM-JwOZa-HzDfLK9pT0-VU7Y-_SCHQyTM8021uPqZYYTyto_rl9fNmKRKO5xr-5X_4q1bgQtil8&sig=Cg0ArKJSzPw7bIN7E0tXEAE&cid=CAASEuRo7MOyahBENSbSYXn8soO9nw&id=lidar2&mcvt=1002&p=395,1029,645,1329&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220223&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=425794434&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645757340859&rpt=807&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
bidder.criteo.com/csm/ 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		648 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?countrycode=US
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b3cdc3fe056e5aa4571475a45f63d5fe335a36b2d4484ec5985073d70d8a1d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dXJpXjV9wQ3p0VkpFJTJCbTh3YWlMaHoxJTJCU3ZtN1BMa0YwZzh3RFMzMEc0R2lqM1RNYyUzRA%26u%3d%24%7bUSER_...
  • https://ssp-sync.criteo.com/user-sync/match?p=XJpXjV9wQ3p0VkpFJTJCbTh3YWlMaHoxJTJCU3ZtN1BMa0YwZzh3RFMzMEc0R2lqM1RNYyUzRA&u=AAB7gk7EMIcAAH15dBe-JQ&gdpr=false
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=XJpXjV9wQ3p0VkpFJTJCbTh3YWlMaHoxJTJCU3ZtN1BMa0YwZzh3RFMzMEc0R2lqM1RNYyUzRA&u=AAB7gk7EMIcAAH15dBe-JQ&gdpr=false
Protocol
H2
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:01 GMT
cache-control
no-store,max-age=0
cross-origin-resource-policy
cross-origin
server
Kestrel
strict-transport-security
max-age=31536000; preload;

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=XJpXjV9wQ3p0VkpFJTJCbTh3YWlMaHoxJTJCU3ZtN1BMa0YwZzh3RFMzMEc0R2lqM1RNYyUzRA&u=AAB7gk7EMIcAAH15dBe-JQ&gdpr=false
Date
Fri, 25 Feb 2022 02:49:02 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=lzNcVl8wNVlSMGxDcFJEazVScm5RRlRUeW5PWlpZWWJSazBpM3pycDlURjBDdGxvJTNE&gdpr=false&gdpr_consent=&us_privacy=&cr_user_id=
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dcriteo%26expires%3D30%26user_group%3D%24%7...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dcriteo%26expires%3D30%26user_group%3D%24%7...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=e34274d0-82d2-5338-b9ac-2289dbb46117&ssp=criteo&expires=30&user_group=1
  • https://ssp-sync.criteo.com/user-sync/match?p=lzNcVl8wNVlSMGxDcFJEazVScm5RRlRUeW5PWlpZWWJSazBpM3pycDlURjBDdGxvJTNE&u=bf9fd540-38fe-45ee-94d0-583b2d0001e1
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=lzNcVl8wNVlSMGxDcFJEazVScm5RRlRUeW5PWlpZWWJSazBpM3pycDlURjBDdGxvJTNE&u=bf9fd540-38fe-45ee-94d0-583b2d0001e1
Protocol
H2
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
cache-control
no-store,max-age=0
cross-origin-resource-policy
cross-origin
server
Kestrel
strict-transport-security
max-age=31536000; preload;

Redirect headers

Location
//ssp-sync.criteo.com/user-sync/match?p=lzNcVl8wNVlSMGxDcFJEazVScm5RRlRUeW5PWlpZWWJSazBpM3pycDlURjBDdGxvJTNE&u=bf9fd540-38fe-45ee-94d0-583b2d0001e1
Date
Fri, 25 Feb 2022 02:49:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dokPSEF81Q0g0QVdqJTJCZzd6T0VhT3VyWm5iTWhTM0ZYOHRHJTJGM2ZQa1czNnZsT21ZYyUzRA%26u%3d%3c...
  • https://ssp-sync.criteo.com/user-sync/match?p=okPSEF81Q0g0QVdqJTJCZzd6T0VhT3VyWm5iTWhTM0ZYOHRHJTJGM2ZQa1czNnZsT21ZYyUzRA&u=56243e83-42ef-450d-af38-b34e70e05cae-tuct911c91e
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=okPSEF81Q0g0QVdqJTJCZzd6T0VhT3VyWm5iTWhTM0ZYOHRHJTJGM2ZQa1czNnZsT21ZYyUzRA&u=56243e83-42ef-450d-af38-b34e70e05cae-tuct911c91e
Protocol
H2
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
cache-control
no-store,max-age=0
cross-origin-resource-policy
cross-origin
server
Kestrel
strict-transport-security
max-age=31536000; preload;

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=okPSEF81Q0g0QVdqJTJCZzd6T0VhT3VyWm5iTWhTM0ZYOHRHJTJGM2ZQa1czNnZsT21ZYyUzRA&u=56243e83-42ef-450d-af38-b34e70e05cae-tuct911c91e
date
Fri, 25 Feb 2022 02:49:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1971
dt
dt.adsafeprotected.com/ Frame 2D54 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=904480&asId=41c325b9-c60f-b543-be1b-add61f823207&tv=%7Bc:5chsTN,pingTime:-10,time:1165,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1645757342208%7C%7Cd8ac0bca00f5910d60097cc3601ca25b%7C%7C920bd99aa4265c459f442b819dba176b%7C%7C28d37591133e57c8430bb83de0efb98e%7C%7Cb3f62e0709294bac255b92d5a0bde3b9%7C%7C5ce153f277e9b4d60922df3c23d5a2fd%7C%7C53e5678bc0855f4b2f0ada1e9755c2bf%7C%7Cc0e657b29c579aa85285348f976b173e%7C%7C1629390669,sca:%7Bspg:5c400c75-17ed-378a-4476-88378025a091%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:02 GMT
X-Server-Name
dt39.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 2D54 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1m2NogZnJfILsAUjLSW-E6KWkTeYq1ilggX-3Ohb5UkW-iwCTDBQlvAixwmcAt8DIRVauqw_LZjB-Rofs1HkN8ThxquSdroJBZXVHQp5Xv3i3KNk&sai=AMfl-YRJFrIao7fVZZI2BJzl94dEEsolRwzuGZdmX_6iTP1I3cIbpASiMJd0cnc2mMa0IKIQglqeb2i-Br5jDeBKa1VXjvIBKQACRAoOxUAMqOju_BpFF8Ml6bI_EAU&sig=Cg0ArKJSzIX0oLWHalYTEAE&cid=CAASEuRowyBk4pgcZY0mE8s4ILD8RQ&id=lidar2&mcvt=1000&p=415,272,1015,432&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220223&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1836524711&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645757341001&rpt=862&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rid
match.adsrvr.org/track/ 		108 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1324mj4&fmt=json
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
355f9b0997c5d1bca360123f798901902ded01a43d30dcf40e2843b7298fb73e

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:03 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 27 Mar 2022 02:49:03 GMT
verizon_video
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a8fd6193-125b-4092-ba5f-7d642633cd48
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a8fd6193-125b-4092-ba5f-7d642633cd48&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1&gdpr=0&gdpr_consent=
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/verizon_video?uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1&gdpr=0&gdpr_consent=
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/verizon_video?uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1&gdpr=0&gdpr_consent=
date
Fri, 25 Feb 2022 02:49:03 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=a8fd6193-125b-4092-ba5f-7d642633cd48
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A&gdpr=0&gdpr_consent=
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A&gdpr=0&gdpr_consent=
date
Fri, 25 Feb 2022 02:49:03 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L01TFFPO-27-11SK&gdpr=0&us_privacy=1---
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L01TFFPO-27-11SK&gdpr=0&us_privacy=1---
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:02 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid.a-mo.net/setuid/magnite?uid=L01TFFPO-27-11SK&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
Expires
0
7.gif
id5-sync.com/c/434/796/3/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=5fa6044d8d&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&pubid=5fa6044d8d
  • https://id5-sync.com/s/434/9.gif?puid=ca27101e-92a6-4431-be3d-4c81d4005bc5&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/434/9/1.gif?puid=ca27101e-92a6-4431-be3d-4c81d4005bc5&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/434/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/2/8/2.gif?puid=6237531769661368453&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/434/3/7/3.gif?puid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&ttl=%%TTL%%
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_I...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opi...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEPK1WTrDlcx5Oarr6yAH4Ho&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=6237531769661368453&opid=apx&ops=&utidl=tech:goo:CAESEPK1WTrDlcx5Oarr6yAH4Ho&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A25499385022&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAB7gk7EMIcAAH15dBe-JQ
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F796%2F3%2F7.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/434/796/3/7.gif?puid=7edfac87-95e5-11ec-b3ae-b9599d422bef&gdpr=0&gdpr_consent=
0
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=30076218-439d-4700-9dda-44f2b86092d3
49 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=30076218-439d-4700-9dda-44f2b86092d3
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:03 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-29
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 25 Feb 2022 02:49:03 GMT
Server
MT3 4172 645ee8c master ord-pixel-x55 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=30076218-439d-4700-9dda-44f2b86092d3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Feb 2022 02:49:02 GMT
sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA3Y2I3ZWFlZS05NWU1LTExZWMtYmM1NC0wMjQwZjg1ZDA3YjE%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEFpJsibzdAcVlpc029i7SJQ&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFpJsibzdAcVlpc029i7SJQ&google_cver=1&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFpJsibzdAcVlpc029i7SJQ&google_cver=1&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:03 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFpJsibzdAcVlpc029i7SJQ&google_cver=1&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
date
Fri, 25 Feb 2022 02:49:03 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2809753602401196877
49 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2809753602401196877
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:03 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2809753602401196877
Date
Fri, 25 Feb 2022 02:49:03 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=sonobi&ssp_uuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=sonobi&ssp_uuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=sonobi&user_id=903ddf42-6f2f-4986-95f7-7f3a23eebde3
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1
49 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:03 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1
Date
Fri, 25 Feb 2022 02:49:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=ca27101e-92a6-4431-be3d-4c81d4005bc5&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=NFU4VVlHY1JBSFl2MHVXMmk1dFNwQQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEKZOC5AjQ4MVuDA8w67MRw&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=77qq9NjowdEy
49 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=77qq9NjowdEy
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:03 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=77qq9NjowdEy
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6f4b885bc-b2qtt
expires
-1
sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://pixel.advertising.com/ups/55986/sync?uid=YhhDngAIwBmCJwBB&_origin=0&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YhhDngAIwBmCJwBB&_origin=0&gdpr=0&gdpr_consent=&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YhhDngAIwBmCJwBB&_origin=0&gdpr=0&gdpr_consent=&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:03 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YhhDngAIwBmCJwBB&_origin=0&gdpr=0&gdpr_consent=&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
date
Fri, 25 Feb 2022 02:49:03 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
ap.lijit.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain?gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F142%3FA%3Da8fd6193-125b-4092-ba5f-7d642633cd48%26bidder%3Dsovrn%26cbx%3D%26gdpr%3D...
0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F142%3FA%3Da8fd6193-125b-4092-ba5f-7d642633cd48%26bidder%3Dsovrn%26cbx%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24UID
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Feb 2022 02:49:03 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F142%3FA%3Da8fd6193-125b-4092-ba5f-7d642633cd48%26bidder%3Dsovrn%26cbx%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24UID
date
Fri, 25 Feb 2022 02:49:02 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&_origin=1&gdpr=0&gdpr_consent=
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&_origin=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:03 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&_origin=1&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
dt
dt.adsafeprotected.com/ Frame 180D 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=904480&asId=5c400c75-17ed-378a-4476-88378025a091&tv=%7Bc:5cht9K,pingTime:1,time:2373,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:300,h:0,t:25%7D,%7Br:r,h:250,t:195%7D,%7Bpiv:100,vs:i,r:,t:1372%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1372,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1365~0,0~100%5D,as:%5B189~300.0,1176~300.250%5D%7D%7D,%7Bsl:i,t:1372,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:63,fm:sYpU5jB+11%7C12%7C13%7C14%7C151%7C152%7C153%7C1541%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i*.904480-59616675%7C1i1%7C1j.904480-59616658%7C1j1%7C1k%7C1l1%7C1l2%7C1m,idMap:1i*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:03 GMT
X-Server-Name
dt39.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 180D 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=904480&asId=5c400c75-17ed-378a-4476-88378025a091&tv=%7Bc:5cht9L,pingTime:1,time:2374,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:300,h:0,t:25%7D,%7Br:r,h:250,t:195%7D,%7Bpiv:100,vs:i,r:,t:1372%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1372,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1365~0,0~100%5D,as:%5B189~300.0,1176~300.250%5D%7D%7D,%7Bsl:i,t:1372,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:63,fm:sYpU5jB+11%7C12%7C13%7C14%7C151%7C152%7C153%7C1541%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i*.904480-59616675%7C1i1%7C1j.904480-59616658%7C1j1%7C1k%7C1l1%7C1l2%7C1m,idMap:1i*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:03 GMT
X-Server-Name
dt35.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:49:03 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Fri, 25 Feb 2022 02:49:03 GMT
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
c
prebid.a-mo.net/a/ 		137 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
ec5c15bcce3689169684ad88b997195f706da910b05edb47e36d963f7a0fe848

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:03 GMT
content-encoding
gzip
server
envoy
vary
origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
187
auction
tlx.3lift.com/header/ 		19 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.10.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.71.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-71-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:03 GMT
x-auction-status
12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.229.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-229-107.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Fri, 25 Feb 2022 02:49:03 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
333f5a7ad18821c2a9bc2a8c417ef08a4d289e0663e2730888410ad402abe209

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
server
ATS/9.1.0.33
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/ 		251 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c5259bf726cb69d7641061c02b78cb3da55eace8db93db647ebc045d29658894
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:03 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
5a252a1d-e17c-4a39-b256-b2051a8b2c1a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
251
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ROS
pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ 		423 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.08936603806633237&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&e_pubcid=483b11f3-554f-467d-b1b6-a457cb60b834
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b25a41c8c7387e1247905dadf132ba889966e5bda993383b3f8a197382725db3

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:03 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Fri, 25 Feb 2022 02:49:03 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
423
x-sid
IAD-1216
unruly_prebid
targeting.unrulymedia.com/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Fri, 25 Feb 2022 02:49:03 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
prebid
ib.adnxs.com/ut/v3/ 		252 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
940f54fdb941b3e27ef9018b002812c482905f86d24a676d0dba4126b9c336b5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:03 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
820318f7-9c57-4dc7-aff0-712bc5d4f1d3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
252
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		188 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=117&profileId=185&av=34&wv=6.10.0&cb=81801214559
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
18dca001263e5923222e8d0c27d49707d7c67e77ef6f7d4e0b66a289cb410d33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:03 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
172
prebid
prebid.ad.smaato.net/oapi/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:04 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
16cbade8-6781-4888-a440-441298098c8b
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
prebid
prebid.ad.smaato.net/oapi/ 		0
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:04 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
96034d05-d376-4544-a41b-623f7fd525b8
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:03 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
quantumdex
useast.quantumdex.io/auction/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
6e2d9e47ae340c91-EWR
/
px.vliplatform.com/bi-v4/ 		0
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNKYUZTRzdNAyqaTKTB-KZea-PKZT-MTYq-TUTyaKAtUBPURlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNARkjmNaKAbaARwlNqdb,zkohstsoyz,qhhftbxl,thsqffofu,xfkxsn,gyzdtroq,gftzqu,ldqqzg,kzwigxlt,jxqfzxdrtb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tlG1FH0PUeMAy9O04I5CfaIYtv43DEVt65dO0O9JcuLaO%2B0VKE5qex9GHDj19n4hzTcrTOZBd2NuAhjSIN4XKgtYRbTq4jS6%2B%2FZpdl7IRqEo3TJHh7j4r3P6cu%2FMa7Ueq0YlgdIu7DN2wP3ZYJnJ%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e47ce058c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
/
px.vliplatform.com/bi-v4/ 		0
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNKYUZTRzdNKqqBBwZA-aBAP-PZyK-wPAP-wyrqTryeqBAMRlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNARkjmNKYMbaARwlNqdb,zkohstsoyz,liqktzikgxui,nqiggllh,qhhftbxl,thsqffofu,xfkxsn,gyzdtroq,gftzqu,ekoztg,ldqqzg,kzwigxlt,jxqfzxdrtb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTOFzhuSCwioRH6eVc%2BrILN8U5yagZO32Md3NNy3MzO992tGYAJsKoe8nkboezpQ8kmITXbO076uxIeInBOGqkgU7hlGcF0GcY6RMZ1V5jnDwAs9sjCja7GozdviBvVL2ATqQBfWiMA%2F11IlbVjltQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e47ce068c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
dt
dt.adsafeprotected.com/ Frame 2D54 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=904480&asId=41c325b9-c60f-b543-be1b-add61f823207&tv=%7Bc:5chtcY,pingTime:1,time:2354,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:160,h:0,t:22%7D,%7Br:r,h:600,t:173%7D,%7Bpiv:100,vs:i,r:,t:1354%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1354,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1348~0,0~100%5D,as:%5B167~160.0,1181~160.600%5D%7D%7D,%7Bsl:i,t:1354,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:7,fm:sYpU5jB+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i.904480-59616675%7C1i1%7C1i2%7C1i3%7C1i4%7C1j*.904480-59616658%7C1j1%7C1k%7C1l1%7C1l2%7C1m%7C1n%7C1o,idMap:1j*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
X-Server-Name
dt35.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 2D54 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=904480&asId=41c325b9-c60f-b543-be1b-add61f823207&tv=%7Bc:5chtcZ,pingTime:1,time:2355,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:160,h:0,t:22%7D,%7Br:r,h:600,t:173%7D,%7Bpiv:100,vs:i,r:,t:1354%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1354,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1348~0,0~100%5D,as:%5B167~160.0,1181~160.600%5D%7D%7D,%7Bsl:i,t:1354,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:7,fm:sYpU5jB+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i.904480-59616675%7C1i1%7C1i2%7C1i3%7C1i4%7C1j*.904480-59616658%7C1j1%7C1k%7C1l1%7C1l2%7C1m%7C1n%7C1o,idMap:1j*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
X-Server-Name
dt39.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
events
bidder.criteo.com/csm/ 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 25 Feb 2022 02:49:03 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?countrycode=US
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:03 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
public,max-age=86398
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
a.gif
t.sharethis.com/d/ Frame 06FF 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGIABGIYQ5wAAAAJVZ0CAw%253D%253D&tt=t.dhj&dhjLcy=1645757340744&lbl=pxcel&flbl=pxcel&ll=d&ver=1.858.22963&ell=d&cck=__stid&dmn=www.hawtcelebs.com&pn=%2F&qs=na&rdn=www.hawtcelebs.com&rpn=%2F&rqs=na&cc=US&cont=NA&evid=P6Byu8XAx78EzfObVWF_&urls=!1!297!b-13j,!1!295!b-13l,!1!300!b-14s,!1!617!b-17u,!1!0!b-14t,!1!402!b-150,!1!346!b-16f&rnd=1645757344341&cid=c010&version=1.858.22963&cc=US&cont=NA&cls=C&repeat=0&htmLcy=222
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.174.104 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-174-104.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.858.22963&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Expires
Fri, 25 Feb 2022 02:49:04 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hawtcelebs.com%2F&domain=www.hawtcelebs.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1688
date
Fri, 25 Feb 2022 02:49:04 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
/
id.a-mx.com/sync/ 		119 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=https://www.hawtcelebs.com/&u=https://www.hawtcelebs.com/&v=6.10.0&vg=vlipb&us_privacy=null&gdpr=0&gdpr_consent=
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:29fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df25f0d892f60ae4d054d25d5b87510af3b25bfc663ab0a245b91e7aab5f00f

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kdz7dfmAvGjuxqTqs%2BkDBQXbDO6RtSF0N46qfDkS7vdUPt4OgwXFN757ogZpT02wvZ00sZ7j6q1GjgmQzY8jv%2BccjEB3Un0mBXMKglpt799ECxq9MFT44Py8Q1a2i%2FqNyPNlD5CKZ0W%2Bhg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
6e2d9e4bf84f1a0f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hawtcelebs.com%2F&domain=www.hawtcelebs.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=IH31Z3xZaDlybG5vblY1ZjJKT0pZTE9XUHNzZ3FGRjhtVWc2ZDIvRmc3ck5sWmFpb2tPUGtVU0MyMXA0V1ZXQkM2VWRmMUR3VTVLYjg4Q010OTBNZU9DYlJvVTVaYWgrZFdwSXFSbjdKRGdWb05iTGUxaUZGUFgxN1lYWG...
444 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=IH31Z3xZaDlybG5vblY1ZjJKT0pZTE9XUHNzZ3FGRjhtVWc2ZDIvRmc3ck5sWmFpb2tPUGtVU0MyMXA0V1ZXQkM2VWRmMUR3VTVLYjg4Q010OTBNZU9DYlJvVTVaYWgrZFdwSXFSbjdKRGdWb05iTGUxaUZGUFgxN1lYWGZYcFY3UnMvZjZEdlFGTVcxVlJXcUpzQW1qYmVGMUkyY1B2SkowMVQwRWZmLzRXWTY5RFVnUkVUcmdKZkdxQWVELzZSVTgvcmc3ZjVqZ3RCWjNmTWMrSkRmWXBBNFRQTXRsK0JGR1JhWjU5NFkzd2Z0SGtHV1ZlYVJlWDgyL2ZvaWxDOStNOUo3WWYwYmJRcXpEc2JFVkxlTFR2RzZybGluRjBzelZabiswdWVBVVN6RWdhVT18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
e1eca7a212692e78f663eec7d8d30fc5036e2b9497d1037ec17945edcdf26354
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4619
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:03 GMT
location
https://mug.criteo.com/sid?cpp=IH31Z3xZaDlybG5vblY1ZjJKT0pZTE9XUHNzZ3FGRjhtVWc2ZDIvRmc3ck5sWmFpb2tPUGtVU0MyMXA0V1ZXQkM2VWRmMUR3VTVLYjg4Q010OTBNZU9DYlJvVTVaYWgrZFdwSXFSbjdKRGdWb05iTGUxaUZGUFgxN1lYWGZYcFY3UnMvZjZEdlFGTVcxVlJXcUpzQW1qYmVGMUkyY1B2SkowMVQwRWZmLzRXWTY5RFVnUkVUcmdKZkdxQWVELzZSVTgvcmc3ZjVqZ3RCWjNmTWMrSkRmWXBBNFRQTXRsK0JGR1JhWjU5NFkzd2Z0SGtHV1ZlYVJlWDgyL2ZvaWxDOStNOUo3WWYwYmJRcXpEc2JFVkxlTFR2RzZybGluRjBzelZabiswdWVBVVN6RWdhVT18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1967
content-length
567
expires
0
696.json
id5-sync.com/g/v2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/696.json
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.40 , France, ASN16276 (OVH, FR),
Reverse DNS
p17.id5-sync.com
Software
/
Resource Hash
ed359e7e121052e7c03e4122f563ec4bbd81b442e366cc14cd23402dc6a1c65e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 25 Feb 2022 02:49:03 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
sync
eb2.3lift.com/ Frame 28E6
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
003fe1e5721db2378684c3ad4427a62b122c2db56c75b9a9b1195e277e8759a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
content-type
text/html; charset=utf-8
content-length
458
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Fri, 25 Feb 2022 02:49:04 GMT
content-length
0
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/usync/ Frame 7037 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1645757341672
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame CD2A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 24 Feb 2022 06:17:58 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Accept-Ranges
bytes
Date
Fri, 25 Feb 2022 02:49:04 GMT
Via
1.1 varnish
Age
73865
X-Served-By
cache-lga21947-LGA
X-Cache
HIT
X-Cache-Hits
206366
X-Timer
S1645757345.630529,VS0,VE0
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame D486
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
003fe1e5721db2378684c3ad4427a62b122c2db56c75b9a9b1195e277e8759a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
content-type
text/html; charset=utf-8
content-length
458
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Fri, 25 Feb 2022 02:49:04 GMT
content-length
0
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7EB4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 24 Feb 2022 06:17:58 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Accept-Ranges
bytes
Date
Fri, 25 Feb 2022 02:49:04 GMT
Via
1.1 varnish
Age
73865
X-Served-By
cache-lga21950-LGA
X-Cache
HIT
X-Cache-Hits
206901
X-Timer
S1645757345.633175,VS0,VE0
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame CA31
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
003fe1e5721db2378684c3ad4427a62b122c2db56c75b9a9b1195e277e8759a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
content-type
text/html; charset=utf-8
content-length
458
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Fri, 25 Feb 2022 02:49:04 GMT
content-length
0
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
quantumdex
sync.quantumdex.io/usersync/ Frame 718A 		4 KB
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
606a9309dd79ad9faf0258124e84058d10c8f02a6ef63bd3f22be385f177371f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e2d9e4bdaa10c91-EWR
content-encoding
gzip
sync
eb2.3lift.com/ Frame BC4E
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
003fe1e5721db2378684c3ad4427a62b122c2db56c75b9a9b1195e277e8759a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
content-type
text/html; charset=utf-8
content-length
458
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Fri, 25 Feb 2022 02:49:04 GMT
content-length
0
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/usync/ Frame 094C 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1645757342635
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame B4EB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 24 Feb 2022 06:17:58 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Accept-Ranges
bytes
Date
Fri, 25 Feb 2022 02:49:04 GMT
Via
1.1 varnish
Age
73865
X-Served-By
cache-lga21947-LGA
X-Cache
HIT
X-Cache-Hits
206367
X-Timer
S1645757345.630757,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 54B4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 24 Feb 2022 06:17:58 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Accept-Ranges
bytes
Date
Fri, 25 Feb 2022 02:49:04 GMT
Via
1.1 varnish
Age
73866
X-Served-By
cache-lga21959-LGA
X-Cache
HIT
X-Cache-Hits
207882
X-Timer
S1645757345.630469,VS0,VE0
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame E911 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1645757343957
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
quantumdex
sync.quantumdex.io/usersync/ Frame 1502 		4 KB
924 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cf57772a6f7b1e32e35700efe1306f39366cd113e893b260522c435ca5007c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e2d9e4bdaa20c91-EWR
content-encoding
gzip
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9337 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 24 Feb 2022 06:17:58 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Accept-Ranges
bytes
Date
Fri, 25 Feb 2022 02:49:04 GMT
Via
1.1 varnish
Age
73865
X-Served-By
cache-lga21956-LGA
X-Cache
HIT
X-Cache-Hits
206014
X-Timer
S1645757345.635018,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0A99 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 24 Feb 2022 06:17:58 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Accept-Ranges
bytes
Date
Fri, 25 Feb 2022 02:49:04 GMT
Via
1.1 varnish
Age
73865
X-Served-By
cache-lga21950-LGA
X-Cache
HIT
X-Cache-Hits
206900
X-Timer
S1645757345.631023,VS0,VE0
Vary
Accept-Encoding
quantumdex
sync.quantumdex.io/usersync/ Frame A997 		4 KB
960 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbbeec3bfdd40ed567ef26d75f3ee78c30587f92cf7c74e48bfa8c1c00bc9061

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e2d9e4bdaa30c91-EWR
content-encoding
gzip
quantumdex
sync.quantumdex.io/usersync/ Frame 8FA0 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4405c6c0ca03f8c68da38374caeb5f02e746e05512ab291a05535a517ec8c24a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e2d9e4bdaa90c91-EWR
content-encoding
gzip
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6D44 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 24 Feb 2022 06:17:58 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Accept-Ranges
bytes
Date
Fri, 25 Feb 2022 02:49:04 GMT
Via
1.1 varnish
Age
73865
X-Served-By
cache-lga21947-LGA
X-Cache
HIT
X-Cache-Hits
206368
X-Timer
S1645757345.638318,VS0,VE0
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame CEAC 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1645757341594
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2978 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 24 Feb 2022 06:17:58 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Accept-Ranges
bytes
Date
Fri, 25 Feb 2022 02:49:04 GMT
Via
1.1 varnish
Age
73865
X-Served-By
cache-lga21947-LGA
X-Cache
HIT
X-Cache-Hits
206369
X-Timer
S1645757345.642410,VS0,VE0
Vary
Accept-Encoding
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L01TFFPO-27-11SK&gdpr=0&us_privacy=1---
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L01TFFPO-27-11SK&gdpr=0&us_privacy=1---
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:03 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid.a-mo.net/setuid/magnite?uid=L01TFFPO-27-11SK&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
c3b5432477546c086cd062707f625a76
Expires
0
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://prebid.a-mo.net/cchain?gdpr=0&gdpr_consent=&us_privacy=1---
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F638%253FA%253Da8fd6193-125b-4092-ba5f-7d642633cd48%2526bidder%253Dpubmatic%2526cbx%253D%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1---%2526uid%253D%2523PMUID
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:03 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F638%253FA%253Da8fd6193-125b-4092-ba5f-7d642633cd48%2526bidder%253Dpubmatic%2526cbx%253D%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1---%2526uid%253D%2523PMUID
date
Fri, 25 Feb 2022 02:49:03 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
verizon_video
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a8fd6193-125b-4092-ba5f-7d642633cd48
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a8fd6193-125b-4092-ba5f-7d642633cd48&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1&gdpr=0&gdpr_consent=
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/verizon_video?uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1&gdpr=0&gdpr_consent=
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/verizon_video?uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1&gdpr=0&gdpr_consent=
date
Fri, 25 Feb 2022 02:49:04 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=a8fd6193-125b-4092-ba5f-7d642633cd48
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A&gdpr=0&gdpr_consent=
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A&gdpr=0&gdpr_consent=
date
Fri, 25 Feb 2022 02:49:04 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=IH31Z3xZaDlybG5vblY1ZjJKT0pZTE9XUHNzZ3FGRjhtVWc2ZDIvRmc3ck5sWmFpb2tPUGtVU0MyMXA0V1ZXQkM2VWRmMUR3VTVLYjg4Q010OTBNZU9DYlJvVTVaYWgrZFdwSXFSbjdKRGdWb05iTGUxaUZGUFgxN1lYWGZYcFY3UnMvZjZEdlFGTVcxVlJXcUpzQW1qYmVGMUkyY1B2SkowMVQwRWZmLzRXWTY5RFVnUkVUcmdKZkdxQWVELzZSVTgvcmc3ZjVqZ3RCWjNmTWMrSkRmWXBBNFRQTXRsK0JGR1JhWjU5NFkzd2Z0SGtHV1ZlYVJlWDgyL2ZvaWxDOStNOUo3WWYwYmJRcXpEc2JFVkxlTFR2RzZybGluRjBzelZabiswdWVBVVN6RWdhVT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1510
date
Fri, 25 Feb 2022 02:49:03 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
xuid
eb2.3lift.com/ Frame CA31
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
xuidmid=7976&xuid=tHqUD_q4M&dongle=u6nf
eb2.3lift.com/ Frame CA31
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=tHqUD_q4M&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=tHqUD_q4M&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=tHqUD_q4M&dongle=u6nf
date
Fri, 25 Feb 2022 02:49:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame CA31
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM-7tXf2Pk-tIrQxSsJ45E0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM-7tXf2Pk-tIrQxSsJ45E0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM-7tXf2Pk-tIrQxSsJ45E0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CA31
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjAxMTk4MDU2NTkxOTg4MzcwNzA2MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjAxMTk4MDU2NTkxOTg4MzcwNzA2MQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjAxMTk4MDU2NTkxOTg4MzcwNzA2MQ%3D%3D
date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame CA31
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2011980565919883707061&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2011980565919883707061&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1053ef4e-2c44-46bd-a245-15d9ce1837e1&_noobservation=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1053ef4e-2c44-46bd-a245-15d9ce1837e1&_noobservation=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6e2d9e4f4ab58cdc-EWR
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

date
Fri, 25 Feb 2022 02:49:04 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 15A0C0F4E4E740B9BE4ECF3205EDA2CB Ref B: EWR30EDGE1020 Ref C: 2022-02-25T02:49:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1053ef4e-2c44-46bd-a245-15d9ce1837e1&_noobservation=1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXYzr3wV/gNDC3g0w7jpw==
xuid
eb2.3lift.com/ Frame CA31
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2011980565919883707061?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ku1Hkt1E2oSI76Yd.8EE4aNWFxCwpIZQxOeYB68zJQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ku1Hkt1E2oSI76Yd.8EE4aNWFxCwpIZQxOeYB68zJQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 25 Feb 2022 02:49:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ku1Hkt1E2oSI76Yd.8EE4aNWFxCwpIZQxOeYB68zJQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
c.gif
c.bing.com/ Frame CA31 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2011980565919883707061&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
etag
"6afd196a1d25d81:0"
last-modified
Fri, 18 Feb 2022 23:15:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3C2455B0DE0F48D894FE882489FDBCC3 Ref B: EWR311000108035 Ref C: 2022-02-25T02:49:04Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame CA31
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2011980565919883707061
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2011980565919883707061&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2011980565919883707061&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FQG3GBS91F71G98DAFJA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2011980565919883707061&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame CA31
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2011980565919883707061&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=bf9fd540-38fe-45ee-94d0-583b2d0001e1
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=bf9fd540-38fe-45ee-94d0-583b2d0001e1
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=3b197b9b-b64b-4ae7-b78b-8422c3052efe&ssp=triplelift&expires=30&user_group=5&bsw_param=bf9fd540-38fe-45ee-94d0-583b2d0001e1
  • https://eb2.3lift.com/xuid?mid=2409&xuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 25 Feb 2022 02:49:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame CA31
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=-zZOh2qE_czCLWu3mVLK&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5FV5FUT3IGJYUK...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=-zZOh2qE_czCLWu3mVLK
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=-zZOh2qE_czCLWu3mVLK
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=-zZOh2qE_czCLWu3mVLK
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame BC4E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
xuidmid=7976&xuid=aHuUDVq4M&dongle=u6nf
eb2.3lift.com/ Frame BC4E
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=aHuUDVq4M&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=aHuUDVq4M&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=aHuUDVq4M&dongle=u6nf
date
Fri, 25 Feb 2022 02:49:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame BC4E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM-7tXf2Pk-tIrQxSsJ45E0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM-7tXf2Pk-tIrQxSsJ45E0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM-7tXf2Pk-tIrQxSsJ45E0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BC4E
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjAxMTk4MDU2NTkxOTg4MzcwNzA2MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjAxMTk4MDU2NTkxOTg4MzcwNzA2MQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjAxMTk4MDU2NTkxOTg4MzcwNzA2MQ%3D%3D
date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame BC4E
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2011980565919883707061&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2011980565919883707061&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=52dab3b8-ab94-4f0e-b4a6-4553c54f47a0&_noobservation=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=52dab3b8-ab94-4f0e-b4a6-4553c54f47a0&_noobservation=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6e2d9e4ffcd18cdc-EWR
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

date
Fri, 25 Feb 2022 02:49:04 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 9576E1DF879749B98E2A331EA1D35048 Ref B: EWR30EDGE1020 Ref C: 2022-02-25T02:49:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=52dab3b8-ab94-4f0e-b4a6-4553c54f47a0&_noobservation=1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXYzr3yfbT5pFaAwhdN+w==
xuid
eb2.3lift.com/ Frame BC4E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2011980565919883707061?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ku1Hkt1E2oSI76Yd.8EE4aNWFxCwpIZQxOeYB68zJQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ku1Hkt1E2oSI76Yd.8EE4aNWFxCwpIZQxOeYB68zJQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 25 Feb 2022 02:49:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ku1Hkt1E2oSI76Yd.8EE4aNWFxCwpIZQxOeYB68zJQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
c.gif
c.bing.com/ Frame BC4E 		42 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2011980565919883707061&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
etag
"6afd196a1d25d81:0"
last-modified
Fri, 18 Feb 2022 23:15:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 078ADDD2C578488298B146AE055E0D2D Ref B: EWR311000108035 Ref C: 2022-02-25T02:49:04Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame BC4E
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2011980565919883707061
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2011980565919883707061&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2011980565919883707061&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VTKFZZ9FW4MVD52NETYV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2011980565919883707061&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame BC4E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2011980565919883707061&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=bf9fd540-38fe-45ee-94d0-583b2d0001e1
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=bf9fd540-38fe-45ee-94d0-583b2d0001e1
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=3b197b9b-b64b-4ae7-b78b-8422c3052efe&ssp=triplelift&expires=30&user_group=5&bsw_param=bf9fd540-38fe-45ee-94d0-583b2d0001e1
  • https://eb2.3lift.com/xuid?mid=2409&xuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 25 Feb 2022 02:49:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame BC4E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=-zZOh2qE_czCLWu3mVLK&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5FV5FUT3IGJYUK...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=-zZOh2qE_czCLWu3mVLK
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=-zZOh2qE_czCLWu3mVLK
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=-zZOh2qE_czCLWu3mVLK
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 28E6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
xuidmid=7976&xuid=tHuIY_qfp&dongle=u6nf
eb2.3lift.com/ Frame 28E6
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=tHuIY_qfp&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=tHuIY_qfp&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=tHuIY_qfp&dongle=u6nf
date
Fri, 25 Feb 2022 02:49:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 28E6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM-7tXf2Pk-tIrQxSsJ45E0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM-7tXf2Pk-tIrQxSsJ45E0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM-7tXf2Pk-tIrQxSsJ45E0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 28E6
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjAxMTk4MDU2NTkxOTg4MzcwNzA2MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjAxMTk4MDU2NTkxOTg4MzcwNzA2MQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjAxMTk4MDU2NTkxOTg4MzcwNzA2MQ%3D%3D
date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 28E6
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2011980565919883707061&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2011980565919883707061&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=52dab3b8-ab94-4f0e-b4a6-4553c54f47a0&_noobservation=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=52dab3b8-ab94-4f0e-b4a6-4553c54f47a0&_noobservation=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6e2d9e4ffce08cdc-EWR
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

date
Fri, 25 Feb 2022 02:49:04 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: FAE7494F61954EE8BA3544A55518CCCD Ref B: EWR30EDGE1020 Ref C: 2022-02-25T02:49:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=52dab3b8-ab94-4f0e-b4a6-4553c54f47a0&_noobservation=1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXYzr3yfLu4jnhTdMHTNA==
xuid
eb2.3lift.com/ Frame 28E6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2011980565919883707061?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ku1Hkt1E2oSI76Yd.8EE4aNWFxCwpIZQxOeYB68zJQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ku1Hkt1E2oSI76Yd.8EE4aNWFxCwpIZQxOeYB68zJQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 25 Feb 2022 02:49:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ku1Hkt1E2oSI76Yd.8EE4aNWFxCwpIZQxOeYB68zJQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
c.gif
c.bing.com/ Frame 28E6 		42 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2011980565919883707061&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
etag
"6afd196a1d25d81:0"
last-modified
Fri, 18 Feb 2022 23:15:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ECC0446DE38A484EB80BEAB716D356B5 Ref B: EWR311000108035 Ref C: 2022-02-25T02:49:04Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 28E6
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2011980565919883707061
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2011980565919883707061&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2011980565919883707061&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
V5TJS53T84GF9G2PBYX7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2011980565919883707061&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 28E6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2011980565919883707061&gdpr=0&gdpr_consent=
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=triplelift&user_id=903ddf42-6f2f-4986-95f7-7f3a23eebde3
  • https://eb2.3lift.com/xuid?mid=2409&xuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 25 Feb 2022 02:49:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 28E6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=-zZOh2qE_czCLWu3mVLK&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5FV5FUT3IGJYUK...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=-zZOh2qE_czCLWu3mVLK
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=-zZOh2qE_czCLWu3mVLK
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=-zZOh2qE_czCLWu3mVLK
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame D486
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
xuidmid=7976&xuid=tHuIYVu4p&dongle=u6nf
eb2.3lift.com/ Frame D486
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=tHuIYVu4p&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=tHuIYVu4p&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=tHuIYVu4p&dongle=u6nf
date
Fri, 25 Feb 2022 02:49:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame D486
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM-7tXf2Pk-tIrQxSsJ45E0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM-7tXf2Pk-tIrQxSsJ45E0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM-7tXf2Pk-tIrQxSsJ45E0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D486
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjAxMTk4MDU2NTkxOTg4MzcwNzA2MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjAxMTk4MDU2NTkxOTg4MzcwNzA2MQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjAxMTk4MDU2NTkxOTg4MzcwNzA2MQ%3D%3D
date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame D486
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2011980565919883707061&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2011980565919883707061&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1053ef4e-2c44-46bd-a245-15d9ce1837e1&_noobservation=1
43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1053ef4e-2c44-46bd-a245-15d9ce1837e1&_noobservation=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6e2d9e4f1a5a8cdc-EWR
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

date
Fri, 25 Feb 2022 02:49:04 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: A91128F564964857A63A6F364AD6DF30 Ref B: EWR30EDGE1020 Ref C: 2022-02-25T02:49:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1053ef4e-2c44-46bd-a245-15d9ce1837e1&_noobservation=1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXYzr3wGqeRymj8yicTQg==
xuid
eb2.3lift.com/ Frame D486
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2011980565919883707061?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ku1Hkt1E2oSI76Yd.8EE4aNWFxCwpIZQxOeYB68zJQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ku1Hkt1E2oSI76Yd.8EE4aNWFxCwpIZQxOeYB68zJQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 25 Feb 2022 02:49:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ku1Hkt1E2oSI76Yd.8EE4aNWFxCwpIZQxOeYB68zJQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
c.gif
c.bing.com/ Frame D486 		42 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2011980565919883707061&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
etag
"6afd196a1d25d81:0"
last-modified
Fri, 18 Feb 2022 23:15:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FAEFF585844742C68A984F310E03E25E Ref B: EWR311000108035 Ref C: 2022-02-25T02:49:04Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame D486
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2011980565919883707061
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2011980565919883707061&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2011980565919883707061&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6Q48K2MAMDDYH1CP21JK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2011980565919883707061&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D486
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2011980565919883707061&gdpr=0&gdpr_consent=
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=bf9fd540-38fe-45ee-94d0-583b2d0001e1
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=ff9d08f1-51e1-4cc7-bae6-5e9def1709af&expires=10&ssp=triplelift&bsw_param=bf9fd540-38fe-45ee-94d0-583b2d0001e1
  • https://eb2.3lift.com/xuid?mid=2409&xuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=bf9fd540-38fe-45ee-94d0-583b2d0001e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 25 Feb 2022 02:49:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame D486
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=-zZOh2qE_czCLWu3mVLK&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5FV5FUT3IGJYUK...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=-zZOh2qE_czCLWu3mVLK
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=-zZOh2qE_czCLWu3mVLK
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=-zZOh2qE_czCLWu3mVLK
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 8FA0
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=ae75b982bd84cca3aa1c8cbc
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=ae75b982bd84cca3aa1c8cbc
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e1de40c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Fri, 25 Feb 2022 02:49:04 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=ae75b982bd84cca3aa1c8cbc
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 8FA0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e1de90c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A
date
Fri, 25 Feb 2022 02:49:04 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 8FA0
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=f60fa51f
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=f60fa51f
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e2e510c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

date
Fri, 25 Feb 2022 02:49:04 GMT
via
1.1 fb134201578e9706e0dd8abdab0f2abe.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK51-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=f60fa51f
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
xiSgYoMzOLr7iNRvzoukxsOHUwjh5Kx6W7Pyma841a88MLAhq7FgVQ==
setuid
sync.quantumdex.io/ Frame 8FA0
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
43 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4f0f180c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
date
Fri, 25 Feb 2022 02:49:05 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 8FA0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6237531769661368453
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6237531769661368453
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e2e520c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
e783a238-4bf0-42e4-bf35-79faab20686a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6237531769661368453
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 8FA0
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2fc891d5-1d8e-4af9-a8d4-54ee1a91a2b4
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2fc891d5-1d8e-4af9-a8d4-54ee1a91a2b4
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e8e7a0c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2fc891d5-1d8e-4af9-a8d4-54ee1a91a2b4
date
Fri, 25 Feb 2022 02:49:04 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 8FA0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6237531769661368453
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6237531769661368453
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e2e530c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
3ac7eaa7-2c4a-45b5-baa8-385909f6d5bb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6237531769661368453
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 8FA0
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=29943829-4a4e-c64a-abea-b5951f7e05e4
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=29943829-4a4e-c64a-abea-b5951f7e05e4
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e8e820c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=29943829-4a4e-c64a-abea-b5951f7e05e4
pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 8FA0
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e34274d0-82d2-5338-b9ac-2289dbb46117
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=e34274d0-82d2-5338-b9ac-2289dbb46117
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e2e580c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=e34274d0-82d2-5338-b9ac-2289dbb46117
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 8FA0
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
  • https://sync.quantumdex.io/setuid?bidder=sonobi&uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sonobi&uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e8e6e0c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://sync.quantumdex.io/setuid?bidder=sonobi&uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 8FA0
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4f0f120c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Date
Fri, 25 Feb 2022 02:49:04 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 1502
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6237531769661368453
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6237531769661368453
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e2e2e0c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
62a033ff-ed25-4525-b33e-daf7e11e84e3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6237531769661368453
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 1502
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=075441f3-5ffe-d76a-7ab0-fc33bcab88fc
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=075441f3-5ffe-d76a-7ab0-fc33bcab88fc
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e2e550c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=075441f3-5ffe-d76a-7ab0-fc33bcab88fc
pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 1502
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e34274d0-82d2-5338-b9ac-2289dbb46117
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=e34274d0-82d2-5338-b9ac-2289dbb46117
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e2e570c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=e34274d0-82d2-5338-b9ac-2289dbb46117
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 1502
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6237531769661368453
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6237531769661368453
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4eae930c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
9eea57d1-50a3-4bd4-8cf1-754ff3c42afe
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6237531769661368453
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 1502
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
  • https://sync.quantumdex.io/setuid?bidder=sonobi&uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sonobi&uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4eae920c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://sync.quantumdex.io/setuid?bidder=sonobi&uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 1502
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e8e730c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A
date
Fri, 25 Feb 2022 02:49:04 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 1502
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4f4f580c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Date
Fri, 25 Feb 2022 02:49:04 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 1502
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=42990bd4a629a34d2f3d4f6c
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=42990bd4a629a34d2f3d4f6c
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e8e7e0c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Fri, 25 Feb 2022 02:49:04 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=42990bd4a629a34d2f3d4f6c
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 1502
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=f60fa51f
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=f60fa51f
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e2e590c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

date
Fri, 25 Feb 2022 02:49:04 GMT
via
1.1 fb134201578e9706e0dd8abdab0f2abe.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK51-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=f60fa51f
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
7uDaR1iL9MgOHkhKQ8uoAApvIHYonD4WwUinuN3gGfw-8s_G1swSlw==
setuid
sync.quantumdex.io/ Frame 1502
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4f0f130c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
date
Fri, 25 Feb 2022 02:49:05 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 1502
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2fc891d5-1d8e-4af9-a8d4-54ee1a91a2b4
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2fc891d5-1d8e-4af9-a8d4-54ee1a91a2b4
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e8e7c0c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2fc891d5-1d8e-4af9-a8d4-54ee1a91a2b4
date
Fri, 25 Feb 2022 02:49:04 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame A997
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e34274d0-82d2-5338-b9ac-2289dbb46117
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=e34274d0-82d2-5338-b9ac-2289dbb46117
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e1dea0c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=e34274d0-82d2-5338-b9ac-2289dbb46117
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame A997
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=d165ff07-f18c-ad13-f5a9-ebffa98ace04
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=d165ff07-f18c-ad13-f5a9-ebffa98ace04
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e2e560c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=d165ff07-f18c-ad13-f5a9-ebffa98ace04
pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame A997
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6237531769661368453
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6237531769661368453
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e8e5e0c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
ce1a6e17-757b-4f7d-805e-5f1191ef7dd0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6237531769661368453
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame A997
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
  • https://sync.quantumdex.io/setuid?bidder=sonobi&uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sonobi&uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4ebe9e0c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://sync.quantumdex.io/setuid?bidder=sonobi&uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame A997
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e8e750c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A
date
Fri, 25 Feb 2022 02:49:04 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame A997
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4fbfc30c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Date
Fri, 25 Feb 2022 02:49:04 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame A997
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=42990bd4a629a34d2f3d4f6c
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=42990bd4a629a34d2f3d4f6c
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4eae910c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Fri, 25 Feb 2022 02:49:04 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=42990bd4a629a34d2f3d4f6c
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame A997
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4f0f160c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
date
Fri, 25 Feb 2022 02:49:05 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame A997
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=f60fa51f
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=f60fa51f
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e2e5b0c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

date
Fri, 25 Feb 2022 02:49:04 GMT
via
1.1 fb134201578e9706e0dd8abdab0f2abe.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK51-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=f60fa51f
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
UhPdEpT4wS5m55KWMEQhjxRBewWLWv4dlOEqXZ4HvhWP2rAdUor_-Q==
setuid
sync.quantumdex.io/ Frame A997
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2fc891d5-1d8e-4af9-a8d4-54ee1a91a2b4
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2fc891d5-1d8e-4af9-a8d4-54ee1a91a2b4
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e8e760c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2fc891d5-1d8e-4af9-a8d4-54ee1a91a2b4
date
Fri, 25 Feb 2022 02:49:04 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame A997
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6237531769661368453
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6237531769661368453
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e8e810c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
d37dfdae-c107-4620-8a48-66e469b4d924
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6237531769661368453
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 718A
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=42990bd4a629a34d2f3d4f6c
43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=42990bd4a629a34d2f3d4f6c
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e1dec0c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Fri, 25 Feb 2022 02:49:04 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=42990bd4a629a34d2f3d4f6c
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 718A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e1deb0c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A
date
Fri, 25 Feb 2022 02:49:04 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 718A
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=f60fa51f
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=f60fa51f
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e2e5a0c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

date
Fri, 25 Feb 2022 02:49:04 GMT
via
1.1 fb134201578e9706e0dd8abdab0f2abe.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK51-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=f60fa51f
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
8EvjMf8NtSFvSPhaKerOlKBih10grQ9B6JSArutw0rVWffQnDBauag==
setuid
sync.quantumdex.io/ Frame 718A
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4f1f2c0c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
date
Fri, 25 Feb 2022 02:49:05 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 718A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6237531769661368453
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6237531769661368453
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4eae900c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
24691343-9a18-4af1-9115-cd25ddffbdb3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6237531769661368453
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 718A
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2fc891d5-1d8e-4af9-a8d4-54ee1a91a2b4
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2fc891d5-1d8e-4af9-a8d4-54ee1a91a2b4
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e8e7d0c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2fc891d5-1d8e-4af9-a8d4-54ee1a91a2b4
date
Fri, 25 Feb 2022 02:49:04 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 718A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6237531769661368453
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6237531769661368453
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4edeb10c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
bcb5600c-924a-4e57-a68c-81f258ffb684
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6237531769661368453
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 718A
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=a5f1dcae-e0ce-9dbb-0d65-cba533a71976
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=a5f1dcae-e0ce-9dbb-0d65-cba533a71976
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e8e720c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=a5f1dcae-e0ce-9dbb-0d65-cba533a71976
pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 718A
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e34274d0-82d2-5338-b9ac-2289dbb46117
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=e34274d0-82d2-5338-b9ac-2289dbb46117
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e8e830c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=e34274d0-82d2-5338-b9ac-2289dbb46117
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 718A
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
  • https://sync.quantumdex.io/setuid?bidder=sonobi&uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sonobi&uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4f0f0e0c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://sync.quantumdex.io/setuid?bidder=sonobi&uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 718A
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4fbfc50c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Date
Fri, 25 Feb 2022 02:49:04 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
usermatch
ssum-sec.casalemedia.com/ Frame 6A6B 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc1b644a8ca7fded7102c08769c4a29153449f9dc09f74641d3c7e4df331b441

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|230|73|46|105|156|40
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 25 Feb 2022 02:49:04 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
Content-Length
1534
Connection
keep-alive
pbsync
usermatch.targeting.unrulymedia.com/ Frame E70C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Tengine
Date
Fri, 25 Feb 2022 02:49:05 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2656 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=137987
expires
Sat, 26 Feb 2022 17:08:52 GMT
date
Fri, 25 Feb 2022 02:49:05 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 1134 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
uc.html
sync.go.sonobi.com/ Frame EAEA 		854 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
779e0c867c12f0b42192a9cb20cd5e521adbd1b8e2f8d5540708fc315884ad59
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Fri, 25 Feb 2022 02:49:04 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9E81 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=137987
expires
Sat, 26 Feb 2022 17:08:52 GMT
date
Fri, 25 Feb 2022 02:49:05 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame CC6F 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame 75C0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Tengine
Date
Fri, 25 Feb 2022 02:49:05 GMT
Connection
keep-alive
uc.html
sync.go.sonobi.com/ Frame 8325 		854 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
76b09c4f8ddd9471e2e90addea0d72813e46b9f4a07e5d38b74754e91b0893cc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Fri, 25 Feb 2022 02:49:05 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
usermatch
ssum-sec.casalemedia.com/ Frame A6C0 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1681632d10d8b70e502c225e03410825bdf5a8c7156f732e7714b4f21a0285a0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|241|46|64|5|221|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 25 Feb 2022 02:49:04 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
Content-Length
1467
Connection
keep-alive
/
onetag-sys.com/usync/ Frame 2BF4 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame 0709 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Tengine
Date
Fri, 25 Feb 2022 02:49:05 GMT
Connection
keep-alive
uc.html
sync.go.sonobi.com/ Frame 5356 		854 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
76b09c4f8ddd9471e2e90addea0d72813e46b9f4a07e5d38b74754e91b0893cc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Fri, 25 Feb 2022 02:49:04 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
usermatch
ssum-sec.casalemedia.com/ Frame 516E 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6ea1d8840e0deed4691db10ead8a65c2b4aa2a973b96b50b2d8fdc16a4e57ee8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|46|130|40|3|4
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 25 Feb 2022 02:49:04 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
Content-Length
1527
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4F51 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=137987
expires
Sat, 26 Feb 2022 17:08:52 GMT
date
Fri, 25 Feb 2022 02:49:05 GMT
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 5E71 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2df1774b914f693bf7ac7cddd1906a98169b8bbbcdeb8aaa5e342aa288e0dbf2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|241|73|130|47|5|221
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 25 Feb 2022 02:49:04 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
Content-Length
1531
Connection
keep-alive
pbsync
usermatch.targeting.unrulymedia.com/ Frame 7370 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Tengine
Date
Fri, 25 Feb 2022 02:49:05 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 55AF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=137987
expires
Sat, 26 Feb 2022 17:08:52 GMT
date
Fri, 25 Feb 2022 02:49:05 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 62CB 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
uc.html
sync.go.sonobi.com/ Frame A70D 		854 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
779e0c867c12f0b42192a9cb20cd5e521adbd1b8e2f8d5540708fc315884ad59
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Fri, 25 Feb 2022 02:49:04 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
async_usersync
ib.adnxs.com/ Frame CD2A 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
5844206d-326b-4f98-81f8-23a10d26eef8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B4EB 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
b9c9ed38-fcc5-4c6a-9b90-1b426e0b768f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 54B4 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
cafe514d-7616-451c-b20b-be2790d6df93
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0A99 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
bf5042ba-2599-4655-9208-620f185b8755
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9337 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
7c30b93f-22b0-4843-9660-cc9c9dad77bf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7EB4 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
814402d2-7c6d-4ee9-b56d-30547faf208a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2978 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
083e1b8d-fe81-4419-8276-31461a83b43e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6D44 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
a16fcdb7-bcd6-468d-92b8-8ee6691dbab8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6A6B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&expiration=1648349345&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&expiration=1648349345&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&expiration=1648349345&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
dcm
s.amazon-adsystem.com/ Frame 6A6B 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FWEMWAWBVQQ99AVD7A5A
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 6A6B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENCS0cElq23tTB3khV_zUM4&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENCS0cElq23tTB3khV_zUM4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENCS0cElq23tTB3khV_zUM4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6A6B 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:56c0:bbbc:18e0:97e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 6A6B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6237531769661368453
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6237531769661368453
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
7ca0a522-e69d-4800-b06f-145a12a92059
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6237531769661368453
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6A6B
Redirect Chain
  • https://d.adroll.com/cm/index/ssp
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Fri, 25 Feb 2022 02:49:05 GMT
server
nginx/1.20.0
content-length
76
crum
dsum.casalemedia.com/ Frame 6A6B
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=aeef2579-0344-4565-86a8-205746520c7f
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=aeef2579-0344-4565-86a8-205746520c7f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

X-ServerName
Track002-iad
Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=aeef2579-0344-4565-86a8-205746520c7f
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
222
Expires
-1
setuid
sync.quantumdex.io/ Frame 6A6B 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4e8e6f0c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cs&eq_cc=1
um2.eqads.com/um/ Frame C4B9
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.247.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-247-233.compute-1.amazonaws.com
Software
/
Resource Hash
e943af10f0de1f5faffa08607edd9558d23399c01e1e1a33bb6a2e749a087787

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Fri, 25 Feb 2022 02:49:05 GMT
pragma
no-cache

Redirect headers

date
Fri, 25 Feb 2022 02:49:05 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
rum
dsum-sec.casalemedia.com/ Frame A6C0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&expiration=1648349345&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&expiration=1648349345&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&expiration=1648349345&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame A6C0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENCS0cElq23tTB3khV_zUM4&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENCS0cElq23tTB3khV_zUM4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENCS0cElq23tTB3khV_zUM4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A6C0 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6QQ63WTGYNQ4DGYH9E1S
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A6C0
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6237531769661368453
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6237531769661368453
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
8a95aae0-8a78-49bf-b7be-3145e85b5210
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6237531769661368453
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A6C0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=164da6cb-f2e5-437a-93f6-a083eca370ae-6218439e-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=164da6cb-f2e5-437a-93f6-a083eca370ae-6218439e-5553&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=164da6cb-f2e5-437a-93f6-a083eca370ae-6218439e-5553&expiration=1648349345
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=164da6cb-f2e5-437a-93f6-a083eca370ae-6218439e-5553&expiration=1648349345
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=164da6cb-f2e5-437a-93f6-a083eca370ae-6218439e-5553&expiration=1648349345
date
Fri, 25 Feb 2022 02:49:05 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
ix
ad4m.at/ad/sim/ Frame A6C0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
tpid=YhhDnC-gZ8XRz901.0T3uAAA%26984
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame A6C0 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YhhDnC-gZ8XRz901.0T3uAAA%26984?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-102.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:05 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.38.30
content-type
image/gif
content-length
49
expires
0
crum
dsum-sec.casalemedia.com/ Frame A6C0
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=7f0b7262-95e5-11ec-87bc-d15aadb7246c
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=7f0b7262-95e5-11ec-87bc-d15aadb7246c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
server
Cowboy
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=7f0b7262-95e5-11ec-87bc-d15aadb7246c
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
lga-delivery-6
Content-Length
0
Expires
Thu, 23 Sep 2004 17:42:04 GMT
setuid
sync.quantumdex.io/ Frame A6C0 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4f8f8f0c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 5E71
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&expiration=1648349345&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&expiration=1648349345&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&expiration=1648349345&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 5E71
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENCS0cElq23tTB3khV_zUM4&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENCS0cElq23tTB3khV_zUM4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENCS0cElq23tTB3khV_zUM4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5E71 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
3MGVZKR86C27NN9MA58Q
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5E71 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:56c0:bbbc:18e0:97e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 5E71
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAB7gk7EMIcAAH15dBe-JQ&expiration=1646966945
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAB7gk7EMIcAAH15dBe-JQ&expiration=1646966945
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAB7gk7EMIcAAH15dBe-JQ&expiration=1646966945
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame 5E71
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=7iMcJrQe1NnqFj5
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=7iMcJrQe1NnqFj5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:04 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0efa0d44349a78eb6@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=7iMcJrQe1NnqFj5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 5E71 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
tpid=YhhDnC-gZ8XRz901.0T3uAAA%26984
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame 5E71 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YhhDnC-gZ8XRz901.0T3uAAA%26984?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-84-102.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:05 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.4.211
content-type
image/gif
content-length
49
expires
0
setuid
sync.quantumdex.io/ Frame 5E71 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4f8f980c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 516E 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TGG30820YWRDESE1D3AS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 516E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENCS0cElq23tTB3khV_zUM4&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENCS0cElq23tTB3khV_zUM4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENCS0cElq23tTB3khV_zUM4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 516E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&expiration=1648349345&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&expiration=1648349345&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&expiration=1648349345&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 516E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6237531769661368453
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6237531769661368453
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
85c9b9a7-e86a-4e3d-96c6-51327a1961b7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6237531769661368453
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 516E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAB7gk7EMIcAAH15dBe-JQ&expiration=1646966945
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAB7gk7EMIcAAH15dBe-JQ&expiration=1646966945
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAB7gk7EMIcAAH15dBe-JQ&expiration=1646966945
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame 516E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=30076218-439d-4700-9dda-44f2b86092d3
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=30076218-439d-4700-9dda-44f2b86092d3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
MT3 4172 645ee8c master ord-pixel-x54 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=30076218-439d-4700-9dda-44f2b86092d3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Feb 2022 02:49:04 GMT
rum
dsum-sec.casalemedia.com/ Frame 516E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4470016423583563883
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4470016423583563883
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4470016423583563883
pragma
no-cache
date
Fri, 25 Feb 2022 02:49:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
setuid
sync.quantumdex.io/ Frame 516E 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e2d9e4f8f9c0c91-EWR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
362358.gif
idsync.rlcdn.com/ Frame EAEA
Redirect Chain
  • https://idsync.rlcdn.com/711892.gif?partner_uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGLC0AdmOzbRaIRLIr1JF70&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGLC0AdmOzbRaIRLIr1JF70&google_cver=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:49:05 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGLC0AdmOzbRaIRLIr1JF70&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usg.gif
sync.go.sonobi.com/ Frame EAEA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Y2EyNzEwMWUtOTJhNi00NDMxLWJlM2QtNGM4MWQ0MDA1YmM1
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEG0yHXr103czGl9q0s1-6WI&google_cver=1
49 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEG0yHXr103czGl9q0s1-6WI&google_cver=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEG0yHXr103czGl9q0s1-6WI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame EAEA
Redirect Chain
  • https://id5-sync.com/s/434/9.gif?puid=ca27101e-92a6-4431-be3d-4c81d4005bc5&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F796%2F8%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/434/796/8/2.gif?puid=7edfac87-95e5-11ec-b3ae-b9599d422bef&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F7%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/434/429/7/3.gif?puid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/441/6/4.gif?puid=u_3999528b-d911-465b-8626-0cc169c9cad8&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F5%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/203/5/5.gif?puid=29812a66-af29-4268-835e-b097cefbdb1c&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/434/108/4/6.gif?puid=99c9dfe3-7960-4e03-b3d1-bfa17a067259&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F3%2F7.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/434/124/3/7.gif?puid=69497fcd-ba32-4b2d-834f-7b33fea6ad08&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F136%2F2%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/136/2/8.gif?puid=YhhDngAIwBmCJwBB&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F10%2F1%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F10%2F1%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/434/10/1/9.gif?puid=7441743613700024595&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0&consent=&id5id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
49 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0&consent=&id5id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0&consent=&id5id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Date
Fri, 25 Feb 2022 02:49:05 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
receive
pixel.tapad.com/idsync/ex/ Frame EAEA
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=ca27101e-92a6-4431-be3d-4c81d4005bc5
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=99c9dfe3-7960-4e03-b3d1-bfa17a067259&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73108287142213250733347802760755455793&pt=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2C
95 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73108287142213250733347802760755455793&pt=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2C
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

DCS
dcs-prod-usw2-1-v025-0d26979a1.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
GQbsBr8cRCI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73108287142213250733347802760755455793&pt=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2C
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
px.britepool.com/ Frame EAEA 		0
0
8DD63D45-098F-4BA1-B2D5-9EADA546BB39
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame EAEA
Redirect Chain
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=ca27101e-92a6-4431-be3d-4c81d4005bc5
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=ca27101e-92a6-4431-be3d-4c81d4005bc5&ckls=true&ci=JvhBf1EXKZ&nc=false&trid=-1212...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D570392714%26rnd%3D64...
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4470016423583563883&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/8DD63D45-098F-4BA1-B2D5-9EADA546BB39?gdpr=0&gdpr_consent=
43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8DD63D45-098F-4BA1-B2D5-9EADA546BB39?gdpr=0&gdpr_consent=
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
H2
Server
2600:1f18:4e9:5a07:56c0:bbbc:18e0:97e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8DD63D45-098F-4BA1-B2D5-9EADA546BB39?gdpr=0&gdpr_consent=
date
Fri, 25 Feb 2022 02:49:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
126
content-type
text/html; charset=utf-8
sync
px.britepool.com/ Frame 5356 		0
0
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 5356
Redirect Chain
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=ca27101e-92a6-4431-be3d-4c81d4005bc5
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=ca27101e-92a6-4431-be3d-4c81d4005bc5&ckls=true&ci=F6pRKguvZO&nc=false&trid=82420...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D570392714%26rnd%3D-9...
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=570392714&rnd=-910921313&pcid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D570392714%3B1402230080%26rnd%3D886413515&pcid=$UID
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714;1402230080&rnd=886413515&pcid=6237531769661368453
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D570392...
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=570392714;1402230080;1709765917&rnd=-433512822&pcid=b991e0dd-fbc9-4f63-82ae-080e26573cf2
  • https://ce.lijit.com/merge?pid=8101&3pid=JvhBf1EXKZ&location=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D570392714%3B14022...
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=570392714;1402230080;1709765917;1486637409&rnd=-2135033121&pcid=42990bd4a629a34d2f3d4f6c
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D570392714%3B140...
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182&rnd=1027714914&pcid=7cb957e4-95e5-11ec-8924-154f9a...
  • https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D570392714%3B1402230080%...
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1678944572&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182;1072441116&rnd=-1644575732&pcid=30076218-439d-4700...
  • https://sync.1rx.io/usersync/intentiq/0?dspret=1&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D570392714%3B1402230080%...
  • https://sync.targeting.unrulymedia.com/csync/RX-6f4993e5-bce2-4471-87d3-66cd3254ac34-005?redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%2...
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=541745869&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182;1072441116;1678944572&rnd=-668498253&pcid=RX-6f4993...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=541745869&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182;1072441116;1678944572&rnd=-668498253&pcid=RX-6f4993e5-bce2-4471-87d3-66cd3254ac34-005
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
H2
Server
13.225.230.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-63.jfk51.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:07 GMT
via
1.1 a751121faec5553b68a53cf4d4b7e9a6.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK51-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
x-amz-cf-id
PPD4sln0pTJ9Jl3CvgOo5LSmvTOv3lsv8Z168OLziJv6V79hxHM14g==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Fri, 25 Feb 2022 02:49:07 GMT
Server
Tengine
ETag
RX6f4993e5bce2447187d366cd3254ac34005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=541745869&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182;1072441116;1678944572&rnd=-668498253&pcid=RX-6f4993e5-bce2-4471-87d3-66cd3254ac34-005
Connection
keep-alive
Content-Type
text/html
362588.gif
idsync.rlcdn.com/ Frame 5356
Redirect Chain
  • https://idsync.rlcdn.com/711892.gif?partner_uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
  • https://idsync.rlcdn.com/362588.gif?partner_uid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362588.gif?partner_uid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:49:05 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://idsync.rlcdn.com/362588.gif?partner_uid=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
usg.gif
sync.go.sonobi.com/ Frame 5356
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Y2EyNzEwMWUtOTJhNi00NDMxLWJlM2QtNGM4MWQ0MDA1YmM1
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEG0yHXr103czGl9q0s1-6WI&google_cver=1
49 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEG0yHXr103czGl9q0s1-6WI&google_cver=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEG0yHXr103czGl9q0s1-6WI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 5356
Redirect Chain
  • https://id5-sync.com/s/434/9.gif?puid=ca27101e-92a6-4431-be3d-4c81d4005bc5&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F796%2F8%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/434/796/8/2.gif?puid=7edfac87-95e5-11ec-b3ae-b9599d422bef&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F7%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/434/429/7/3.gif?puid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/441/6/4.gif?puid=u_d1200918-54f3-4db6-8fb7-d2080a378e9a&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F5%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/203/5/5.gif?puid=29812a66-af29-4268-835e-b097cefbdb1c&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/434/108/4/6.gif?puid=99c9dfe3-7960-4e03-b3d1-bfa17a067259&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F3%2F7.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/434/124/3/7.gif?puid=69497fcd-ba32-4b2d-834f-7b33fea6ad08&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F136%2F2%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/136/2/8.gif?puid=YhhDngAIwBmCJwBB&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F10%2F1%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F10%2F1%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/434/10/1/9.gif?puid=3126224795000178583&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0&consent=&id5id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
49 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0&consent=&id5id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0&consent=&id5id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Date
Fri, 25 Feb 2022 02:49:05 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
receive
pixel.tapad.com/idsync/ex/ Frame 5356
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=ca27101e-92a6-4431-be3d-4c81d4005bc5
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=99c9dfe3-7960-4e03-b3d1-bfa17a067259&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73108287142213250733347802760755455793&pt=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2C
95 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73108287142213250733347802760755455793&pt=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2C
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

DCS
dcs-prod-usw2-2-v025-04ef31fbf.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
3BuWTPPdTj4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73108287142213250733347802760755455793&pt=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2C
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame C4B9 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=11d5c148-23ae-4793-be76-6e4bd6cc8aab&expiration=1653446945
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT
47154.gif
idsync.rlcdn.com/ Frame A70D
Redirect Chain
  • https://idsync.rlcdn.com/711892.gif?partner_uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
  • https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D
  • https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=30076218-439d-4700-9dda-44f2b86092d3
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=30076218-439d-4700-9dda-44f2b86092d3
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:49:05 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
MT3 4172 645ee8c master ord-pixel-x56 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=30076218-439d-4700-9dda-44f2b86092d3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Feb 2022 02:49:04 GMT
usg.gif
sync.go.sonobi.com/ Frame A70D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Y2EyNzEwMWUtOTJhNi00NDMxLWJlM2QtNGM4MWQ0MDA1YmM1
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEG0yHXr103czGl9q0s1-6WI&google_cver=1
49 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEG0yHXr103czGl9q0s1-6WI&google_cver=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEG0yHXr103czGl9q0s1-6WI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame A70D
Redirect Chain
  • https://id5-sync.com/s/434/9.gif?puid=ca27101e-92a6-4431-be3d-4c81d4005bc5&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F796%2F8%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/434/796/8/2.gif?puid=7edfac87-95e5-11ec-b3ae-b9599d422bef&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F7%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/434/429/7/3.gif?puid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/441/6/4.gif?puid=u_d1200918-54f3-4db6-8fb7-d2080a378e9a&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F5%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/203/5/5.gif?puid=29812a66-af29-4268-835e-b097cefbdb1c&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/434/108/4/6.gif?puid=99c9dfe3-7960-4e03-b3d1-bfa17a067259&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F3%2F7.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/434/124/3/7.gif?puid=69497fcd-ba32-4b2d-834f-7b33fea6ad08&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F136%2F2%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/136/2/8.gif?puid=YhhDngAIwBmCJwBB&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F10%2F1%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F10%2F1%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/434/10/1/9.gif?puid=5038780590449415291&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0&consent=&id5id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
49 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0&consent=&id5id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0&consent=&id5id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Date
Fri, 25 Feb 2022 02:49:05 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
receive
pixel.tapad.com/idsync/ex/ Frame A70D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=ca27101e-92a6-4431-be3d-4c81d4005bc5
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=99c9dfe3-7960-4e03-b3d1-bfa17a067259&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73108287142213250733347802760755455793&pt=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2C
95 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73108287142213250733347802760755455793&pt=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2C
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

DCS
dcs-prod-usw2-1-v025-0f7cb868c.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
NBIwhJ2dTLU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73108287142213250733347802760755455793&pt=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2C
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
px.britepool.com/ Frame A70D 		0
0
0
sync.1rx.io/usersync/intentiq/ Frame A70D
Redirect Chain
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=ca27101e-92a6-4431-be3d-4c81d4005bc5
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=ca27101e-92a6-4431-be3d-4c81d4005bc5&ckls=true&ci=iFJtd2cMu1&nc=false&trid=13325...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D570392714%26rnd%3D26...
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4470016423583563883&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=570392714&rnd=266926296&pcid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D570392714%3B1402230080%26rnd%3D731098083&pcid=$UID
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714;1402230080&rnd=731098083&pcid=6237531769661368453
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D570392...
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=570392714;1402230080;1709765917&rnd=942338667&pcid=b991e0dd-fbc9-4f63-82ae-080e26573cf2
  • https://ce.lijit.com/merge?pid=8101&3pid=JvhBf1EXKZ&location=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D570392714%3B14022...
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=570392714;1402230080;1709765917;1486637409&rnd=-1644884748&pcid=42990bd4a629a34d2f3d4f6c
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D570392714%3B140...
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182&rnd=-1814880995&pcid=7cb957e4-95e5-11ec-8924-154f9...
  • https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D570392714%3B1402230080%...
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1678944572&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182;1072441116&rnd=15259597&pcid=30076218-439d-4700-9d...
  • https://sync.1rx.io/usersync/intentiq/0?dspret=1&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D570392714%3B1402230080%...
0
0
cs
um2.eqads.com/um/ Frame 3CF4 		186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.247.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-247-233.compute-1.amazonaws.com
Software
/
Resource Hash
e943af10f0de1f5faffa08607edd9558d23399c01e1e1a33bb6a2e749a087787

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Fri, 25 Feb 2022 02:49:05 GMT
pragma
no-cache
sync
px.britepool.com/ Frame 8325 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 8325
Redirect Chain
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=ca27101e-92a6-4431-be3d-4c81d4005bc5
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=ca27101e-92a6-4431-be3d-4c81d4005bc5&ckls=true&ci=nJNMYqLzuV&nc=false&trid=31524264
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D570392714%26rnd%3D16...
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4470016423583563883&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 25 Feb 2022 02:49:05 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug018:0:1246
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
52154.gif
idsync.rlcdn.com/ Frame 8325
Redirect Chain
  • https://idsync.rlcdn.com/711892.gif?partner_uid=ca27101e-92a6-4431-be3d-4c81d4005bc5
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6237531769661368453
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6237531769661368453
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:49:05 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
263d405a-8408-4560-bf4d-ca5a8377b109
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6237531769661368453
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usg.gif
sync.go.sonobi.com/ Frame 8325
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Y2EyNzEwMWUtOTJhNi00NDMxLWJlM2QtNGM4MWQ0MDA1YmM1
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEG0yHXr103czGl9q0s1-6WI&google_cver=1
49 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEG0yHXr103czGl9q0s1-6WI&google_cver=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEG0yHXr103czGl9q0s1-6WI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 8325
Redirect Chain
  • https://id5-sync.com/s/434/9.gif?puid=ca27101e-92a6-4431-be3d-4c81d4005bc5&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F796%2F8%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/434/796/8/2.gif?puid=7edfac87-95e5-11ec-b3ae-b9599d422bef&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F7%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/434/429/7/3.gif?puid=8DD63D45-098F-4BA1-B2D5-9EADA546BB39&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/441/6/4.gif?puid=u_d1200918-54f3-4db6-8fb7-d2080a378e9a&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F5%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/203/5/5.gif?puid=29812a66-af29-4268-835e-b097cefbdb1c&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/434/108/4/6.gif?puid=99c9dfe3-7960-4e03-b3d1-bfa17a067259&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F3%2F7.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/434/124/3/7.gif?puid=69497fcd-ba32-4b2d-834f-7b33fea6ad08&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F136%2F2%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/136/2/8.gif?puid=YhhDngAIwBmCJwBB&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F10%2F1%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F10%2F1%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/434/10/1/9.gif?puid=8310309623818972232&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0&consent=&id5id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
49 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0&consent=&id5id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-21
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=30076218-439d-4700-9dda-44f2b86092d3&gdpr=0&consent=&id5id=ID5-ZHMOb8Hd1Dswja1m1sxGSPxwJB58uA9TVpRJ-VrNmQ
Date
Fri, 25 Feb 2022 02:49:05 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
receive
pixel.tapad.com/idsync/ex/ Frame 8325
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=ca27101e-92a6-4431-be3d-4c81d4005bc5
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=99c9dfe3-7960-4e03-b3d1-bfa17a067259&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73108287142213250733347802760755455793&pt=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2C
95 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73108287142213250733347802760755455793&pt=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2C
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

DCS
dcs-prod-usw2-2-v025-0d143911a.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
QnxYbmjxSIo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73108287142213250733347802760755455793&pt=99c9dfe3-7960-4e03-b3d1-bfa17a067259%2C
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
PugMaster
image6.pubmatic.com/AdServer/ Frame 2656 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58562483&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 3CF4 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=11d5c148-23ae-4793-be76-6e4bd6cc8aab&expiration=1653446945
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:49:05 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Fri, 25 Feb 2022 02:49:05 GMT
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
quantumdex
useast.quantumdex.io/auction/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
6e2d9e50687a0c91-EWR
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:05 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
auction
tlx.3lift.com/header/ 		19 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.10.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.71.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-71-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:05 GMT
x-auction-status
12, 12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		252 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
5434f7c8bbb416456a6b83aeae208e0c53e21610004eec20730bd4fc3b2b8dbd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
73712d16-91d6-4a05-be42-00d839a35645
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
252
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		252 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
6c5bd7ee4d30c555623fbb05f2efd93e9c409947b2065d71145bc0a9ddd31c78
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:05 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
bf0b6d0b-8973-4ea2-808e-3674544c3d63
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
252
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ROS
pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ 		423 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.08936603806633237&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&e_amxId=Ok9KE0QG-W1hOQkRY-U1lCQ0BSUVdJQkVT-WwlPQhZYA1lPQk5TU1QaUFhAND5aXkBST1pJR0NOTFpMXlZbUV1BUFhAFhoPXFY%252F&e_criteoId=RV2IEF9BRDB4VGplNTNTZldIYnBscHFqbEhWUkhIYzZ2d0ZYYmJDWXBzMUdCTjM5UjQlMkZPMDYlMkJ6UFVsckhSaDI4RkhrbE5CRFFEUGVZdFVBOWhqdW5MWWgwMiUyRnppVVJvam5mYkIzTHBpc0tBZTZnMmdIVFRZNWMwV1hvcEFiUjhDU1dHZg&e_id5id=%257B%2522uid%2522%253A%2522ID5*GWNoXCzq-Md4G6i-Jf3pVQvXVTddV50cEH2xWrpx6IoJHBsH3znHDuYP_x64IRzGCR164zOrzpx1TFd3cPweEAkeT48z4MhK2qz4m9n3R4IJH84ya5_CO-xsqywSDLhkCSBv8UAXok94J6_hvhBiuQkhjneYntb1Jckth3dNBMAJIo2uRsEdba-IVn61nSyPCSNdMu0jFbsA277AQWDhvAkkV5Pc1fOdg8aQKQ8SwbYJJcCtUl72RMcEN-q6SkLmCSaZOltnUm3fPH9s9zdtMQknYAck4_AESy97P_OQ5ZoJKNOKuugDs2mepajgXCIcCSmNkrcE1mB55d-Z9WqdGQkqxvukzsYO1edda0ag4-IJK4jilFidza4Un2A35Bd4CSxSIXFUrXoJhy2TdzN7_AktfAo17AG46p6Tpnk97BIJLpijtxrDNnLNLutXw_JaCS9F2JBsDjw0UQgiVoKk-gkwIK1m3ZQmQ-23FRBtM9EJMcLS_Sbt51QqzcqiOZXxCTI1IY9QcfP5FHLJDMzjrwkzWAIe4nup2yhNkB-Er6IJNApOduZBmjTMT4HRUCUQCTUtPt6LS0lZoBGU571DKgk2xQTkAHVDMstCdsm2pSQJN1vuOyLsTekf5Kdi9K0r%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A2%257D%257D&e_pubcid=483b11f3-554f-467d-b1b6-a457cb60b834
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b25a41c8c7387e1247905dadf132ba889966e5bda993383b3f8a197382725db3

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Fri, 25 Feb 2022 02:49:05 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
423
x-sid
IAD-1216
c
prebid.a-mo.net/a/ 		137 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
ec5c15bcce3689169684ad88b997195f706da910b05edb47e36d963f7a0fe848

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:04 GMT
content-encoding
gzip
server
envoy
vary
origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
74
unruly_prebid
targeting.unrulymedia.com/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Fri, 25 Feb 2022 02:49:05 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
v1
btlr.sharethrough.com/universal/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.229.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-229-107.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Fri, 25 Feb 2022 02:49:05 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
prebid
prebid.ad.smaato.net/oapi/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:05 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
88c4124a-4cbb-4de7-a093-b22c4667d745
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
prebid
prebid.ad.smaato.net/oapi/ 		0
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:05 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
3ce6b0a2-fa2a-4195-a7d6-ba288ee131f3
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
1fc6bd2cd5e03ca064dccb50755a42f5d96c748b69bf7ffa6f36678035963665

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
cdb
bidder.criteo.com/ 		188 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=117&profileId=185&av=34&wv=6.10.0&cb=82544031280
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
54e2eb1b4ffe49e2c4bd426f56c7c2abad8eda2341936ce4b36462bd12a2275f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
172
/
px.vliplatform.com/bi-v4/ 		0
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNKYUZTRzdNtyAqqAwt-raKY-PMeA-aaKB-TKMKwBeYrPKqRlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNARkjmNaKAbaARwlNjxqfzxdrtb,kzwigxlt,zkohstsoyz,qhhftbxl,gyzdtroq,thsqffofu,qdb,xfkxsn,ldqqzg,gftzqu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9H92r0sx%2FwNdDHZg2tIPG1AdkD%2F328g6rAVgm%2BqTmRG3hMh%2FrJqqrHRqXL7aqToNiX0T9JModcgDwCoc25r8n55ZyI2Ewvaap84pO%2BJT73cZTNyAT2%2BA2gtcTmD4kVfuO0Rt4Ghw4rAyzq%2F5W%2FLoYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e507dbf8c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
/
px.vliplatform.com/bi-v4/ 		0
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNKYUZTRzdNerwMraya-tBUA-PeaA-artq-aBeqqaqawaBARlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNARkjmNKYMbaARwlNjxqfzxdrtb,kzwigxlt,zkohstsoyz,qhhftbxl,gyzdtroq,thsqffofu,qdb,xfkxsn,liqktzikgxui,ldqqzg,gftzqu,nqiggllh,ekoztg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiZuiT%2FD7j8XUjAsC%2FbMXx3J%2FBL%2BvQtJP5%2FxcN6zN%2FZtsBFgfdh%2BKT559ndbUFuD5ffCzh64SJ4XhZwep7Hx3BA%2FEC2VKTSa3MVlwz1B2ZBsg9WDmMc5%2B8wCtIYQsr%2BdZAmtrWF%2FQEiS5iXMJJrhQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e507dc18c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
events
bidder.criteo.com/csm/ 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?countrycode=US
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
public,max-age=86397
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_native_multi_native_under_related&e=ufp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:49:05 GMT
cf-cache-status
HIT
age
328904
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9e533aa98c8f-EWR
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Fri, 25 Feb 2022 02:49:06 GMT
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:49:06 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
ROS
pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ 		423 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.08936603806633237&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&e_amxId=Ok9KE0QG-W1hOQkRY-U1lCQ0BSUVdJQkVT-WwlPQhZYA1lPQk5TU1QaUFhAND5aXkBST1pJR0NOTFpMXlZbUV1BUFhAFhoPXFY%252F&e_criteoId=RV2IEF9BRDB4VGplNTNTZldIYnBscHFqbEhWUkhIYzZ2d0ZYYmJDWXBzMUdCTjM5UjQlMkZPMDYlMkJ6UFVsckhSaDI4RkhrbE5CRFFEUGVZdFVBOWhqdW5MWWgwMiUyRnppVVJvam5mYkIzTHBpc0tBZTZnMmdIVFRZNWMwV1hvcEFiUjhDU1dHZg&e_id5id=%257B%2522uid%2522%253A%2522ID5*GWNoXCzq-Md4G6i-Jf3pVQvXVTddV50cEH2xWrpx6IoJHBsH3znHDuYP_x64IRzGCR164zOrzpx1TFd3cPweEAkeT48z4MhK2qz4m9n3R4IJH84ya5_CO-xsqywSDLhkCSBv8UAXok94J6_hvhBiuQkhjneYntb1Jckth3dNBMAJIo2uRsEdba-IVn61nSyPCSNdMu0jFbsA277AQWDhvAkkV5Pc1fOdg8aQKQ8SwbYJJcCtUl72RMcEN-q6SkLmCSaZOltnUm3fPH9s9zdtMQknYAck4_AESy97P_OQ5ZoJKNOKuugDs2mepajgXCIcCSmNkrcE1mB55d-Z9WqdGQkqxvukzsYO1edda0ag4-IJK4jilFidza4Un2A35Bd4CSxSIXFUrXoJhy2TdzN7_AktfAo17AG46p6Tpnk97BIJLpijtxrDNnLNLutXw_JaCS9F2JBsDjw0UQgiVoKk-gkwIK1m3ZQmQ-23FRBtM9EJMcLS_Sbt51QqzcqiOZXxCTI1IY9QcfP5FHLJDMzjrwkzWAIe4nup2yhNkB-Er6IJNApOduZBmjTMT4HRUCUQCTUtPt6LS0lZoBGU571DKgk2xQTkAHVDMstCdsm2pSQJN1vuOyLsTekf5Kdi9K0r%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A2%257D%257D&e_pubcid=483b11f3-554f-467d-b1b6-a457cb60b834
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b25a41c8c7387e1247905dadf132ba889966e5bda993383b3f8a197382725db3

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:06 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Fri, 25 Feb 2022 02:49:06 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
423
x-sid
IAD-1216
prebid
prebid.ad.smaato.net/oapi/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:06 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
b3ea260b-bd93-46b6-aa26-e8404b139c6b
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
prebid
prebid.ad.smaato.net/oapi/ 		0
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:06 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
bb05fddc-7b85-4090-86e5-93bdb38b5e49
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
unruly_prebid
targeting.unrulymedia.com/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Fri, 25 Feb 2022 02:49:06 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
prebid
ib.adnxs.com/ut/v3/ 		252 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
db616b4210e0a45a9441e6e6dbfbe89c7fb3ea008dba7a618b95192aa0c65fe9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:06 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
4b624b7f-af30-4b25-b87d-c9b7cc4db270
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
252
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.10.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.71.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-71-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:06 GMT
x-auction-status
12, 12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
0e756ddc6ac2b4a00722515c9b196ee2a54c133e943d79e63e65f42246016316

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:06 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
c
prebid.a-mo.net/a/ 		137 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
ec5c15bcce3689169684ad88b997195f706da910b05edb47e36d963f7a0fe848

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
content-encoding
gzip
server
envoy
vary
origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
44
cdb
bidder.criteo.com/ 		188 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=117&profileId=185&av=34&wv=6.10.0&cb=90384989631
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f27f2c5ef2235f3ebd92d86975e320bee43b6ae2b42a6be0cc8d2bd949aa7a80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:06 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
172
prebid
ib.adnxs.com/ut/v3/ 		252 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b20e967dc5a139573689b5cf6c4a2d2f733ac9df0fd1ee8628e6b2afe7463186
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:06 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
9804851b-6cff-4637-8ea4-f8c7e1d5c8a1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
252
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.229.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-229-107.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Fri, 25 Feb 2022 02:49:06 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
quantumdex
useast.quantumdex.io/auction/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
6e2d9e57f97c0c91-EWR
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:06 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
/
px.vliplatform.com/bi-v4/ 		0
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNKYUZTRzdNMBMABYet-TyyA-PtTY-wABT-yBZrwPwPywMYRlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNARkjmNaKAbaARwlNgftzqu,thsqffofu,ldqqzg,xfkxsn,gyzdtroq,zkohstsoyz,qdb,qhhftbxl,jxqfzxdrtb,kzwigxlt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZF2PU49M3TAQ2jqMOzpqJHZtLVsyh1hzCEiANzvjNaR%2BrUNfBPRiJI1EknybQCI1r%2BsMtjRgpgMC4IBtKaK1%2Fci7ihloNHI0jmSVj6WEOLHXLPonqc1GBR%2FcWvMgTCnx5OLg6VzrW%2BCFa%2FbtDcWiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e57fafd8c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
/
px.vliplatform.com/bi-v4/ 		0
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNKYUZTRzdNqKMqrMqA-qaPt-PKaY-qeBw-AryqPwYaUMPwRlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNARkjmNKYMbaARwlNgftzqu,thsqffofu,ldqqzg,xfkxsn,gyzdtroq,zkohstsoyz,nqiggllh,qdb,ekoztg,qhhftbxl,liqktzikgxui,jxqfzxdrtb,kzwigxlt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pcp%2BNYsEDnZ5LZXpQiZAHP8kPKkYT8wmzlFpGpk62swjsINCLVKYvQitJ61Q7LAfkdC3qkxNb49%2F74t2j%2BdhSbNE8rxFCSNK4EaqHdpHVu49FClwzd5L1nBhdfX%2FagBVl5T7egKtvXIE9hsv0xchxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e57fafe8c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
events
bidder.criteo.com/csm/ 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 25 Feb 2022 02:49:05 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?countrycode=US
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:06 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
public,max-age=86396
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:49:07 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Fri, 25 Feb 2022 02:49:07 GMT
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		252 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d8a4d03963f128adb61e3553d091ab804a10fc3477fb2edca0d9bf53e5358fed
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:07 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
251183b0-6cd5-42e9-b27e-eba5f7cf4e49
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
252
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.229.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-229-107.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Fri, 25 Feb 2022 02:49:07 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
auction
tlx.3lift.com/header/ 		19 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.10.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.71.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-71-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:07 GMT
x-auction-status
12, 12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
c
prebid.a-mo.net/a/ 		137 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
ec5c15bcce3689169684ad88b997195f706da910b05edb47e36d963f7a0fe848

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:07 GMT
content-encoding
gzip
server
envoy
vary
origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
135
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		188 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=117&profileId=185&av=34&wv=6.10.0&cb=53452665197
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
132f6f99161078b324db7e1a8dc10bc0d7d40bcb8b287061ad91be3fd26bc7df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:07 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
172
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7c2c45f07e0680217b1741538f47f5a1e7e55c896cd125f08a1f6f1d5ad0ed1e

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:07 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
prebid
prebid.ad.smaato.net/oapi/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:07 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
9e7edf83-2202-4d0f-b7c8-091b269a7f6d
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
prebid
prebid.ad.smaato.net/oapi/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:07 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
fd4e4757-2c8b-442e-a87b-7f6612374c78
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
quantumdex
useast.quantumdex.io/auction/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
6e2d9e5f6b310c91-EWR
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:07 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		252 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
8b861f7dd6e80631402683bc5ace0a954732c75b64c89101af77e6b43f820938
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:07 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
189e3a9d-f01f-4938-ad06-ac610b5b6ad5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
252
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ROS
pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ 		423 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.08936603806633237&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&e_amxId=Ok9KE0QG-W1hOQkRY-U1lCQ0BSUVdJQkVT-WwlPQhZYA1lPQk5TU1QaUFhAND5aXkBST1pJR0NOTFpMXlZbUV1BUFhAFhoPXFY%252F&e_criteoId=RV2IEF9BRDB4VGplNTNTZldIYnBscHFqbEhWUkhIYzZ2d0ZYYmJDWXBzMUdCTjM5UjQlMkZPMDYlMkJ6UFVsckhSaDI4RkhrbE5CRFFEUGVZdFVBOWhqdW5MWWgwMiUyRnppVVJvam5mYkIzTHBpc0tBZTZnMmdIVFRZNWMwV1hvcEFiUjhDU1dHZg&e_id5id=%257B%2522uid%2522%253A%2522ID5*GWNoXCzq-Md4G6i-Jf3pVQvXVTddV50cEH2xWrpx6IoJHBsH3znHDuYP_x64IRzGCR164zOrzpx1TFd3cPweEAkeT48z4MhK2qz4m9n3R4IJH84ya5_CO-xsqywSDLhkCSBv8UAXok94J6_hvhBiuQkhjneYntb1Jckth3dNBMAJIo2uRsEdba-IVn61nSyPCSNdMu0jFbsA277AQWDhvAkkV5Pc1fOdg8aQKQ8SwbYJJcCtUl72RMcEN-q6SkLmCSaZOltnUm3fPH9s9zdtMQknYAck4_AESy97P_OQ5ZoJKNOKuugDs2mepajgXCIcCSmNkrcE1mB55d-Z9WqdGQkqxvukzsYO1edda0ag4-IJK4jilFidza4Un2A35Bd4CSxSIXFUrXoJhy2TdzN7_AktfAo17AG46p6Tpnk97BIJLpijtxrDNnLNLutXw_JaCS9F2JBsDjw0UQgiVoKk-gkwIK1m3ZQmQ-23FRBtM9EJMcLS_Sbt51QqzcqiOZXxCTI1IY9QcfP5FHLJDMzjrwkzWAIe4nup2yhNkB-Er6IJNApOduZBmjTMT4HRUCUQCTUtPt6LS0lZoBGU571DKgk2xQTkAHVDMstCdsm2pSQJN1vuOyLsTekf5Kdi9K0r%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A2%257D%257D&e_pubcid=483b11f3-554f-467d-b1b6-a457cb60b834
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b25a41c8c7387e1247905dadf132ba889966e5bda993383b3f8a197382725db3

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:07 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Fri, 25 Feb 2022 02:49:07 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
423
x-sid
IAD-1216
unruly_prebid
targeting.unrulymedia.com/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Fri, 25 Feb 2022 02:49:07 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
/
px.vliplatform.com/bi-v4/ 		0
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNKYUZTRzdNPtYtUTTU-UKMq-PPwq-qrYZ-BPqeKAaUtwZrRlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNARkjmNaKAbaARwlNqhhftbxl,zkohstsoyz,qdb,gftzqu,ldqqzg,jxqfzxdrtb,kzwigxlt,gyzdtroq,thsqffofu,xfkxsn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLcPfG8mUW8UKcDYVhqjm8SQdPa%2F45naKcKRFlDmWGuLRaX9o06dCVprpSZJhgLKOa0durEJ6N4BMcI2HI2120%2FN6G8EFyrEW8rnGPDfakLqXxxyJUYzJhPBMCB7nEyB1ODjPcNfHcfKBuFyWB6AZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e5f791a8c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
/
px.vliplatform.com/bi-v4/ 		0
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNKYUZTRzdNAUUwyBKr-ywUB-PqrK-aPUw-yPPUAKUqPZZMRlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNARkjmNKYMbaARwlNqhhftbxl,liqktzikgxui,zkohstsoyz,qdb,gftzqu,ekoztg,nqiggllh,ldqqzg,jxqfzxdrtb,kzwigxlt,gyzdtroq,thsqffofu,xfkxsn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UG3Ppo3P23ragrR45oEqvUdAQBWl15TkBV084WdORwMZ3iTc5dz%2BX3BHV467Nsu%2B3rDAlJceRNCfR%2FqjTbsNYJRapEQX3r1nQuBgcuAOSRqIo50kArXAnvQSKcGTte30ylT2Be1Y2SN6E8xGhoPMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e5f791d8c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
dt
dt.adsafeprotected.com/ Frame 180D 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=904480&asId=5c400c75-17ed-378a-4476-88378025a091&tv=%7Bc:5chucg,pingTime:5,time:6373,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:300,h:0,t:25%7D,%7Br:r,h:250,t:195%7D,%7Bpiv:100,vs:i,r:,t:1372%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1372,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1365~0,0~100%5D,as:%5B189~300.0,1176~300.250%5D%7D%7D,%7Bsl:i,t:1372,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:8,fm:sYpU5jB+11%7C12%7C13%7C14%7C151%7C152%7C153%7C1541%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i*.904480-59616675%7C1i1%7C1j.904480-59616658%7C1j1%7C1k%7C1l1%7C1l2%7C1m,idMap:1i*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:07 GMT
X-Server-Name
dt35.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 180D 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=904480&asId=5c400c75-17ed-378a-4476-88378025a091&tv=%7Bc:5chucg,pingTime:5,time:6373,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:300,h:0,t:25%7D,%7Br:r,h:250,t:195%7D,%7Bpiv:100,vs:i,r:,t:1372%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1372,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1365~0,0~100%5D,as:%5B189~300.0,1176~300.250%5D%7D%7D,%7Bsl:i,t:1372,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:8,fm:sYpU5jB+11%7C12%7C13%7C14%7C151%7C152%7C153%7C1541%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i*.904480-59616675%7C1i1%7C1j.904480-59616658%7C1j1%7C1k%7C1l1%7C1l2%7C1m,idMap:1i*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:07 GMT
X-Server-Name
dt39.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
events
bidder.criteo.com/csm/ 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 25 Feb 2022 02:49:07 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?countrycode=US
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:07 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
public,max-age=86395
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
dt
dt.adsafeprotected.com/ Frame 2D54 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=904480&asId=41c325b9-c60f-b543-be1b-add61f823207&tv=%7Bc:5chufu,pingTime:5,time:6354,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:160,h:0,t:22%7D,%7Br:r,h:600,t:173%7D,%7Bpiv:100,vs:i,r:,t:1354%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5000,o:1354,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1348~0,0~100%5D,as:%5B167~160.0,1181~160.600%5D%7D%7D,%7Bsl:i,t:1354,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:8,fm:sYpU5jB+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i.904480-59616675%7C1i1%7C1i2%7C1i3%7C1i4%7C1j*.904480-59616658%7C1j1%7C1k%7C1l1%7C1l2%7C1m%7C1n%7C1o,idMap:1j*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:08 GMT
X-Server-Name
dt39.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 2D54 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=904480&asId=41c325b9-c60f-b543-be1b-add61f823207&tv=%7Bc:5chufv,pingTime:5,time:6355,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:160,h:0,t:22%7D,%7Br:r,h:600,t:173%7D,%7Bpiv:100,vs:i,r:,t:1354%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1354,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1348~0,0~100%5D,as:%5B167~160.0,1181~160.600%5D%7D%7D,%7Bsl:i,t:1354,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:8,fm:sYpU5jB+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i.904480-59616675%7C1i1%7C1i2%7C1i3%7C1i4%7C1j*.904480-59616658%7C1j1%7C1k%7C1l1%7C1l2%7C1m%7C1n%7C1o,idMap:1j*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:08 GMT
X-Server-Name
dt35.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
PugMaster
image6.pubmatic.com/AdServer/ Frame 9E81 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=29339982&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:07 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 4F51 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69259383&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:06 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 55AF 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=8339439&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:07 GMT
content-length
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:49:09 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Fri, 25 Feb 2022 02:49:09 GMT
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		252 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ac8660ef62df853fe62a0fdb8d6de04d17a77e117b958f42fb1ac84afd01f5c6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:09 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
432d660c-9bb3-4f41-8f16-6b778566b2f0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
252
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7adc442528a6c3939e202a7f679dbafe0421fcac16641ac64ac4d77ca0249d2e

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:09 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
c
prebid.a-mo.net/a/ 		137 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
ec5c15bcce3689169684ad88b997195f706da910b05edb47e36d963f7a0fe848

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:08 GMT
content-encoding
gzip
server
envoy
vary
origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
137
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:09 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
prebid.ad.smaato.net/oapi/ 		0
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:09 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
5a59d7ae-60c1-48ab-944f-f4d83f53bf6f
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
prebid
prebid.ad.smaato.net/oapi/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:09 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
8b6ceec6-f437-4122-a3c4-d867af3a959f
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
prebid
ib.adnxs.com/ut/v3/ 		19 B
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:09 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
d8fcc092-cc04-4470-b992-76d63061fb51
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.10.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.71.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-71-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:09 GMT
x-auction-status
12, 12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.229.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-229-107.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Fri, 25 Feb 2022 02:49:09 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
cdb
bidder.criteo.com/ 		188 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=117&profileId=185&av=34&wv=6.10.0&cb=87893201019
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
469d953c65e1bf38ed83e7bb78b96b63f7e55799fe268ce1c69bff7b7eff1370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:09 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
173
ROS
pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ 		423 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.08936603806633237&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&e_amxId=Ok9KE0QG-W1hOQkRY-U1lCQ0BSUVdJQkVT-WwlPQhZYA1lPQk5TU1QaUFhAND5aXkBST1pJR0NOTFpMXlZbUV1BUFhAFhoPXFY%252F&e_criteoId=RV2IEF9BRDB4VGplNTNTZldIYnBscHFqbEhWUkhIYzZ2d0ZYYmJDWXBzMUdCTjM5UjQlMkZPMDYlMkJ6UFVsckhSaDI4RkhrbE5CRFFEUGVZdFVBOWhqdW5MWWgwMiUyRnppVVJvam5mYkIzTHBpc0tBZTZnMmdIVFRZNWMwV1hvcEFiUjhDU1dHZg&e_id5id=%257B%2522uid%2522%253A%2522ID5*GWNoXCzq-Md4G6i-Jf3pVQvXVTddV50cEH2xWrpx6IoJHBsH3znHDuYP_x64IRzGCR164zOrzpx1TFd3cPweEAkeT48z4MhK2qz4m9n3R4IJH84ya5_CO-xsqywSDLhkCSBv8UAXok94J6_hvhBiuQkhjneYntb1Jckth3dNBMAJIo2uRsEdba-IVn61nSyPCSNdMu0jFbsA277AQWDhvAkkV5Pc1fOdg8aQKQ8SwbYJJcCtUl72RMcEN-q6SkLmCSaZOltnUm3fPH9s9zdtMQknYAck4_AESy97P_OQ5ZoJKNOKuugDs2mepajgXCIcCSmNkrcE1mB55d-Z9WqdGQkqxvukzsYO1edda0ag4-IJK4jilFidza4Un2A35Bd4CSxSIXFUrXoJhy2TdzN7_AktfAo17AG46p6Tpnk97BIJLpijtxrDNnLNLutXw_JaCS9F2JBsDjw0UQgiVoKk-gkwIK1m3ZQmQ-23FRBtM9EJMcLS_Sbt51QqzcqiOZXxCTI1IY9QcfP5FHLJDMzjrwkzWAIe4nup2yhNkB-Er6IJNApOduZBmjTMT4HRUCUQCTUtPt6LS0lZoBGU571DKgk2xQTkAHVDMstCdsm2pSQJN1vuOyLsTekf5Kdi9K0r%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A2%257D%257D&e_pubcid=483b11f3-554f-467d-b1b6-a457cb60b834
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b25a41c8c7387e1247905dadf132ba889966e5bda993383b3f8a197382725db3

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:09 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Fri, 25 Feb 2022 02:49:09 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
423
x-sid
IAD-1216
unruly_prebid
targeting.unrulymedia.com/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Fri, 25 Feb 2022 02:49:09 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
quantumdex
useast.quantumdex.io/auction/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
6e2d9e682dab0c91-EWR
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
px.vliplatform.com/bi-v4/ 		0
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNKYUZTRzdNPwTZrYrP-YBet-PAyT-MwMw-UUTqyYKTZMewRlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNARkjmNaKAbaARwlNqhhftbxl,qdb,kzwigxlt,ldqqzg,gyzdtroq,zkohstsoyz,thsqffofu,xfkxsn,jxqfzxdrtb,gftzqu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0%2BvJTM%2B62x53LC%2F73kmQPN5CSmlEWU6DkBPc0sSDutqGSXerEYldITM4UMI%2FcRULdlJhpcYg7MVoqi9Cup%2Fo%2B%2FsY%2F8IEMl%2BjFL6EjKx%2BmwOrbPR7nMWfxC3q4rGvazi6TDIIgCUdBqdgj5ZXZKAbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e683fcb8c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
/
px.vliplatform.com/bi-v4/ 		0
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNKYUZTRzdNBPwABtwY-UPYM-PYAY-MTPK-rYqBZBqeYYAaRlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNARkjmNKYMbaARwlNqhhftbxl,nqiggllh,qdb,kzwigxlt,ldqqzg,gyzdtroq,zkohstsoyz,liqktzikgxui,ekoztg,thsqffofu,xfkxsn,jxqfzxdrtb,gftzqu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRptT5v31KW3G5cdAr66m6kSzo%2BqaaUoV5eSbmw39L8wJ1OpV58xH4HvLWYfAqvHsNZzgL%2F8EGv2DYyhFr8kSRbkscGgEcayxM5CDhDWZcpCFk1FfrXLn5158BzgRAL8mRCfgo87TLYly7aiajnNrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e683fcf8c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
all
csm.us.criteo.net/ Frame A32E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=T7l0u4jhpyfn17texkUgDeq2-RZW1yJDyTfxudItOzC4vSwRxByXcFXn_BianeW4lJtpfq5sT-_wtHvaTd93chCz-0LN7vg4Mcixf3Qm1BcOL8Qic4GAI1Au6243JXhpuiZwrZS_vaNI0prA9fZmRyrsyKiKkTnv_LOEsU5EACkLBfhoEbG8mH2veQDm7e-Jjsw5_bEFNFkCaTuj1YJtOBy5VzB0nCFG23jusxU0OxuWZMJlsxwmuDRaTUzwFV2K4aWCjKwrZ-P2Uzht&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YhhDnQAATXoKwxwUAAdDOYl3wyDaalxuagroXw&u=%7CQDj83vHWx0wXbtjzFAkzAL%2BuWMtKkp%2Fqh4uzMXc1cnI%3D%7C&c1=2P_wVlUbBFvUtJMceObjNouN5UYi7q7WBlwMhQciZgBhREh8cn4Nuw2-48UI60UexDJOG6pPPRK0-mK9eySrGdwSHSu897btvMBogid8AEIo2RE9h5UXo4MSYUWSbCD_Cy3hGzRL1RFaxQbQhKjVM4eA6w18k_IevvKblVS1NxBWjyYeGGBvW6nzxYfPWlAzNpJ-bMouWZgSCenxD0uAp8yQpRjfSvJvoJOKhENTiVfVlGrH-7Fjq9u1VD9rjusajBLCT26q-EUEj1DAg_PtPG-0nkR701huzeTQIYfLZEV_udPIJHzLhMLlEYRTzhT_sfQ2ytI4ERHaWbfLXW3uQVCwG8ak2zwOyoJc8S9JgMuL525ZISq0MWRqpbGWktD-uyKSFvWm9-eMGX0j6S3FjP8IEtzNLOxnNCZwy3tb13KeyVjh-3nqPpfxoluFf6vhFmMUIjNZExhYwWOIcKNzmioJAtz6sybiIlU5DEGS-A4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtA3vnUMYYvqaAZS4jAa5hp2QCpyB77Bc0papqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0oAGs3f7oA8gBCeACAKgDAaoEpQJP0CiGxNmDm-Q3BgDa9MSA8_cQ9njJI-PQKgpIV8vQYt83GbrdtuWgSd90EYYMN3uUcRR0cj5z6WkWg5FPg8YjtyzL3CDmwZnvu8r2-j_b65M4CUVGJ2U7ai7ywAF3BhEulvM_A233QJiH5emKRK8Ztm4LwVy92T0tmjVWe5nuQdkKZ9iCOFee85RlYGlj0ZC0O9zcxw5Tk2hLe_OW-QcYS3CawMERBCSvDQoXgw2qKIbYkI09TofyDDf_361R3aPdWQlRyuzHJTWfyFOqP_Fab0D9K7HkY8pRCTF5ArEisLwmltgxvwiIU0y1qJFS6oBjV-nFlkOHoHhzoPLeVnhKmp9GCpXIsDIeEEX5TVL1u6pGCMehTwmfQ_fhO9x6DuC7kuCKjeAEAYAG9Yvlv-nKwfkXoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0Njgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NhBVDM7qN07Uaeq5kubbf4NeJxA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 25 Feb 2022 02:49:08 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
events
bidder.criteo.com/csm/ 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 25 Feb 2022 02:49:08 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?countrycode=US
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:09 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
public,max-age=86393
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Fri, 25 Feb 2022 02:49:10 GMT
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
v1
btlr.sharethrough.com/universal/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.229.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-229-107.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Fri, 25 Feb 2022 02:49:10 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6e8bc3348456622ebc3c1e7054b22f8e3cb0b5a434bfcd0d28f383473adf7e53

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:10 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ 		137 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
ec5c15bcce3689169684ad88b997195f706da910b05edb47e36d963f7a0fe848

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:09 GMT
content-encoding
gzip
server
envoy
vary
origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
13
prebid
prebid.ad.smaato.net/oapi/ 		0
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:10 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
01fc1c18-f4e2-491a-bdaf-c1ac6cf42e57
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
prebid
prebid.ad.smaato.net/oapi/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:10 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
10fab927-c1d1-430b-a3f6-ea3742c601b9
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
unruly_prebid
targeting.unrulymedia.com/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Fri, 25 Feb 2022 02:49:10 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		252 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f2deb614d60a5b4e871743a58a4d5d548fef538924a85cf05a67e5cd136a7028
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:10 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
95350acf-b070-4aad-91c3-fbc8759a7065
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
252
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.10.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.71.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-71-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:10 GMT
x-auction-status
12, 12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
quantumdex
useast.quantumdex.io/auction/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
6e2d9e6fdf6a0c91-EWR
prebid
ib.adnxs.com/ut/v3/ 		19 B
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:10 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
6547ce24-f3cc-4103-8b2a-2332d89ad0f6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ROS
pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ 		423 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.08936603806633237&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&e_amxId=Ok9KE0QG-W1hOQkRY-U1lCQ0BSUVdJQkVT-WwlPQhZYA1lPQk5TU1QaUFhAND5aXkBST1pJR0NOTFpMXlZbUV1BUFhAFhoPXFY%252F&e_criteoId=RV2IEF9BRDB4VGplNTNTZldIYnBscHFqbEhWUkhIYzZ2d0ZYYmJDWXBzMUdCTjM5UjQlMkZPMDYlMkJ6UFVsckhSaDI4RkhrbE5CRFFEUGVZdFVBOWhqdW5MWWgwMiUyRnppVVJvam5mYkIzTHBpc0tBZTZnMmdIVFRZNWMwV1hvcEFiUjhDU1dHZg&e_id5id=%257B%2522uid%2522%253A%2522ID5*GWNoXCzq-Md4G6i-Jf3pVQvXVTddV50cEH2xWrpx6IoJHBsH3znHDuYP_x64IRzGCR164zOrzpx1TFd3cPweEAkeT48z4MhK2qz4m9n3R4IJH84ya5_CO-xsqywSDLhkCSBv8UAXok94J6_hvhBiuQkhjneYntb1Jckth3dNBMAJIo2uRsEdba-IVn61nSyPCSNdMu0jFbsA277AQWDhvAkkV5Pc1fOdg8aQKQ8SwbYJJcCtUl72RMcEN-q6SkLmCSaZOltnUm3fPH9s9zdtMQknYAck4_AESy97P_OQ5ZoJKNOKuugDs2mepajgXCIcCSmNkrcE1mB55d-Z9WqdGQkqxvukzsYO1edda0ag4-IJK4jilFidza4Un2A35Bd4CSxSIXFUrXoJhy2TdzN7_AktfAo17AG46p6Tpnk97BIJLpijtxrDNnLNLutXw_JaCS9F2JBsDjw0UQgiVoKk-gkwIK1m3ZQmQ-23FRBtM9EJMcLS_Sbt51QqzcqiOZXxCTI1IY9QcfP5FHLJDMzjrwkzWAIe4nup2yhNkB-Er6IJNApOduZBmjTMT4HRUCUQCTUtPt6LS0lZoBGU571DKgk2xQTkAHVDMstCdsm2pSQJN1vuOyLsTekf5Kdi9K0r%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A2%257D%257D&e_pubcid=483b11f3-554f-467d-b1b6-a457cb60b834
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b25a41c8c7387e1247905dadf132ba889966e5bda993383b3f8a197382725db3

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Fri, 25 Feb 2022 02:49:10 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
423
x-sid
IAD-1216
cdb
bidder.criteo.com/ 		188 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=117&profileId=185&av=34&wv=6.10.0&cb=66540965564
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5c4f5642ea3a5cac37fcecd31bcbaecd601a8648935cb2ae66849404c96a9a8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
173
/
px.vliplatform.com/bi-v4/ 		0
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNKYUZTRzdNrBarAYMB-rywq-PTBq-MyMr-UKrrBPTTyeaYRlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNARkjmNKYMbaARwlNliqktzikgxui,nqiggllh,kzwigxlt,qdb,ldqqzg,xfkxsn,gftzqu,qhhftbxl,zkohstsoyz,jxqfzxdrtb,gyzdtroq,thsqffofu,ekoztg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ka2BDy7OeHjkS9GQ0e7eIeSeDvd122l%2F%2FT78t1rie5%2B5KVZosyyZJ4viRONhNnaZXEykGz%2BR0Xy0RgHmOPbuxRSgKm1omPYCsBL9R0PIed8KAUr7E0geSa%2FhYf6Awn8OhpmJlFYLjXNdAiwUtqmMhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e6fee818c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
/
px.vliplatform.com/bi-v4/ 		0
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNKYUZTRzdNMKMqBPTe-MPZr-PYBK-MKTa-tAPArPMUTAAMRlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNARkjmNaKAbaARwlNkzwigxlt,qdb,ldqqzg,xfkxsn,gftzqu,qhhftbxl,zkohstsoyz,jxqfzxdrtb,gyzdtroq,thsqffofu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fvgxsfgz2Tx5UN5VJnWy5j5Jq%2BjE6q7YEJi9B1cfbbWxHSIdjAfxzaLlqsNezZPsAImkA5pe%2F92Avony%2FNrkDg15BH04Xe91HzjWd14Zk8wNPpnAVhzrUfcUPpZlZ4q%2BGS62dPfEOpRB17Eaqym9nA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e6fee838c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
events
bidder.criteo.com/csm/ 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?countrycode=US
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:09 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
public,max-age=86392
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
img.fetch
udmserve.net/udm/ 		18 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=14863;tid=23;ev=1;dt=6;refresh=2;cb=1777e6a0b127a368;product=reel
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
d758262688541e6be8fa2cf7642a98d10144c7d6ccfdcd19c97abf2bc8438102

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:10 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Expires
0
dc_oe=ChMI44Tu7OuZ9gIVGgDDCh2BVg84EAEYACCMxKlO;met=1;&timestamp=1645757350837;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 2CF6 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI44Tu7OuZ9gIVGgDDCh2BVg84EAEYACCMxKlO;met=1;&timestamp=1645757350837;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
underdog
underdog.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://underdog.technoratimedia.com/openrtb/bids/underdog?src=prebid_prebid_6.8.0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 25 Feb 2022 02:49:10 GMT
access-control-allow-headers
content-type
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
812960967
age
0
via
1.1 varnish
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b44a2065d&cmd=bid&reserve=0.17045454545454547&eidadserver.org=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f6932f7d9db43ef1db08135a224fe9a14f6dc9724fcb52ae9fd8b1ab0f8d2bf5

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b44a2065d&cmd=bid&reserve=0.17045454545454547&eidadserver.org=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
247b753903869ca58a33b5c01bc49f8a9bd34fb5aa7e3d723f6e2afd1b0f764d

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b44a2065d&cmd=bid&reserve=0.17045454545454547&eidadserver.org=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
d35ad7e0d90d38d02b3d452c432f340cc0598bc1032d319d5734470e7940ff7a

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b44a2065d&cmd=bid&reserve=0.17045454545454547&eidadserver.org=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
d02ef976173571be5f9d80cb37b58ee1c4ab7996c750ba0e240a8b54a19f9235

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9690ec017574ff17bd043f82f90029&cmd=bid&reserve=0.13636363636363635&eidadserver.org=7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ecfda9b25bf900a62c35614dee02d67d30e3a1b01da0c3226bf2cfefa9518837

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/ 		19 B
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:10 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
a9ed2734-78cd-433a-b600-dbc62fc56465
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		493 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22197b29de40a39598%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09574468085106383%7Cgpid%3Dreel-728x90%22%2C%2219880cdc0b10e4a3%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09574468085106383%7Cgpid%3Dreel-728x90%22%2C%221996de5a0bf6b3a1%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09574468085106383%7Cgpid%3Dreel-728x90%22%2C%222008dbabac125588%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09574468085106383%7Cgpid%3Dreel-728x90%22%2C%22201819890c38ff56%22%3A%229deebb29fccb6ed4404b%7C300x250%7Cf%3D0.15957446808510642%7Cgpid%3Dreel-300x250%22%2C%222021a31a42c27103%22%3A%229deebb29fccb6ed4404b%7C300x250%7Cf%3D0.15957446808510642%7Cgpid%3Dreel-300x250%22%2C%22203a3d6b070ff929%22%3A%229deebb29fccb6ed4404b%7C300x250%7Cf%3D0.15957446808510642%7Cgpid%3Dreel-300x250%22%2C%22204a54cbe3957ed7%22%3A%22076311570b44811073b6%7C%7Cf%3D3.202127659574468%7Cgpid%3Dreel-400x250%22%2C%222053595ee661fc69%22%3A%22076311570b44811073b6%7C%7Cf%3D3.202127659574468%7Cgpid%3Dreel-400x250%22%2C%22206475fffaf0dcf2%22%3A%22076311570b44811073b6%7C%7Cf%3D3.202127659574468%7Cgpid%3Dreel-400x250%22%2C%2220701c07ce614a8b%22%3A%22cc4a74d908fc7d1eac48%7C%7Cf%3D3.202127659574468%7Cgpid%3Dreel-320x180%22%2C%22208b9b9ddfe4cfbf%22%3A%22cc4a74d908fc7d1eac48%7C%7Cf%3D3.202127659574468%7Cgpid%3Dreel-320x180%22%2C%222096a752da419a15%22%3A%22cc4a74d908fc7d1eac48%7C%7Cf%3D3.202127659574468%7Cgpid%3Dreel-320x180%22%7D&ref=https%3A%2F%2Fwww.hawtcelebs.com%2F&s=c469c206-a996-4fb4-8c35-97b07ab6056d&pv=3236e3bd-6d5e-42a8-9db2-480a004e8d9d&vp=desktop&lib_name=prebid&lib_v=6.8.0&us=5&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22udmserve.net%22%2C%22sid%22%3A%222993%22%2C%22hp%22%3A1%2C%22rid%22%3A%228ad469c4-d90f-4e4c-bbaa-bb10ea7daa10%22%7D%5D%7D&userid=%7B%22tdid%22%3A%227ab8afa3-6b9b-4d24-b1ff-11dd1b864152%22%7D&eids=%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227ab8afa3-6b9b-4d24-b1ff-11dd1b864152%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D&coppa=0
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e1207a4d156683fd431cf6cd411535e987fdb958521cd64d79c4a090b601f3b0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:11 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-51
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-type
application/json
content-length
336
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
hb.emxdgt.com/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=4000&ts=1645757350880&src=pbjs
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.139.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-139-54.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:11 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
underdog
underdog.technoratimedia.com/openrtb/bids/ 		0
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdog.technoratimedia.com/openrtb/bids/underdog?src=prebid_prebid_6.8.0
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
858823860
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		137 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
ec5c15bcce3689169684ad88b997195f706da910b05edb47e36d963f7a0fe848

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
content-encoding
gzip
server
envoy
vary
origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
openrtb
ads.adaptv.advertising.com/rtb/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Underdog
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.11.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-11-208.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Underdog
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.11.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-11-208.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Underdog
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.11.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-11-208.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Underdog
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.11.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-11-208.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Underdog
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.11.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-11-208.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Underdog
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.11.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-11-208.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Underdog
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.11.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-11-208.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
/
d.adroll.com/bid/prebid/ 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/bid/prebid/
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.138.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-138-186.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:10 GMT
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
cffc842301d314eab58f64893ef5022bc06e049663afc5ae0601b10ddcf4bb3b

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
90fc81396adf6dfc8986fbda88dfe4f013815a5b22741d9a529e8a8ead5d9122

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
fab84463f40478d11b071cba07955a5cc7c055ec69fb38bbfddc19b0ef991394

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f56e1e6ea6924b9fdcefd2093d524d6eab28197f8dcbb8146f17e3afad0d9f28

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 02:49:11 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
ROS
pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ 		435 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.08936603806633237&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=6.10.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&e_amxId=Ok9KE0QG-W1hOQkRY-U1lCQ0BSUVdJQkVT-WwlPQhZYA1lPQk5TU1QaUFhAND5aXkBST1pJR0NOTFpMXlZbUV1BUFhAFhoPXFY%252F&e_criteoId=RV2IEF9BRDB4VGplNTNTZldIYnBscHFqbEhWUkhIYzZ2d0ZYYmJDWXBzMUdCTjM5UjQlMkZPMDYlMkJ6UFVsckhSaDI4RkhrbE5CRFFEUGVZdFVBOWhqdW5MWWgwMiUyRnppVVJvam5mYkIzTHBpc0tBZTZnMmdIVFRZNWMwV1hvcEFiUjhDU1dHZg&e_id5id=%257B%2522uid%2522%253A%2522ID5*GWNoXCzq-Md4G6i-Jf3pVQvXVTddV50cEH2xWrpx6IoJHBsH3znHDuYP_x64IRzGCR164zOrzpx1TFd3cPweEAkeT48z4MhK2qz4m9n3R4IJH84ya5_CO-xsqywSDLhkCSBv8UAXok94J6_hvhBiuQkhjneYntb1Jckth3dNBMAJIo2uRsEdba-IVn61nSyPCSNdMu0jFbsA277AQWDhvAkkV5Pc1fOdg8aQKQ8SwbYJJcCtUl72RMcEN-q6SkLmCSaZOltnUm3fPH9s9zdtMQknYAck4_AESy97P_OQ5ZoJKNOKuugDs2mepajgXCIcCSmNkrcE1mB55d-Z9WqdGQkqxvukzsYO1edda0ag4-IJK4jilFidza4Un2A35Bd4CSxSIXFUrXoJhy2TdzN7_AktfAo17AG46p6Tpnk97BIJLpijtxrDNnLNLutXw_JaCS9F2JBsDjw0UQgiVoKk-gkwIK1m3ZQmQ-23FRBtM9EJMcLS_Sbt51QqzcqiOZXxCTI1IY9QcfP5FHLJDMzjrwkzWAIe4nup2yhNkB-Er6IJNApOduZBmjTMT4HRUCUQCTUtPt6LS0lZoBGU571DKgk2xQTkAHVDMstCdsm2pSQJN1vuOyLsTekf5Kdi9K0r%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A2%257D%257D&e_pubcid=483b11f3-554f-467d-b1b6-a457cb60b834
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
897b6f63b4b66a9edfa91332ebdf4a672d48964df9807f1ab190b30a9a84d46f

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:11 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Fri, 25 Feb 2022 02:49:11 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
435
x-sid
IAD-1216
auction
tlx.3lift.com/header/ 		19 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.10.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.71.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-71-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:49:11 GMT
x-auction-status
12, 12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		252 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
24a1e3dd3df6866d30dbee6157662083348fddd29f15af7e6f783993f1fbcf97
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:11 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
9f7e9545-3680-4835-a692-7215d3910bde
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
252
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.ad.smaato.net/oapi/ 		0
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:11 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
f88ac7c0-df0e-4a7e-af3c-10f0ffa90c13
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
prebid
prebid.ad.smaato.net/oapi/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-17-150.compute-1.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:11 GMT
access-control-allow-credentials
true
server
SOMA
x-smt-sessionid
de1015f4-d4bb-43c9-8cde-fadd82bacfac
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
quantumdex
useast.quantumdex.io/auction/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
6e2d9e7729640c91-EWR
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Fri, 25 Feb 2022 02:49:11 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
c71836e496cea21e62913e290e1eeed1bfa8db67224abb9efdc0bbc429a6e6ba

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Feb 2022 02:49:11 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/ 		252 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.77 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
fbc68ddd439c5979020b7b0938066d6c0b34e98b3a8503d7e95fe67775bc36b7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:49:11 GMT
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
4c88d2b8-5b1e-4b6f-87f3-58a06175a390
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
252
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		137 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
ec5c15bcce3689169684ad88b997195f706da910b05edb47e36d963f7a0fe848

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:10 GMT
content-encoding
gzip
server
envoy
vary
origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
37
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
btlr.sharethrough.com/universal/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.229.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-229-107.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Fri, 25 Feb 2022 02:49:11 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
cdb
bidder.criteo.com/ 		188 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=117&profileId=185&av=34&wv=6.10.0&cb=70515069040
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d370a3b37db400bbf8bca4a06984faecc92fd6315e2564650cc8a721b7468175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:49:11 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
172
unruly_prebid
targeting.unrulymedia.com/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Fri, 25 Feb 2022 02:49:11 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
/
px.vliplatform.com/bi-v4/ 		0
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNKYUZTRzdNyZyKMKMK-rTqP-PMTa-ayTT-TaBqYwwaZAwtRlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNARkjmNaKAbaARwlNthsqffofu,zkohstsoyz,gyzdtroq,ldqqzg,jxqfzxdrtb,kzwigxlt,qhhftbxl,qdb,gftzqu,xfkxsn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCHefQ0Nn8OCrT5GAUPwn4I5k8rUnYGU%2BPyTm1djgNzO5CZFAl9iQPdbnS3t4Nog28vycogqCgCkt%2BgNwRIBCGYkUhvT9QA1qkSTMcl2OL43WvXPhZGs7q6klZAYbKmGp5CGE80IInOVZ0dcfeXkAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e773d3a8c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
/
px.vliplatform.com/bi-v4/ 		0
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNKMRrtNrtl0zghRleNplRmNKYUZTRzdNqrAMYBaT-wABK-PaMa-arYY-rweZaBYUKrBqRlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNARkjmNKYMbaARwlNthsqffofu,zkohstsoyz,gyzdtroq,ldqqzg,jxqfzxdrtb,kzwigxlt,nqiggllh,qhhftbxl,qdb,gftzqu,liqktzikgxui,ekoztg,xfkxsn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqhpfU%2FlYmqLyC1Bg6csVPhmG4JZQ62AfYAc%2FSXf%2FGDxUbQRWXbCN5srWPYC5jN44Z%2FfrY81Lbjq9SRhmgaaP3PVfepl6ZDPSHIZxa3OgHYZlQmsnEO%2F6%2FIJkipyf3zfWI7XQnqt%2FsjQ53XT7nfLSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e2d9e773d3c8c9c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.hawtcelebs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Fri, 25 Feb 2022 02:49:11 GMT
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
radApi
edge.udmserve.net/ 		20 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.udmserve.net/radApi
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.120 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
underdogmedia.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Feb 2022 02:49:11 GMT
Content-Length
20
Content-Type
application/json
events
bidder.criteo.com/csm/ 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 25 Feb 2022 02:49:11 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?countrycode=US
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:49:11 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
public,max-age=86391
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
onetag-sys.com
URL
https://onetag-sys.com/prebid-request
Domain
onetag-sys.com
URL
https://onetag-sys.com/prebid-request
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTEg1T0-fX2tuNIEOUqw1QaWN5YD8vmOxnToUvnUjIvuLpaPAlpHXI_DXk1x81W7ovgsGkL9GXMRoC6MUjn7FDNqGKfCF1TfTrtkpsaRcZIFmciSafj6YyY1G8ckQPkj6nz6_XNRJxx0y_-CRovGo-Espi1tPr0kjaEDbU7Bq2BJyN2-CRpL0Q-Wc2fSjyEWUpgIz65Te6PZzEXv8CktOpt35t_rEyeGrpXZ6x74-tR-ZZHhH6nBxrrgYQC3s-zLuOYFOvZ66Gy_qrBx5ySWU6J4Xp1wAp0ceWfk-RXtx11u4v9ABeacOYq5vexIRiqjzo1vHyIdfMX1Pncem6Sfjfz-RJ17UT2A8yNvdgTpdn61e2C3Li0Axf2TTR43lOHw&sig=Cg0ArKJSzBhhSehl5ym8EAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
px.powerlinks.com
URL
https://px.powerlinks.com/user/sync/ssps?userId=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&sourceId=9720221e-17c0-4db1-939f-9b2940f98506&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpowerlinks%26uid%3D%24%7BUSER%7D%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Domain
sync.adaptv.advertising.com
URL
https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEMkNJl_YAMpnvszerfkSe7g&google_cver=1&google_push=AYg5qPIkCNbZVnNiGWO28nxF8fLb0x28W-16YtHyjbQQOY4Ns1S9ONGmEyzLZEx136wby5qv1GcWD10Qq_ynZjSpzWTPbI3tf2s
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
Domain
pix.impdesk.com
URL
https://pix.impdesk.com/csync/google?google_gid=CAESEAPGKuWuImHVYQWHlsLGcxo&google_cver=1&google_push=AYg5qPK-5J4J7pVIrKmovWn7vWlGTY7Be4NFAR61CM-e7yxeYkBCHDegX0O_mCno1gcsVuqj0JbzhAMfUFt6Jb3xk3pq_ArXXrCP
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEOy2Ixk48rROn9X2hi-tD6Q&google_cver=1&google_push=AYg5qPLLvZX1GNNlOEO9V53ewzLp3-94SOlBRpVNCUvkRtT0QPCLuK3ZF_m3HLstyyzA4yNn_AxiJA7j8nFQjve1v6GcAaGhcuO1TQ
Domain
sync.tag.clrstm.com
URL
https://sync.tag.clrstm.com/lotame/sync?uid=92b8ad9e8cfdb3848cd04f18d676acf2
Domain
id5-sync.com
URL
https://id5-sync.com/c/434/796/3/7.gif?puid=7edfac87-95e5-11ec-b3ae-b9599d422bef&gdpr=0&gdpr_consent=
Domain
px.britepool.com
URL
https://px.britepool.com/sync?p=sonobi&id=ca27101e-92a6-4431-be3d-4c81d4005bc5&idtype=GOID&r=int.new.t
Domain
px.britepool.com
URL
https://px.britepool.com/sync?p=sonobi&id=ca27101e-92a6-4431-be3d-4c81d4005bc5&idtype=GOID&r=int.new.t
Domain
px.britepool.com
URL
https://px.britepool.com/sync?p=sonobi&id=ca27101e-92a6-4431-be3d-4c81d4005bc5&idtype=GOID&r=int.new.t
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync/intentiq/0?dspret=1&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%3B1678944572%26rnd%3D-1746455719%26pcid%3D%5BRX_UUID%5D
Domain
px.britepool.com
URL
https://px.britepool.com/sync?p=sonobi&id=ca27101e-92a6-4431-be3d-4c81d4005bc5&idtype=GOID&r=int.new.t

Verdicts & Comments Add Verdict or Comment

369 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 function| structuredClone object| __cfQR string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi number| demandSupplyAp object| demandSupplyTc object| demandSupply object| dspbjs object| _app object| googletag object| ggeac object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| udm_ads_queue boolean| udm_confiant_init object| confiant boolean| udm_edge_init object| _qoptions object| _qevents function| udm_r3Chunk object| udm_r3 object| _pbjsGlobals function| endedHandler function| udm_process_ads_queue function| delete_udm_edge function| reload_udm_edge function| quantserve function| __qc object| ezt function| qtrack undefined| $ function| jQuery function| gtag object| dataLayer object| menuItems object| trigger number| width object| bounding number| step function| slideMenu function| __tcfapi function| __uspapi object| google_tag_manager object| _VLIOBJ object| vitag number| udm_inpage_sid object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| scripts object| currentScript object| inpageDiv object| inpageScript object| udm_inpage_divs boolean| udm_inpage_initialized object| _Hasync object| _wau boolean| __cfRLUnblockHandlers object| udmRenderRates boolean| udmVideoPlayerRequested object| google_tag_data string| GoogleAnalyticsObject function| ga object| WAU_ren function| WAU_classic function| WAU_classic_request function| WAU_r_c function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady function| chfh function| chfh2 string| _HST_cntval object| Histats object| udmDefinedBlockedCreativeIds string| tagApi object| viAPItag object| observeElementInViewport object| GoogleGcLKhOms function| udmVideojs object| _molSettings function| InLine__A object| udmVideoPlayer function| udmRenderAd object| gaplugins object| gaData object| regeneratorRuntime function| __tcfapiui object| __ctcg_65349_0_exec object| _HistatsCounterGraphics_0_setValues object| ampInaboxIframes object| ampInaboxPendingMessages object| x string| x1 string| x2 object| Tynt object| $sf function| vlipbChunk object| vlipb object| mnet string| nobidVersion object| nobid object| a object| cv object| _dtspv object| _33Across object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| Criteo function| Splide object| viSplide object| lotame_3825 number| char function| lotameIsCompatible function| lt3825_ba function| lt3825_b undefined| lt3825_c undefined| lt3825_ca undefined| lt3825_da function| lt3825_ea object| lt3825_fa function| lt3825_ga function| lt3825_ha object| lt3825_ object| lt3825_6 function| lt3825_aa function| lt3825_a function| lt3825_d function| lt3825_e function| lt3825_f function| lt3825_g function| lt3825_h function| lt3825_i function| lt3825_j function| lt3825_ja function| lt3825_ia function| lt3825_k function| lt3825_l function| lt3825_ka function| lt3825_m function| lt3825_n function| lt3825_o function| lt3825_p function| lt3825_q function| lt3825_oa function| lt3825_la function| lt3825_ma function| lt3825_s function| lt3825_na function| lt3825_t function| lt3825_u function| lt3825_v function| lt3825_r function| lt3825_w function| lt3825_x function| lt3825_y function| lt3825_z function| lt3825_pa function| lt3825_A function| lt3825_B function| lt3825_qa function| lt3825_C function| lt3825_D function| lt3825_E function| lt3825_ra function| lt3825_G function| lt3825_H function| lt3825_F function| lt3825_sa function| lt3825_I function| lt3825_J function| lt3825_ta function| lt3825_ua function| lt3825_K function| lt3825_va function| lt3825_wa function| lt3825_xa function| lt3825_Ba function| lt3825_ya function| lt3825_za function| lt3825_Aa function| lt3825_Ca function| lt3825_Ea function| lt3825_Da function| lt3825_L function| lt3825_Fa function| lt3825_Ga function| lt3825_Ha function| lt3825_Ia function| lt3825_Ja function| lt3825_Ka function| lt3825_La function| lt3825_Ma function| lt3825_Na function| lt3825_M function| lt3825_N function| lt3825_O function| lt3825_P function| lt3825_Q function| lt3825_R function| lt3825_S function| lt3825_T function| lt3825_U function| lt3825_V function| lt3825_W function| lt3825_X function| lt3825_Y function| lt3825_Z function| lt3825__ function| lt3825_0 function| lt3825_2 function| lt3825_Oa function| lt3825_Qa function| lt3825_Pa function| lt3825_3 function| lt3825_Ra function| lt3825_1 function| lt3825_Sa function| lt3825_Ta function| lt3825_Ua function| lt3825_Va function| lt3825_Wa function| lt3825_Xa function| lt3825_4 function| lt3825_5 function| lt3825_Ya function| lt3825_Za function| lt3825__a function| lt3825_0a function| lt3825_1a function| lt3825_2a function| lt3825_3a function| lt3825_4a function| lt3825_5a function| lt3825_7 function| lt3825_8 function| lt3825_8a function| lt3825_9a function| lt3825_7a function| lt3825_6a function| lt3825_ab function| lt3825_$a function| lt3825_cb function| lt3825_bb function| lt3825_db function| lt3825_eb function| lt3825_fb function| lt3825_gb function| lt3825_hb function| lt3825_ib function| lt3825_kb function| lt3825_nb function| lt3825_mb function| lt3825_jb function| lt3825_qb function| lt3825_lb function| lt3825_ob function| lt3825_sb function| lt3825_rb function| lt3825_tb function| lt3825_pb function| lt3825_ub function| lt3825_vb function| lt3825_wb function| lt3825_9 function| lt3825_xb function| lt3825_yb function| lt3825_zb function| lt3825_Ab function| lt3825_Bb function| lt3825_$ function| lt3825_Cb function| lt3825_Db function| lt3825_Eb function| lt3825_Fb function| lt3825_Gb function| lt3825_Ib function| lt3825_Jb function| lt3825_Kb function| lt3825_Hb object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| google_image_requests number| j object| item

320 Cookies

Domain/Path Name / Value
widgets.outbrain.com/nanoWidget/externals/cookie Name: thirdparty
Value: yes
map.go.affec.tv/map/an Name: oo
Value: 1
.3lift.com/sync Name: sync
Value: CgoIgQIQkNeg9vIvCgoI4gEQkNeg9vIvCgoI5gEQkNeg9vIvCgoIhwIQkNeg9vIvCgkICRCQ16D28i8KCQg6EJDXoPbyLwoJCAsQkNeg9vIvCgoIjAIQkNeg9vIvCgoIngIQkNeg9vIvCgkIXxCQ16D28i8=
.mrtnsvr.com/sync Name: userId
Value: tHuIY_qfp
live.demand.supply/ Name: demandSupplyTi
Value: 865488bb-8c8c-4b61-8ad6-a294019cea83
.udmserve.net/ Name: udmts
Value: 1645757339.0
.udmserve.net/ Name: dt
Value: 21A677B2-1A5C-3152-A643-CB92B215FC99
.adnxs.com/ Name: uuid2
Value: 6237531769661368453
.technoratimedia.com/ Name: tads_uid
Value: 7A8646F843FF4D139B6FFA938E055A12
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220224214859-0500
.technoratimedia.com/ Name: tads_zora
Value: 2
www.hawtcelebs.com/ Name: udmsrc
Value: %7B%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 8DD63D45-098F-4BA1-B2D5-9EADA546BB39
.udmserve.net/ Name: sncr
Value: 7A8646F843FF4D139B6FFA938E055A12
.quantserve.com/ Name: mc
Value: 6218439b-76a0c-db736-f952c
.hawtcelebs.com/ Name: __qca
Value: P0-723989532-1645757339443
.pubmatic.com/ Name: PUBMDCID
Value: 2
.udmserve.net/ Name: apnid
Value: 6237531769661368453
.doubleclick.net/ Name: IDE
Value: AHWqTUnj8LsfjIQrhAXbo3lqzQ6tvGHhZtxBFORqrdopsfylJzrMhYClfaXLWlIqPP4
.hawtcelebs.com/ Name: __gads
Value: ID=50a014306ce78c7e:T=1645757339:S=ALNI_MZcaxinGW6ddiT1C2YI_LpSCXkWmA
.udmserve.net/ Name: pmid
Value: 8DD63D45-098F-4BA1-B2D5-9EADA546BB39
www.hawtcelebs.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.hawtcelebs.com/ Name: HstCfa1890596
Value: 1645757339837
www.hawtcelebs.com/ Name: HstCla1890596
Value: 1645757339837
www.hawtcelebs.com/ Name: HstCmu1890596
Value: 1645757339837
www.hawtcelebs.com/ Name: HstPn1890596
Value: 1
www.hawtcelebs.com/ Name: HstPt1890596
Value: 1
www.hawtcelebs.com/ Name: HstCnv1890596
Value: 1
www.hawtcelebs.com/ Name: HstCns1890596
Value: 1
.a-mo.net/ Name: amuid2
Value: a8fd6193-125b-4092-ba5f-7d642633cd48
.go.sonobi.com/ Name: __uis
Value: ca27101e-92a6-4431-be3d-4c81d4005bc5
.go.sonobi.com/ Name: _usd_hawtcelebs.com
Value: 3236e3bd-6d5e-42a8-9db2-480a004e8d9d
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_pp
Value: 1
.go.sonobi.com/ Name: __uir_zt
Value: 1
.go.sonobi.com/ Name: HAPLB8G
Value: s8551|YhhDn
.yahoo.com/ Name: A3
Value: d=AQABBJtDGGICEInlcCNPfQT3c3DYNjwunvAFEgEBAQGVGWIiYgAAAAAA_eMAAA&S=AQAAAtou6SYERqStclOSZWRcW9g
.hawtcelebs.com/ Name: _ga
Value: GA1.2.1278589249.1645757339
.hawtcelebs.com/ Name: _gid
Value: GA1.2.663945219.1645757340
.hawtcelebs.com/ Name: _gat_gtag_UA_10995097_8
Value: 1
www.hawtcelebs.com/ Name: udm_session
Value: 1
www.hawtcelebs.com/ Name: udm_edge_floater_fcap
Value: %5B1645757340026%5D
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1645757340
.dtscout.com/ Name: l
Value: 51A01645757340B9D37ECAF08DCD9DE1
.tynt.com/ Name: uid
Value: CoIKTGIYQ5yFY+EpFDI4Ag==
.sharethis.com/ Name: __stid
Value: ZGIABGIYQ5wAAAAJVZ0CAw==
.sharethis.com/ Name: __stidv
Value: 2
.casalemedia.com/ Name: CMID
Value: YhhDnC-gZ8XRz901.0T3uAAA
.casalemedia.com/ Name: CMPS
Value: 3809
.casalemedia.com/ Name: CMPRO
Value: 984
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-3f341e69-736e-41ac-7ec1-92eeb3778bee.akUySVXyPNAM2i0HxGg1xzajWcbCV%2FhvA65lmW67FPE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3APzQeaXNuQax-wZLus3eL7gW16p4.xN8egZo%2BNXGM7shJKnmaJ9QnGw4fwIk0mLoKw866fAc
.sharethrough.com/ Name: stx_user_id
Value: 2fc891d5-1d8e-4af9-a8d4-54ee1a91a2b4
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1645757340502%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1645757340502%7D%2C%7B%22p%22%3A%221d819f216e%22%2C%22f%22%3A1%2C%22ts%22%3A1645757340502%7D%2C%7B%22p%22%3A%2207dc82ae68%22%2C%22f%22%3A1%2C%22ts%22%3A1645757340502%7D%2C%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1645757340502%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1645757340502%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1645757340502%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1645757340502%7D%2C%7B%22p%22%3A%221d78e5a960%22%2C%22f%22%3A1%2C%22ts%22%3A1645757340502%7D%2C%7B%22p%22%3A%22e9b03986ff%22%2C%22f%22%3A2%2C%22ts%22%3A1645757340502%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1645757340502%7D%5D
.outbrain.com/ Name: obuid
Value: f9aa7d49-234c-44ee-959a-dfcb03ef529f
.emxdgt.com/ Name: uid
Value: 77721645757340509462a6
pbjs.e-planning.net/ Name: CT
Value: 1
.simpli.fi/ Name: suid
Value: 1D6054FD4F7741E7A2A9A9482C6BE4F4
.smartadserver.com/ Name: pid
Value: 1792352065511876935
.emxdgt.com/ Name: apn_id
Value: 6237531769661368453
.e-planning.net/ Name: E
Value: ADgd2YWayEdDRCw3
.hawtcelebs.com/ Name: OB-USER-TOKEN
Value: f9aa7d49-234c-44ee-959a-dfcb03ef529f
.tapad.com/ Name: TapAd_TS
Value: 1645757340836
.tapad.com/ Name: TapAd_DID
Value: 99c9dfe3-7960-4e03-b3d1-bfa17a067259
.adsymptotic.com/ Name: U
Value: 02ade0c5e2fec8a0123abae08b6b8b04
.media6degrees.com/ Name: clid
Value: 2r7uaho01170kwme2t6gg46f000000011j010901201
.media6degrees.com/ Name: acs
Value: 012020k1r7uahoxzt10
.go.affec.tv/ Name: ck
Value: 6218439cbea1e30001761ecf
.go.affec.tv/ Name: oo
Value: 1
.bidr.io/ Name: bito
Value: AAB7gk7EMIcAAH15dBe-JQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.33across.com/ Name: 33x_ps
Value: u%3D118982117215969%3As1%3D1645757340941%3Ats%3D1645757340941
.quantumdex.io/ Name: uid
Value: 97e03f0f-9875-4c2a-8ec5-76c29eadc74b
.algbid.app/ Name: uid_cross
Value: 7c7417fc-95e5-11ec-83ff-f65395c1404e
.algbid.app/ Name: sid_cross
Value: 7c3130ae-95e5-11ec-ac1b-4eb6034c3f60
.hawtcelebs.com/ Name: __dtsu
Value: 51A01645757340B9D37ECAF08DCD9DE1
.dtscdn.com/ Name: uid
Value: 51A01645757340B9D37ECAF08DCD9DE1
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU`s)JFF!A#Fi.TOKKnyW<U1`VROYQM-:A4H/=FxH@_DxQhyQ1RtoXy@ke^*f_bu7oA9/X%W#.wL4W1Qw1%hT<aJ
.adsrvr.org/ Name: TDID
Value: 7ab8afa3-6b9b-4d24-b1ff-11dd1b864152
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bku
Value: 4tL99JNessJ0O8GX
.krxd.net/ Name: _kuid_
Value: Ors1sVLa
.bidswitch.net/ Name: tuuid
Value: bf9fd540-38fe-45ee-94d0-583b2d0001e1
.bidswitch.net/ Name: c
Value: 1645757341
.bidswitch.net/ Name: tuuid_lu
Value: 1645757341
.mfadsrvr.com/ Name: tuuid
Value: 7f12fdf6-dbca-4e69-8ddc-f74474ff6005
.mfadsrvr.com/ Name: c
Value: 1645757341
.mfadsrvr.com/ Name: tuuid_lu
Value: 1645757341
.zemanta.com/ Name: zuid
Value: -zZOh2qE_czCLWu3mVLK
.zemanta.com/ Name: obuid
Value: GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
.outbrain.com/ Name: ttd
Value: 7ab8afa3-6b9b-4d24-b1ff-11dd1b864152
.outbrain.com/ Name: emx
Value: 6237531769661368453brt77721645757340509462a6
.outbrain.com/ Name: apnxs
Value: 6237531769661368453
.eyeota.net/ Name: mako_uid
Value: 17f2ec81df4-1ae10000010a53b5
.eyeota.net/ Name: SERVERID
Value: 21429~DM
.agkn.com/ Name: ab
Value: 0001%3A%2FpG6xPXWqWuCbOGH1MfAIFGUZirsw76C
.geistm.com/ Name: gdpid
Value: WBFCxB7O6NS6Q
.hawtcelebs.com/ Name: lotame_domain_check
Value: hawtcelebs.com
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTY0NTc1NzM0MSwiaWQiOiI2MjM3NTMxNzY5NjYxMzY4NDUzIiwibHMiOjE2NDU3NTczNDF9LCJ0dCI6eyJkdCI6MTY0NTc1NzM0MCwiaWQiOiJDb0lLVEdJWVE1eUZZK0VwRkRJNEFnPT0iLCJscyI6MTY0NTc1NzM0MH0sInYiOjB9|1645757341|ffd752409f88f33ad8e299ebc58199c5c3fe38c2
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnX3u7Y-P8AIkCJ1b9cXE4nQ-1JbsKQrtsCIjCqvnI4xrWmPBVI2r2LRQKApQC4TM1
.onaudience.com/ Name: cookie
Value: 279b1110fb6e7a95
.onaudience.com/ Name: done_redirects147
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEDKlDYCWUZf7SJLEiLdqqqM&KRTB&22987-CAESEDKlDYCWUZf7SJLEiLdqqqM&KRTB&23025-CAESEDKlDYCWUZf7SJLEiLdqqqM
.rubiconproject.com/ Name: khaos
Value: L01TFFPO-27-11SK
www.hawtcelebs.com/ Name: udm_session_rad
Value: 1
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 92b8ad9e8cfdb3848cd04f18d676acf2
.pippio.com/ Name: did
Value: 0CzrkrRT3IKgrvOz
.pippio.com/ Name: didts
Value: 1645757341
.pippio.com/ Name: nnls
Value:
.t.sharethis.com/ Name: pxcelPage_default_c010_C
Value: 1_0_1645757341340
.openx.net/ Name: i
Value: 9d983934-1e08-4867-9c1d-56c5ae384c1a|1645757341
.exelator.com/ Name: EE
Value: "f42a168765a3f3838b53a493d81243e4"
.adfarm1.adition.com/ Name: UserID1
Value: 7068473956751636630
.outbrain.com/ Name: rbcn
Value: L01TFFPO-27-11SK
.outbrain.com/ Name: mdfrc
Value: 7f12fdf6-dbca-4e69-8ddc-f74474ff6005
.outbrain.com/ Name: zmnta
Value: -zZOh2qE_czCLWu3mVLK
sofia.trustx.org/ Name: tuuid
Value: 8f90a3ab-deca-4632-9dfc-9155e991cc4b
sofia.trustx.org/ Name: c
Value: 1645757341
sofia.trustx.org/ Name: tuuid_lu
Value: 1645757341
.mathtag.com/ Name: uuid
Value: 30076218-439d-4700-9dda-44f2b86092d3
.outbrain.com/ Name: indxexcg
Value: YhhDnC_gZ8XRz901-0T3uAAAA9gAAAAB
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQsDRKskhMsUy1SE5LSTK2MLFITjEwSTO0SDEzN0tMTjNiAIIkCee5IBoCBNa%2FaWBn%2FCjL8J%2BRkeH4piksTBD29nqwyL0PlqgCzxbPQVPSvu4pN6qa5X8KUQXOHT3EjCqye99lAVSRDw33BWDuOIxhyYeJc8RR1b9bgu6QVzMPMKGq6TqhjirQ8F8TVeBelxaqAACT9mwR"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIknCeC6QggJmBgWsGmLmoFUQyPqwHkgBMZgSI"
.crsspxl.com/ Name: uid
Value: 7426497872870003229
.crsspxl.com/ Name: uuid
Value: b437011c-793d-4cc1-8d49-43f4e68c60b3
.ml314.com/ Name: pi
Value: 3625379462841368613
.outbrain.com/ Name: actvagnt
Value: 7068473956751636630
.creativecdn.com/ Name: u
Value: pUAYEdLnUbTBvBavmqfc
.creativecdn.com/ Name: ts
Value: 1645757341
.hawtcelebs.com/ Name: _cc_id
Value: 92b8ad9e8cfdb3848cd04f18d676acf2
.hawtcelebs.com/ Name: panoramaId_expiry
Value: 1645843741323
.advertising.com/ Name: APID
Value: UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
.outbrain.com/ Name: openx
Value: fe252f6a-c861-4a6c-a5a4-cc8072a4b8cc
.spotxchange.com/ Name: audience
Value: 7cb957e4-95e5-11ec-8924-154f9acf0203
sofia.trustx.org/ Name: um2
Value: !1,bf9fd540-38fe-45ee-94d0-583b2d0001e1,415036141
sofia.trustx.org/ Name: buid
Value: bf9fd540-38fe-45ee-94d0-583b2d0001e1
.crsspxl.com/ Name: st_c
Value: 1
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHNxCjR0MzC3Mw00TjN2MLYIsnUONHE0jjFwtDIxDjVZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJiSX5RZvqi0ODFRSlpDItKik8F75%252BeAgBDWSmO"
.teads.tv/ Name: tt_viewer
Value: f4ec407d-a96c-4635-9e07-b6e74c63f0ce
.outbrain.com/ Name: mediaforce_custom
Value: c2550f1a-f263-4602-bee7-8a8fdb84d8b2
.pippio.com/ Name: pxrc
Value: CJ2H4ZAGEgQIAhAAEgYI3awrEAA=
.360yield.com/ Name: tuuid
Value: 69497fcd-ba32-4b2d-834f-7b33fea6ad08
.360yield.com/ Name: tuuid_lu
Value: 1645757341
.demdex.net/ Name: demdex
Value: 73108287142213250733347802760755455793
.onaudience.com/ Name: done_redirects219
Value: 1
.smaato.net/ Name: SCM
Value: f60fa51f
.smaato.net/ Name: SCMo
Value: f60fa51f
.outbrain.com/ Name: bdswch
Value: bf9fd540-38fe-45ee-94d0-583b2d0001e1
.quantserve.com/ Name: d
Value: EH4BCQHDJYEA
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:1D6054FD4F7741E7A2A9A9482C6BE4F4
.outbrain.com/ Name: spotx
Value: 7cb957e4-95e5-11ec-8924-154f9acf0203
.mfadsrvr.com/ Name: ssh
Value: !google,1645757341!outbrain,1645757341
.outbrain.com/ Name: smaato
Value: f60fa51f
.dyntrk.com/ Name: dyn_u
Value: 06030002_6218439d8c50f
.outbrain.com/ Name: rtbhs
Value: pUAYEdLnUbTBvBavmqfc
.bing.com/ Name: MUID
Value: 23E644B20EEA6DE52A3355E40FED6C72
.c.bing.com/ Name: MR
Value: 0
.outbrain.com/ Name: smart
Value: 1792352065511876935
.tvpixel.com/ Name: sp
Value: 9f9ddd20-e757-44bb-b209-54c6ffb91aed
.outbrain.com/ Name: improve_digital
Value: 69497fcd-ba32-4b2d-834f-7b33fea6ad08
.outbrain.com/ Name: oath_display
Value: y-gN9kry9E2uFcSJRfniJwfT.u.xyx0wzcsnh2CeI-~A
.outbrain.com/ Name: oath
Value: UP7cb7eaee-95e5-11ec-bc54-0240f85d07b1
.dpm.demdex.net/ Name: dpm
Value: 73108287142213250733347802760755455793
.pubmatic.com/ Name: SPugT
Value: 1645756721
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-6f4993e5-bce2-4471-87d3-66cd3254ac34-005%22%2C%22nxtrdr%22%3Afalse%7D
.crsspxl.com/ Name: dcid
Value: 1
.uuidksinc.net/ Name: jcsuuid
Value: nDISTWobXL7z5coYjiyA
.outbrain.com/ Name: pubmatic
Value: 8DD63D45-098F-4BA1-B2D5-9EADA546BB39
.criteo.com/ Name: uid
Value: 29812a66-af29-4268-835e-b097cefbdb1c
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-6f4993e5-bce2-4471-87d3-66cd3254ac34-005%22%7D
.socdm.com/ Name: SOC
Value: YhhDncCo5uYAAIwDypkAAAAA
.sitescout.com/ Name: ssi
Value: 164da6cb-f2e5-437a-93f6-a083eca370ae#1645757342000
fksnk.com/ Name: AWSALBCORS
Value: Pf1y2Rz1LsXNt7B8y+hcB290GPI4i2WvzQao3MSfRIZ/2BzuufDD5DriHif2k3jhVAHsuDmpkOqU+RfgyZw8cSauzOWXzrYLyN2ZNwM+OzhCi/Hypf2Im2iPVDBU
.fksnk.com/ Name: f_001
Value: 38480258748610C4
.fksnk.com/ Name: g_001
Value: 1
.tremorhub.com/ Name: tvid
Value: e0c3ed7e4a1f4fdb8afd36381e39dbf7
.tremorhub.com/ Name: tv_UIDF
Value: CAESEHAjjo6iS3uHF89dlVmdAqE
.tremorhub.com/ Name: tvssa
Value: 1645757342134
.ctnsnet.com/ Name: cid_2917e71d376c4a26bb740edbbb9cf3aa
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: a7nseFwyEojpuMNpbIFmohUoZbhuqiZa43DCqdPcjUCCoxfdRCa54Sl0JxtPChLYZceyWPWbk258ZaRrrEmD8q30
.rqtrk.eu/ Name: browser_id
Value: 1:7b2d683e-32b9-4a4a-9c4c-c196fddda59c
.yieldmo.com/ Name: yieldmo_id
Value: gbf9917eef9aa0198e21%7C1645757342253%7C0%7C
.truoptik.com/ Name: to_master_s
Value: 5f450e0c344f7b146dcd68b5c49d30a2
.truoptik.com/ Name: to_version_s
Value: b2
.clickagy.com/ Name: cb
Value: YhhDnu5nxtEjlUMgr-lALqkj
.videohub.tv/ Name: UIXX_UPDT
Value: "UILO=1645757342327"
.videohub.tv/ Name: uid
Value: CI-ff2139a64e14163a0652a9632f4f6866
.mxptint.net/ Name: mxpim
Value: R1D531_EBD2E987_97664C0F.1.6218439E
.surveywall-api.survata.com/ Name: svResp
Value: ce21d7cc-805e-f22c-3c34-40f40f60fbaa
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YhhDngAIwBmCJwBB
.c.cintnetworks.com/ Name: TiPMix
Value: 37.9014848442289
.c.cintnetworks.com/ Name: x-ms-routing-name
Value: self
.turn.com/ Name: uid
Value: 4470016423583563883
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: atnxba1ag5i05yqyygmri2pw
.tidaltv.com/ Name: tidal_ttid
Value: bc3038ad-89f0-4035-9413-31ef3742a335
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjC2tDI0NAAAez4GCAkAAAA="
.taboola.com/ Name: t_gid
Value: 56243e83-42ef-450d-af38-b34e70e05cae-tuct911c91e
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: e34274d0-82d2-5338-b9ac-2289dbb46117
.betweendigital.com/ Name: ss
Value: 1
.agkn.com/ Name: u
Value: C|0AAAAAAAAKasAHgAAAAAA
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: a2v4uyqjq5yvbaszlqlx1ywv
.ib.mookie1.com/ Name: ibkukiuno
Value: s=f50ba1de-fc16-44de-88dc-53b6b71a1794&h=&v=0&l=-8585558495426230596&op=&hl=0&vlu=0&tcs=1&dcc=-8585558495426230596
.ib.mookie1.com/ Name: ibkukinet
Value: 95808158=-8585558495426230596
aorta.clickagy.com/ Name: chs
Value: [{"ch":"120","t":"2022-02-25 02:49:02"},{"ch":"5","t":"2022-02-25 02:49:02"},{"ch":"122","t":"2022-02-25 02:49:02"},{"ch":"124","t":"2022-02-25 02:49:02"},{"ch":"8","t":"2022-02-25 02:49:02"},{"ch":"114","t":"2022-02-25 02:49:02"},{"ch":"128","t":"2022-02-25 02:49:02"}]
www.hawtcelebs.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%227ab8afa3-6b9b-4d24-b1ff-11dd1b864152%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-01-25T02%3A49%3A03%22%7D
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.prebid.a-mo.net/ Name: _sv3_5
Value: 1
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.go.sonobi.com/ Name: __uin_mm
Value: 30076218-439d-4700-9dda-44f2b86092d3
.go.sonobi.com/ Name: __uin_td
Value: 7ab8afa3-6b9b-4d24-b1ff-11dd1b864152
.contextweb.com/ Name: V
Value: 77qq9NjowdEy
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 89ead83a0c7da6b9
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1cd9|7LJ.0.ca27101e-92a6-4431-be3d-4c81d4005bc5|4is.0.CAESEEKZOC5AjQ4MVuDA8w67MRw
.go.sonobi.com/ Name: __uin_pp
Value: 77qq9NjowdEy
.fg8dgt.com/ Name: tuuid
Value: 903ddf42-6f2f-4986-95f7-7f3a23eebde3
.fg8dgt.com/ Name: c
Value: 1645757343
.fg8dgt.com/ Name: tuuid_lu
Value: 1645757343
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNrIwsDQ3NTYzMDIxMDS0NLMwNxfiM9Qt1C3wcTePcs010zWR4jU0MzE1NzU3NjE2MrYEAP3Vqz00AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFslymtoZmJqbmpubGJsZGwJANFrrvYQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNrIwsDQ3NTYzMDIxMDS0NLMwNxfiM9Qt1C3wcTePcs010zUBAPdXn84lAAAA
.go.sonobi.com/ Name: __uin_zt
Value: 2809753602401196877
.go.sonobi.com/ Name: __uin_bw
Value: bf9fd540-38fe-45ee-94d0-583b2d0001e1
.id5-sync.com/ Name: callback
Value:
.t.sharethis.com/ Name: pxcelBcnLcy
Value: 8
.mediarithmics.com/ Name: mics_vid
Value: 25499385022
.mediarithmics.com/ Name: mics_uaid
Value: web:1:1a19eec5-0a09-43d6-a0fc-9652b8a8445a
.mediarithmics.com/ Name: mics_lts
Value: 1645757344390
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.rubiconproject.com/ Name: audit
Value: 1|hAH8oVQFMnQE3GNEPLOdz3V5yDIFF/FUl6W1tpo85TXRuZ+dvyOZuDwi67XRGijPwF4O2mclPG9YuqoIiPk057iLOlCEhdvdpUOQquMMtPLTHepMkQDqtJNkwu4y6/taTc5gaaihuXs=
.3lift.com/ Name: tluid
Value: 2011980565919883707061
.hawtcelebs.com/ Name: cto_bundle
Value: zILveV9nRmJodHBSJTJCS3gyamZtaDh0SiUyRkwzUk1QVlh5RFg2blY3dUV4T2IxZEtub1FXdzRVSDdUdFJXYWg1azRFM0FVQ1RJeG92NDc3QTl1biUyQnklMkJiZjNkOHJUbFNKbTZobm11ZmMxbVpLcHhPVHFDV0JIRmwwS2M0V2dLMCUyRnNHUXU3dGYlMkJRTGMlMkJQbGtJUXBZWFJpWFFjU1h2dyUzRCUzRA
.hawtcelebs.com/ Name: cto_bidid
Value: RV2IEF9BRDB4VGplNTNTZldIYnBscHFqbEhWUkhIYzZ2d0ZYYmJDWXBzMUdCTjM5UjQlMkZPMDYlMkJ6UFVsckhSaDI4RkhrbE5CRFFEUGVZdFVBOWhqdW5MWWgwMiUyRnppVVJvam5mYkIzTHBpc0tBZTZnMmdIVFRZNWMwV1hvcEFiUjhDU1dHZg
.lijit.com/ Name: ljt_reader
Value: 42990bd4a629a34d2f3d4f6c
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.smaato.net/ Name: SCMp
Value: f60fa51f
.go.sonobi.com/ Name: __uqc
Value: 1
.go.sonobi.com/ Name: __uir_lr
Value: 1
.go.sonobi.com/ Name: __uir_eb
Value: 1
.go.sonobi.com/ Name: __uin_i5
Value: 1
.go.sonobi.com/ Name: __uir_i5
Value: 1
.go.sonobi.com/ Name: __uin_tp
Value: 1
.go.sonobi.com/ Name: __uir_tp
Value: 1
.go.sonobi.com/ Name: __uin_bp
Value: 1
.go.sonobi.com/ Name: __uir_bp
Value: 1
.go.sonobi.com/ Name: __uin_iq
Value: 1
.go.sonobi.com/ Name: __uir_iq
Value: 1
.disqus.com/ Name: zeta-ssp-user-id
Value: 29943829-4a4e-c64a-abea-b5951f7e05e4
.betweendigital.com/ Name: ut
Value: YhhDoAAO1ODBDU5pFQUuu3UDA-070nl6YlOqCg==
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.analytics.yahoo.com/ Name: IDSYNC
Value: "193c~23fe:18wq~23fe:196y~23fe:1776~23fe:187s~23fe:194a~23fe:192w~23fe:192x~23fe"
.ipredictive.com/ Name: cu
Value: 7edfac87-95e5-11ec-b3ae-b9599d422bef|1645757345028
.eqads.com/ Name: EQUser
Value: UID=11d5c148-23ae-4793-be76-6e4bd6cc8aab
.amazon-adsystem.com/ Name: ad-id
Value: A7-pNDMI6ESwt8B_F0dlo3Y
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.creative-serving.com/ Name: c
Value: 1645757345
.creative-serving.com/ Name: tuuid_lu
Value: 1645757345
.creative-serving.com/ Name: tuuid
Value: 3b197b9b-b64b-4ae7-b78b-8422c3052efe
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2595:u=1:x=1:i=1645757345:t=1645843745:v=2:sig=AQHGdR5F72MXZDYpbsHQijdrmxbfMRKU"
.linkedin.com/ Name: li_sugr
Value: 52dab3b8-ab94-4f0e-b4a6-4553c54f47a0
.linkedin.com/ Name: bcookie
Value: "v=2&a4f09386-c38a-44e4-8cb7-7875cafa7452"
.smadex.com/ Name: smxtrack
Value: ff9d08f1-51e1-4cc7-bae6-5e9def1709af
.casalemedia.com/ Name: CMST
Value: YhhDnGIYQ6EA
.rlcdn.com/ Name: rlas3
Value: Sdse8X5QMxit5QM424aqnTDZXmwGhijxxgsRgNs6mww=
.sitescout.com/ Name: _ssuma
Value: eyIyNCI6MTY0NTc1NzM0NTIwNCwiNCI6MTY0NTc1NzM0NTIwNCwiMzkiOjE2NDU3NTczNDUyMDQsIjciOjE2NDU3NTczNDIyMzN9
.ads.pubmatic.com/ Name: KCCH
Value: YES
.intentiq.com/ Name: IQver
Value: 1.9
.go.sonobi.com/ Name: __uin_eb
Value: CAESEG0yHXr103czGl9q0s1-6WI||1
.intentiq.com/ Name: intentIQ
Value: JvhBf1EXKZ
.rlcdn.com/ Name: pxrc
Value: CJ2H4ZAGEgUI6AcQABIFCOhHEAASBgi26gEQBBIGCLrqARAEEgYI/+oBEAESBgi46wEQABIGCIq6KxAA
.w55c.net/ Name: wfivefivec
Value: 7iMcJrQe1NnqFj5
.id5-sync.com/ Name: id5
Value: a826ba28-38c6-45ff-b830-b458b18812e6#1645757344632#3
.w55c.net/ Name: matchcasale
Value: 5
.intentiq.com/ Name: intentIQCDate
Value: 1645757345299
.intentiq.com/ Name: IQSonobiCookieSync
Value: 1645757345299
.adgrx.com/ Name: ADGRX_UID
Value: 7f0b7262-95e5-11ec-87bc-d15aadb7246c
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.casalemedia.com/ Name: CMRUM3
Value: 28621843a1276011d5c148-23ae-4793-be76-6e4bd6cc8aab&27621843a00b40&9c621843a12760aeef2579-0344-4565-86a8-205746520c7f&82621843a12760AAB7gk7EMIcAAH15dBe-JQ&f1621843a005a0&04621843a005a0&2d6218439c05a0CAESEIbJHQZEsFjAxcuDIDt0MwA&03621843a005a0&2e621843a127606237531769661368453&e6621843a02760&29621843a127607f0b7262-95e5-11ec-87bc-d15aadb7246c
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!1346-2!1346-3!1346
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4470016423583563883
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&KRTB&22918-7ab8afa3-6b9b-4d24-b1ff-11dd1b864152&KRTB&23031-7ab8afa3-6b9b-4d24-b1ff-11dd1b864152
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwjK3Y2S7YS8OhAFEhYKB3N2eDl0NTASCwjiuM217YS8OhAFEhUKBmNhc2FsZRILCNrbkbnthLw6EAUSFwoIbGl2ZXJhbXASCwiQkpy57YS8OhAFEhcKCHB1Ym1hdGljEgsIqrHou-2EvDoQBRgBIAEoAjILCKqp6-iDhbw6EAU4AVoIcHVibWF0aWNgAg..
.pubmatic.com/ Name: PugT
Value: 1645757345
.intentiq.com/ Name: IQPubmaticCookieSync
Value: 1645757345480
.intentiq.com/ Name: ASDT
Value: 0
.pubmatic.com/ Name: SyncRTB3
Value: 1646956800%3A220_21_13_54_71%7C1646352000%3A2
.pubmatic.com/ Name: ipc
Value: 0^^2^0
.pubmatic.com/ Name: pi
Value: 0:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 9
.intentiq.com/ Name: IQAppnexusCookieSync
Value: 1645757345519
.gumgum.com/ Name: vst
Value: u_d1200918-54f3-4db6-8fb7-d2080a378e9a
.intentiq.com/ Name: IQOpenxPrimisCookieSync
Value: 1645757345570
.lijit.com/ Name: _ljtrtb_8101
Value: JvhBf1EXKZ
.intentiq.com/ Name: IQSovernCookieSync
Value: 1645757345706
.intentiq.com/ Name: IQadv
Value: 1645757345705
.intentiq.com/ Name: IQSpotXPrimisCookieSync
Value: 1645757345752
.intentiq.com/ Name: IQMediaMathCookieSync
Value: 1645757345792
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMjBfMCZTeVB1NlFaIzIzXzAmU3lQdTZQcCMyNF8wJlN5UHU2TUMjMTAxMzlfMCZTeVB1Nk1wIzE1MTE1XzAmU3lQdTZOZSMxMDE0MF8wJlN5UHU2UkU
.intentiq.com/ Name: IQPData
Value: 95808158#1645757345791#0#1645757345474
.360yield.com/ Name: umeh
Value: !79,0,1707965346,-1
.360yield.com/ Name: um
Value: !79,0E8YYDp8lc.kXuMS839OcfuLaqSjmhdQOxVG1.MWgv5AMGG-utOcfCluPJSmaP85u0nZA892FopInVxe,1653533346
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8310309623818972232
prebid.a-mo.net/ Name: __amc
Value: 8_1645757339_1645757346
.id5-sync.com/ Name: 3pi
Value: 2#1645757343645#-1389750553#6237531769661368453|3#1645757343766#1031115260#30076218-439d-4700-9dda-44f2b86092d3|264#1645757343872#-903485906#7ab8afa3-6b9b-4d24-b1ff-11dd1b864152|136#1645757346326#958282170|10#1645757346593#-1095878054#7441743613700024595|203#1645757345973#1980653362#29812a66-af29-4268-835e-b097cefbdb1c|108#1645757346093#-295110653|429#1645757345527#-375882527|434#1645757345286#-1947477815|18#1645757344511#-1964003445|501#1645757346593#837583849|441#1645757345635#-1425351974|155#1645757344829#-1220543463#AAB7gk7EMIcAAH15dBe-JQ|796#1645757345420#2124339811|124#1645757346202#954060727
.go.sonobi.com/ Name: __uir_i5mm
Value: 1
.go.sonobi.com/ Name: __uin_i5mm
Value: 30076218-439d-4700-9dda-44f2b86092d3
.go.sonobi.com/ Name: HAPLB8S
Value: s8521|YhhDo

22 Console Messages

Source Level URL
Text
network error URL: https://udmserve.net/udm/img.fetch?sid=17047;tid=1;ev=1;dt=8;
Message:
Failed to load resource: the server responded with a status of 412 (Precondition Failed)
security error URL: https://www.hawtcelebs.com/
Message:
Refused to execute script from 'https://d1lax2pddqj38d.cloudfront.net/pix.gif' because its MIME type ('image/gif') is not executable.
security error URL: https://www.hawtcelebs.com/
Message:
Refused to execute script from 'https://d1lax2pddqj38d.cloudfront.net/pix.gif' because its MIME type ('image/gif') is not executable.
security warning URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html#pid=34839&dmpenabled=true&filterDMP=&d=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&gdpr=0&cmpNeeded=false&gdprVer=2&ccpa=1---&country=US&obRecsAbtestAndVars=1011-3146,979-3032,980-3034,981-3036,969-2992
Message:
Mixed Content: The page at 'https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html#pid=34839&dmpenabled=true&filterDMP=&d=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&gdpr=0&cmpNeeded=false&gdprVer=2&ccpa=1---&country=US&obRecsAbtestAndVars=1011-3146,979-3032,980-3034,981-3036,969-2992' was loaded over HTTPS, but requested an insecure element 'http://id.rlcdn.com/711945.gif?cparams=obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://px.powerlinks.com/user/sync/ssps?userId=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0&sourceId=9720221e-17c0-4db1-939f-9b2940f98506&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpowerlinks%26uid%3D%24%7BUSER%7D%26obUid%3DGdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tags.bluekai.com/site/29859?id=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=GdvwEy1L0Y-6oiYhn2iMimvxTs82het7CKbR6MBcz9axV6jF-e63ieRvOpwmtlz0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEMkNJl_YAMpnvszerfkSe7g&google_cver=1&google_push=AYg5qPIkCNbZVnNiGWO28nxF8fLb0x28W-16YtHyjbQQOY4Ns1S9ONGmEyzLZEx136wby5qv1GcWD10Qq_ynZjSpzWTPbI3tf2s
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://pix.impdesk.com/csync/google?google_gid=CAESEAPGKuWuImHVYQWHlsLGcxo&google_cver=1&google_push=AYg5qPK-5J4J7pVIrKmovWn7vWlGTY7Be4NFAR61CM-e7yxeYkBCHDegX0O_mCno1gcsVuqj0JbzhAMfUFt6Jb3xk3pq_ArXXrCP
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AYg5qPJOZF8mvPB2FEBMoLec7TplpDB_ZjEfbPAOKa6djVrAuko5jTTWcx0IYzumrxzm3OcHz67UP_ejou0d73z3chn5XmQbwog
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIFgvUGqYvwl0Kmf_LvFoH65hMn3fyrGj6Nu4kgtTxLT_gkrQLE7gNIv-cX7_NqY36rbfYfQK1FY62rkKREDnMM3D9PC-Y
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI2816Ec0ijRQitaSnQBYcjngKXrY7QljMLCHtIz1o7ZEQvRNMSrC5E7Dit2Ts9c89Bslv9xQIIb8en11ckCNnr7Rs_pp8
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=aHuUDVq4M&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=tHuIY_qfp&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=tHqUD_q4M&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=tHuIYVu4p&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://px.britepool.com/sync?p=sonobi&id=ca27101e-92a6-4431-be3d-4c81d4005bc5&idtype=GOID&r=int.new.t
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://px.britepool.com/sync?p=sonobi&id=ca27101e-92a6-4431-be3d-4c81d4005bc5&idtype=GOID&r=int.new.t
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://px.britepool.com/sync?p=sonobi&id=ca27101e-92a6-4431-be3d-4c81d4005bc5&idtype=GOID&r=int.new.t
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://px.britepool.com/sync?p=sonobi&id=ca27101e-92a6-4431-be3d-4c81d4005bc5&idtype=GOID&r=int.new.t
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://id5-sync.com/c/434/796/3/7.gif?puid=7edfac87-95e5-11ec-b3ae-b9599d422bef&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://sync.1rx.io/usersync/intentiq/0?dspret=1&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%3B1678944572%26rnd%3D-1746455719%26pcid%3D%5BRX_UUID%5D
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dtssrv.com
a.tribalfusion.com
aa.agkn.com
acdn.adnxs.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.us.criteo.com
ads.yieldmo.com
adservice.google.com
aep.mxptint.net
ajax.googleapis.com
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
api.demand.supply
api.intentiq.com
apis.quantcast.mgr.consensu.org
assets.vlitag.com
audex.userreport.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bid.underdog.media
bidder.criteo.com
btlr.sharethrough.com
bttrack.com
c.bing.com
c.cintnetworks.com
c.us1.dyntrk.com
c1.adform.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
c585cb5cf70e9856ddbb319de7c2bb64.safeframe.googlesyndication.com
cat.va.us.criteo.com
cdn-tc.33across.com
cdn.jsdelivr.net
cdn.tynt.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cm.smadex.com
cms-xch-chicago.33across.com
cms-xch.33across.com
cms.quantserve.com
code.createjs.com
confiant-integrations.global.ssl.fastly.net
creativecdn.com
cs.chocolateplatform.com
cs.emxdgt.com
csm.us.criteo.net
d.adroll.com
d.agkn.com
d.turn.com
d1lax2pddqj38d.cloudfront.net
de.tynt.com
dis.criteo.com
dis.eu.criteo.com
dmp.truoptik.com
dp1.33across.com
dp2.33across.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt-secure.videohub.tv
dt.adsafeprotected.com
eb2.3lift.com
edge.udmserve.net
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
g.algbid.app
global.ib-ibi.com
google.partners.tremorhub.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
i.simpli.fi
ib.adnxs.com
ib.mookie1.com
ic.tynt.com
ice.360yield.com
id.a-mx.com
id.geistm.com
id.rlcdn.com
id5-sync.com
idpix.media6degrees.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
ius.ctnsnet.com
live.demand.supply
loadm.exelator.com
loadus.exelator.com
log.outbrainimg.com
m.fg8dgt.com
map.go.affec.tv
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
ml314.com
mug.criteo.com
mv.outbrain.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
p.tvpixel.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pd.sharethis.com
pippio.com
pix.impdesk.com
pix.us.criteo.net
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-us.creativecdn.com
prebid.a-mo.net
prebid.ad.smaato.net
ps.eyeota.net
px.ads.linkedin.com
px.britepool.com
px.powerlinks.com
px.surveywall-api.survata.com
px.vliplatform.com
quantcast.mgr.consensu.org
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rtb.va.us.criteo.com
rtd-tm.everesttech.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s10.histats.com
s4.histats.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
services.vlitag.com
simage2.pubmatic.com
sofia.trustx.org
spl.zeotap.com
ssbsync.smartadserver.com
ssp-sync.criteo.com
ssp.adriver.ru
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-jp.im-apps.net
sync-tm.everesttech.net
sync.1rx.io
sync.adaptv.advertising.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.hgrtb.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.quantumdex.io
sync.search.spotxchange.com
sync.sharethis.com
sync.srv.stackadapt.com
sync.taboola.com
sync.tag.clrstm.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync.tidaltv.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tag.crsspxl.com
tag.vlitag.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tcheck.outbrainimg.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
udmserve.net
um.simpli.fi
um2.eqads.com
underdog.technoratimedia.com
ups.analytics.yahoo.com
us-u.openx.net
useast.quantumdex.io
usermatch.krxd.net
usermatch.targeting.unrulymedia.com
waust.at
whos.amung.us
widget-pixels.outbrain.com
widgets.outbrain.com
wt.rqtrk.eu
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.hawtcelebs.com
x.bidswitch.net
cm.g.doubleclick.net
google2waycm.netmng.com
id5-sync.com
onetag-sys.com
pix.impdesk.com
px.britepool.com
px.powerlinks.com
securepubads.g.doubleclick.net
sync.1rx.io
sync.adaptv.advertising.com
sync.tag.clrstm.com
www.googletagservices.com
104.123.160.80
104.16.108.154
104.18.14.222
104.18.28.199
104.18.99.194
104.244.36.20
104.36.115.109
107.178.246.49
107.178.254.65
13.225.230.103
13.225.230.112
13.225.230.58
13.225.230.63
13.225.230.85
13.225.230.92
13.225.231.199
141.226.224.48
142.250.65.194
142.250.80.2
142.250.80.70
142.250.80.98
142.251.35.162
146.75.30.132
147.75.38.124
15.197.193.217
15.235.42.103
15.254.13.75
150.136.25.38
151.101.129.194
151.101.130.49
151.101.193.108
159.203.161.83
169.44.76.76
172.98.26.125
173.231.178.82
178.250.0.163
178.250.2.131
18.206.84.102
184.29.174.104
184.72.151.10
185.167.164.49
185.184.10.30
185.184.8.65
192.132.33.46
192.35.249.127
192.99.8.28
198.148.27.140
199.127.204.142
199.127.204.162
199.127.207.190
199.187.193.181
199.38.167.128
202.241.208.57
207.198.113.169
216.200.232.249
23.200.197.46
23.200.205.171
23.209.184.224
23.54.68.197
23.54.68.240
23.54.69.74
2600:1400:d::6878:d289
2600:1f18:1c96:4102:9564:adc9:18c4:669c
2600:1f18:4e9:5a07:56c0:bbbc:18e0:97e
2600:1f18:612b:4232:6e00:7b23:6545:3513
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
2600:9000:21ec:4c00:6:44e3:f8c0:93a1
2600:9000:21ec:6a00:1a:609a:6780:93a1
2600:9000:21ec:7200:19:fc2c:a140:93a1
2600:9000:21ec:8600:8:48e:53c0:93a1
2600:9000:21ec:9e00:1b:5138:8a40:93a1
2600:9000:21ec:d400:5:c4ab:c3c0:93a1
2600:9000:21ec:e000:9:46dc:4700:93a1
2606:4700:10::6816:1857
2606:4700:10::6816:2460
2606:4700:10::6816:3ac7
2606:4700:10::ac43:15e3
2606:4700:20::681a:bd1
2606:4700:20::ac43:4739
2606:4700:3030::6815:5286
2606:4700:3031::6815:29fd
2606:4700:3032::ac43:dc33
2606:4700:3034::6815:3bda
2606:4700::6810:125e
2606:4700::6810:5814
2606:4700::6810:8516
2606:4700::6810:8616
2606:4700::6812:b4f
2606:4700::6812:d05
2607:f8b0:4006:806::2002
2607:f8b0:4006:808::2004
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::2008
2607:f8b0:4006:816::2003
2607:f8b0:4006:816::2006
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81f::2001
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::200e
2607:f8b0:4006:822::200a
2607:f8b0:4023:1407::9c
2620:100:a001::12
2620:100:a001::3
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:2d66:77a6:9085:a5fa
2620:1ec:21::14
2620:1ec:c11::200
3.135.27.102
3.15.117.250
3.220.13.84
3.222.216.235
3.233.247.233
3.234.149.51
34.102.128.115
34.102.163.6
34.117.239.71
34.192.182.23
34.194.11.208
34.206.33.80
34.225.229.107
34.231.139.54
34.231.251.31
34.232.140.51
34.235.189.191
34.235.23.231
34.237.228.240
34.237.23.137
34.98.64.218
35.168.167.24
35.172.145.162
35.186.193.173
35.190.60.146
35.207.24.140
35.211.141.197
35.211.168.6
35.211.178.172
35.212.101.174
35.227.252.103
35.75.69.76
38.67.14.224
40.71.11.141
44.200.208.73
46.105.201.240
50.16.197.56
51.195.5.40
51.210.112.63
51.222.239.230
51.81.106.33
51.89.99.21
52.0.156.250
52.0.47.207
52.204.71.133
52.223.22.214
52.4.173.16
52.4.33.45
52.44.71.104
52.45.17.150
52.46.130.91
52.5.237.191
52.54.192.111
52.54.42.45
52.7.51.190
54.175.156.64
54.175.87.114
54.208.89.215
54.211.80.174
54.242.17.112
63.251.86.51
64.58.232.176
64.58.232.180
64.74.236.255
67.202.105.22
67.202.105.32
67.202.105.34
67.202.114.216
68.67.160.75
68.67.179.77
68.71.249.118
68.71.249.120
69.166.1.10
69.166.1.14
69.173.151.100
69.175.41.2
70.42.32.255
74.119.119.137
74.119.119.139
74.119.119.147
74.119.119.149
74.119.119.150
74.119.119.73
75.101.138.186
75.126.248.142
8.28.7.81
8.28.7.82
8.28.7.83
8.28.7.84
81.222.128.213
85.114.159.118
96.46.186.58
003fe1e5721db2378684c3ad4427a62b122c2db56c75b9a9b1195e277e8759a8
01184142bd448fc5c7962728b0053d4795c5eb72f6b4c854ab7c9dfbfb319da4
025d769928013f2d6dd69361ff063c9ca4c97c665668f6ed648f075f6744f563
0268bdf254f22580db4e1006474490a0ed11ed3ed2cdb1766208dd2442e07f97
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
057b46b923fe2c30b7bd7a95a6e4657ab35cbb65e0e29705de4c13083feb83de
08d4352bd02372945b0f136fc7e74fa16b7ce58917efbf32d14cb2b08117c58a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b2f1186fbef585443e2da57208e35cfd5a33f2de348c1497feec9254ca89d8e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d676790cf5fb78e031970275c9ec7e5e6a9ded28edd02912aa8535840328186
0e756ddc6ac2b4a00722515c9b196ee2a54c133e943d79e63e65f42246016316
0fc26ea4aefdfbd9636c22d488077a4293d2fa18709a59393a8e794cc3502567
10f373948ecfb1642e618875cf238afe2581ac01d258e1aaef62dc07f68ff1ba
11bb6ccb94530e57cc55a82036ad324682ecd5172e024026b7ab7336c91ed8b5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12baaeaeecc5d3518b5bebdd485ab41ee2de3df67cbfa5ae1b247ee87d9a0b28
132f6f99161078b324db7e1a8dc10bc0d7d40bcb8b287061ad91be3fd26bc7df
1681632d10d8b70e502c225e03410825bdf5a8c7156f732e7714b4f21a0285a0
18dca001263e5923222e8d0c27d49707d7c67e77ef6f7d4e0b66a289cb410d33
1906e14813a7744806810f2c7c6d2eb20be6c4dd90740620c5edd6b5120cd81f
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
192737645ce9eab86792449246c308223a4c13d17f4547a6c3b4c9da95122a7c
192d72042d251a1635bef0af51fe4d9a83be4344e68828894d3da538143af358
1a84cc78ae16d15b4f0cc3f5e1b22e2559bae78dd758b8bf5b41d72cae82db13
1d706d25e236ad9a2a39f53eaf7308ca57eccd735cb47713211f497b699bb0f9
1ea50329b826918b0b803777e2f5ac48a3570aa1f9c06bc92b6a1731ae37654a
1fc6bd2cd5e03ca064dccb50755a42f5d96c748b69bf7ffa6f36678035963665
207d33ad1bb56e5f179915ff897171b23f1f9dd516bc9f68a7acce263b6a8105
22059bd6a4ef367203dac63da10273128555834feca1a1df0478ceba110ccbdb
230d953d50f7e476beb0613a6bd290cda73b8535ac5eaaf59da68f7ec12cff9d
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
247b753903869ca58a33b5c01bc49f8a9bd34fb5aa7e3d723f6e2afd1b0f764d
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
24a1e3dd3df6866d30dbee6157662083348fddd29f15af7e6f783993f1fbcf97
24a5dd0b54c65548d322ceb3ba5e3e6715024a9bad53e499a0e4471c1674b516
24b4da193b43c5afe56b614b7402217c899214a41913b965526d5c48ad92d3f5
2612f99fcc82f68d2c0db67b389ad59c7e25d28e5c7865118724bb0da519f1b3
263784c8820f2898fd08329c1d79455e3f002e3bcbc784a9c660820fd14b91fe
26b5c05dbb5651b80ab891a5f3add9795c4849cd099b8810e4b43137765967f0
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aac9128011dfa99ac7de74f4488e50e7065d6b5502d88b8fd457a301c09defc
2b2051c1290e79e112a6a529a27908bded312d845bc47062cdcc19c2d2903623
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2df1774b914f693bf7ac7cddd1906a98169b8bbbcdeb8aaa5e342aa288e0dbf2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
31bf822302ba5c241966cbdf23c8e904c3fc8c4cf20758032774b8ffe8e1d69a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
333f5a7ad18821c2a9bc2a8c417ef08a4d289e0663e2730888410ad402abe209
35530b21c29b86afd82885ca3ea2152eb41eeb8e15c953bb2dd3cf3460e2fef5
355f9b0997c5d1bca360123f798901902ded01a43d30dcf40e2843b7298fb73e
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37bd89d0776acdb8565abd79559d140909e68570f7d74a6f0141d21aed4122f4
37c255a0628193f10f71160fb15c6c7f75410799cc3fc5385c4ce2e3d91a02da
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a368dc54294b94b6a16f9ac2c5fad6eea42a6dfc7f0dd9879f75302e0f79365
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3c95abcc3b3b083dba8c06e98b890c137477b47fc38da3f2146f712877f4af29
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
3e31aa0ee8ca4361c0674619afabed0e76686039c28ee7ed4c9df9da684a3269
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f69909b1bc1aa617b67bb7a6bfd779d73c290b15e6d8f7f03af5bcefdf19634
3facad7b835ccdaa4cbc049170426ef72d0d42fb306c771a188666adedb1c6d6
3fb666be8468c624a000211deaf926619b087012bead05fb392ddf10ccc75c25
411b26fc8c8b012090d9bb1b588eea09222161f8970186de37af16fce1ab1bb4
412f1a773291ff4ddce3d85be4506ddfbfdb2164db98763402cf2383b2c81b3e
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
4405c6c0ca03f8c68da38374caeb5f02e746e05512ab291a05535a517ec8c24a
4480f1d4169526319c669c76e67c78cffcdbb3752ec0b458d3b21287d9899cf2
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff
463d7ba54dcd6fb08d1cafa7e420401aeeeb269950986521c3605e0ec6dfc318
468fac737e9504e7210cf361e91fa992ff09eb1655aab7ab0b22164d5f59b50b
46989820a9b0643099415ba7b00bd0e2e48ba06142c0b5ab3035818c2b303e0f
469d953c65e1bf38ed83e7bb78b96b63f7e55799fe268ce1c69bff7b7eff1370
476b8bd92da4ab5f936b1dc45207430b16a89cda7fcd8eea5eae093bad3df518
47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d
47fa00d91b7ca51769e6203d9ce9482ec8b5d0b63195aa41f765635dfbc9556b
484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f25d779fb9ba0d1c4882c6a8c6ea3f1afd2a89c409b756af3cc5b9f5431aab
4af3eb81151bd55414c67ecc463dc62bf30ca07d457c4b278c5769f111cd8212
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5e8c9a2b1e57c126a12c3540c162f1c437b2dd04fcc2e4c7eb98ce9420a6e5
4bb0795451923bc988ee4964fe3913874d542f2469d55b592c663fd4ac71f61a
4c0088d08089d4ecfd95333d9db3b56ac6a3b9af2374e083680b39391f7a75ca
4d03c1f5e6992de9fcb07e22533b40366b45a89a0e3feaeecd3cbda06dafcf7a
4db1bc967bdc6a4e8ecbb89688f12a05249d6ef3006aaf4799a73ef88e51c914
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9c7d1ecf6a109445a6328d5d1dd4511e9fa995826e51832a0686d929e89cf9
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f3eef437b7ad64e0f392f0b35600e1224333ec88b1f8256687cc42aec74c523
4fbe3612b54320564932d7931b28a631ebc2027d07ad4d886a527aabb776a2f8
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
510fb058fcdad3f92be54dba28f7aab43763c46965dc12688d3687884bf01ad1
5246c86891c9f4f25899166508bcc4ce4adeee9743904e7283435ce6e527cd13
52cb0579aa8d6cc463345ad546c476fe3cc5060cbf109e650374df9361b1fcfa
52ef4b4884819470da9d791a8c60d8038f7743b03270cd54b580c046e74f0f90
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
5390f6455a99d4f463557077d0d8d6fde198f1ddf1b40117409bc9ddbe764764
5434f7c8bbb416456a6b83aeae208e0c53e21610004eec20730bd4fc3b2b8dbd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54bd9e1ff75e928d885b41f680efd1ebf427f1ab716ef054b3dab9741b8e8d99
54e2eb1b4ffe49e2c4bd426f56c7c2abad8eda2341936ce4b36462bd12a2275f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30
56275d6f348c93a8cbd4e39347d343252f39f7a9f2ef157d47d120ddb68059d8
5640e2177d8a24c6aef1d923c981591689205237b9c2fcba5215d10aa7bcf52e
56c68827019efb394d55cd30c097ba6364e2fbacd7fa056ea11ea7271d65a911
57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1
5a5677be6ebe919690106285297150130ee0bdab924ca59ce86d2e1f049173e0
5adf9d2de11133d77aee364c852880035d649b790bc8a84a62ef6ad371b2bc54
5b571d25d3df8cf39b61b15c3a1d5f897fad2bbe0d2ada8e44bd7807f62cca6a
5ba684c3a6ccbf316d0ad92784045b47080968a760cd002a2e74617d4d248abe
5c4f5642ea3a5cac37fcecd31bcbaecd601a8648935cb2ae66849404c96a9a8a
5cf57772a6f7b1e32e35700efe1306f39366cd113e893b260522c435ca5007c4
5d59625b6564d07e0b7bb8808f2273a0f930a1cbbe622ad9b4eb911abdb56ef5
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
606a9309dd79ad9faf0258124e84058d10c8f02a6ef63bd3f22be385f177371f
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
651fa87b8ab0da2e4d72b3a97116502b1d0256585e8c98d2d49e7022215a6ac2
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6a3aa081cdedc9aef146ec566607da90f7bb8583a12f1481eb0080770596c1bb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bdd1f14160340930bc96774735b7a8a3ae8c3ab643499197da3b37369ec0337
6c5bd7ee4d30c555623fbb05f2efd93e9c409947b2065d71145bc0a9ddd31c78
6dea75c27caf7f840cb8d3f2351fe63e64fdaa32e22c4558707d8e3c0aa40940
6e8bc3348456622ebc3c1e7054b22f8e3cb0b5a434bfcd0d28f383473adf7e53
6ea1d8840e0deed4691db10ead8a65c2b4aa2a973b96b50b2d8fdc16a4e57ee8
6eabd624454c044535e3af31feea7527234b6824d0049f501d72ad689f4a48ba
6f5a1a91759e326c97c93404cd3f5f1daa4a7774d16030ad42c5ffecee866064
6fed4c18fc23b54981febcdc481a9847156212cabc4b474319469c8f67306c33
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
706f2631e614932c3bf65293ed1269463b8f9f015ffb867a4b8e0e94488270b9
747e8f5454d77ac3ee2339c3490cb7b805d59d7fedd4cc0682ae6ed9c33b7d25
769ca0a693816fda29a9e76c22f42477152cc225b52b3d428e24361edf576a92
76b09c4f8ddd9471e2e90addea0d72813e46b9f4a07e5d38b74754e91b0893cc
779e0c867c12f0b42192a9cb20cd5e521adbd1b8e2f8d5540708fc315884ad59
78316f15607c6aa845705239e2cfbfe9a39fda3f07a8d95aa97fce03766bc66d
79d50455fb41645b17b895b04c9cbfc9deb7fc5bedadf9b123423620fad7fa1d
7adc442528a6c3939e202a7f679dbafe0421fcac16641ac64ac4d77ca0249d2e
7b022209dca27cb6ddb86db6084e55463be926e659da9af7ca963cc62b90ee62
7c2c45f07e0680217b1741538f47f5a1e7e55c896cd125f08a1f6f1d5ad0ed1e
7f39b006732abf14e1ddcb4217c813b7f41cd61644760248450ba9810d5c9793
7feaa31da22db594a3f00a8f7f9bedab591564d7256f7c433e59de021dac1a09
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8
80e20f9fa108fff83d062151bd23340ce638f22b905035a4d15f06b3bb9e8396
8158f7ccac9c62b29936e0283340fe35c276524fc7a9b34300000f6b8689b9f8
82f1c93b68dd6999a6ac15e361596832820b59575623b8497928f66d98e172c9
8321491ca30f3dd333cccaff3e07de40f4a7ae05720f4a201efc320213b42585
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84bc4b4e83d00a23ad6e7f8f9dc85067b7503c0a00814e02b02a20b3b0c8ddd6
84eff49a5e13a18f054ee34ae8ce5f72ed1f05736e178e30996234c9c9e1179f
85dce6f3ea3e30168330db951dc0ef20ec01e265b861b5119edf54c95dde133f
860292101cb186d5f504d95f016f5ba9d06ed4ef6b5b79440bd4910034422dfa
87b3beae1d08bf029d04938bc1d76c7870d450fd75609a85dfafd761cd472047
87cc521960c98ca00b8a9ad5408d876a1fe89b55cba2eb28ee70aa71800bc852
87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f
88a1c45bf18eb251b2cc58cd55a9a08e409a733f304e547504531fd0caf9b78b
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
893fe88916b97ff128be77172f1d98584149f02521b87cf8a844585c192e3ac4
897b6f63b4b66a9edfa91332ebdf4a672d48964df9807f1ab190b30a9a84d46f
8a2a95a3a1132f723ce3e0491f8ffff068d48e038449074b52494e552e894996
8b861f7dd6e80631402683bc5ace0a954732c75b64c89101af77e6b43f820938
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8d1c0ec7acf4c4ccb5e5a60958f13067dd6e182ae6afd7c787875e08f8fea61f
8d83315ecdfd92792644084ad370ade20f656aea95e58ab50e9660d1042836ef
8df25f0d892f60ae4d054d25d5b87510af3b25bfc663ab0a245b91e7aab5f00f
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8eeb516fff35cd38e387caaa02b71ccb530653e6a46b3bf9053d1cdf63b39be4
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90c8d20c1bb5bdaa36bb11c97802fc356f47880dc413ae6617955af506d625bf
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90fc81396adf6dfc8986fbda88dfe4f013815a5b22741d9a529e8a8ead5d9122
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
940f54fdb941b3e27ef9018b002812c482905f86d24a676d0dba4126b9c336b5
967ff8234f92c23a8b49e563a7d6d737634ab5c62b1f227505bd59147a8d3370
97299033768eedf6439d2cc8c33935b8e17770a77ead11300385c295757c9878
97d01c338afc5de5d5cb0da15bc24435071c1461aff74001b1ce6c87fc1c0d48
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99102e527161666787f96e02feaaf9416de6b06d3fcea9635c500ef4662d238b
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da34d6db71214689ca95a9a96f749837b12210ada3ee189f6c3be3b39e28831
9ea8618309c215bd7f95d8c07891c60bcc36fe0b4262a4a1f323ae3ab8ecffbb
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0575405af6392e4d5b391c9f11f700ffc520249f359115f394d655365038249
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09f521afaf104ed92c1a53a22d15e158bb285c2c30c92492b0395fa622abf24
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2b6e9743b07c6351f5da42a7ed88775f323fe8778669226bd48b4ed50639ba4
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2fb8432db997e3cc839797f5f5a3b6c7d27874c4bbab47720cebc452612b75a
a360ecb5f4288cf1c5d9e25b4b5182e4f8cbb9f5caeea43fa01d599353a39d18
a3ebe73966009358e251fa2798f258d2412eb82fdb3a674959dbf88f716dd4db
a40dcd59c23d9ed6f0fbaeefeb57c78543b487ad93c49f5f74b89dd85b0ea278
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a686eacf277c26d7f8dc7905369a528dcef9854b9f9720403732858ab1fe3394
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac7f5848ea945363f6a99e872edbe5efa92dd432372c2bd68a21d4db4f269f7e
ac8660ef62df853fe62a0fdb8d6de04d17a77e117b958f42fb1ac84afd01f5c6
ad647311ca1eaf1b41cd67d8aeca69f56fc0fa04db1fa9b1ebf7f2eef778b21f
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ada1bda531825e62f337a98c89ee48f3449519da438cab9e5e34106dc9281567
ae61b606eb5dd139b7dbc2ad1da5f212e512749eba8761812413eebba6964ffc
af0d6570462dee3c3937e8694b2ee98ea78313219976105080e94680c29769ad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20e967dc5a139573689b5cf6c4a2d2f733ac9df0fd1ee8628e6b2afe7463186
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b25a41c8c7387e1247905dadf132ba889966e5bda993383b3f8a197382725db3
b3cdc3fe056e5aa4571475a45f63d5fe335a36b2d4484ec5985073d70d8a1d36
b4c2e8507e2694c27fc2752d9e9b04dafb32d4801079a35c008b5eacaaa58746
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5e54483757344e3e1469f45085bcc3020ecc71d582814036e93f7c7c0004a8f
b62365c0d36597d3ddf6ba9fe48cb933adf7a74ba5cc2af31f20b3cd3f15f3c8
b716147e40d4ace2c98895e898a4ce515351e63ca46ca398f7bfbfb5e097d8b4
b7780c61ad3d8d97d2ab64030f3a01d8ac5526d3ac97d5b0844d31fa71d248af
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
b92ed3e8a22e65fa711ac55c83848ae533df01fe8fe7ce2962fa0b1d273ccf0d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bee4c3ddceefb6558b86e3d6bbe40326f6d67e1b0b535eb6949d570e7630d82d
bf206364946a4616580cc7f337c0ca73dd6a5931cdc0cf40ae19f3e6a9656723
bf557425d76a8c36ddb621c3de7eb8dd392709ab6f9352b4fb97ae380cb78adc
bfb8ddacb385f77245c45479c011cda6461acf9b8120c22272b2a85a30236e84
c0372c58d2c88c2c3829721f2efa381e47d42bd26588518d8b3b511e3054ea07
c0d359c334d919eb0668391767afad8a0541ae7611abadb6a747139fec696772
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c35fdfa12e76321b4372314212042bee37767b89031de960c560edcc503210d5
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c5259bf726cb69d7641061c02b78cb3da55eace8db93db647ebc045d29658894
c5f5fafca53e303f739660340b7354ea21f79ccb6f80aed85f4110c941b6cfc9
c68383395f4281743e04802b24c0499e6fc64c619594031ec21325ec37fce1e1
c71836e496cea21e62913e290e1eeed1bfa8db67224abb9efdc0bbc429a6e6ba
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c940fee5ad39ea1df9b32e3a42c2a73157198909a490c41413c734be32f0dd43
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb1b0fbd50893436b9f828e9f59889251ff1db3e1bea245eb7edbef92e782471
cb5380d5cf0041e12131d97258579a1e59969addc8517238b8b740341e5dc1c5
cbbeec3bfdd40ed567ef26d75f3ee78c30587f92cf7c74e48bfa8c1c00bc9061
cc1b644a8ca7fded7102c08769c4a29153449f9dc09f74641d3c7e4df331b441
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc50d017b2657878ca200cfbdf8ad6ddcdfd1021b0cf19d97c9fb231eec0aabb
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cffc842301d314eab58f64893ef5022bc06e049663afc5ae0601b10ddcf4bb3b
d01b96b00c5d72c6a073dcaa77c780ab3809f4f346f9f77885f4a505104948e2
d02ef976173571be5f9d80cb37b58ee1c4ab7996c750ba0e240a8b54a19f9235
d11bf5cc02f893e5237c37c2716f2abfa60e35efb82365d185c078412409585c
d35ad7e0d90d38d02b3d452c432f340cc0598bc1032d319d5734470e7940ff7a
d370a3b37db400bbf8bca4a06984faecc92fd6315e2564650cc8a721b7468175
d42ee807ae5886e1e6dd351d4e32c2dfe003a4269bb7f3b2e56186c50b750802
d58cd320359d9912232cb2eef4041839394c9adcd04ac18fc3ca28caf8cca131
d693011b73bd4873129478bd4739611deeb73fc078e1b419671ca79bed7f43c4
d6b315727c7ca179e83f91c70a5691dccaa1917e49e10faac6515a97f4eac966
d6ca34068fded7fe5f27047164904bcaf45f770abab14ee45dda46aa3100732c
d758262688541e6be8fa2cf7642a98d10144c7d6ccfdcd19c97abf2bc8438102
d8036fe1aa7adbbbfaac2b6a01d844f49920cefe46389aab3ac96c4693942aa8
d82df15c6dbe055882c352762028cc45545f4653192b7c86efe57a21e90d863e
d8a4d03963f128adb61e3553d091ab804a10fc3477fb2edca0d9bf53e5358fed
da500ec2008ab632bd5aea53d6c62985bcff19e023c8af78b291f37277aeceb6
db616b4210e0a45a9441e6e6dbfbe89c7fb3ea008dba7a618b95192aa0c65fe9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dfa24bf824da5e2c4415e7b7439bc3f0d05dbabdd2d80e78a2f1a7e7163a422e
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1207a4d156683fd431cf6cd411535e987fdb958521cd64d79c4a090b601f3b0
e1eca7a212692e78f663eec7d8d30fc5036e2b9497d1037ec17945edcdf26354
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e62c8cb8e72a6aa65e3a3d7fd870a62373226198186f550a9244cc3c6f62f35f
e943af10f0de1f5faffa08607edd9558d23399c01e1e1a33bb6a2e749a087787
e9a4a6c168c4fb144ff9ee620cac43878f8c6ba4df69ba01167210830fac9333
e9a6670ddeb3602d1bd5fbd434301dba16561976962a89a3c87c7c42a8c1cc33
eb2aa20b06bfd0165c28aaca2544cecfab90b4ca313ae96a885a92985857b414
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec5c15bcce3689169684ad88b997195f706da910b05edb47e36d963f7a0fe848
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ecfda9b25bf900a62c35614dee02d67d30e3a1b01da0c3226bf2cfefa9518837
ed32d7e02ff9ac490a517398da4808e389f81e47f62d316b8655ea23f306fc99
ed359e7e121052e7c03e4122f563ec4bbd81b442e366cc14cd23402dc6a1c65e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8aaa51fcc731cbbbae6287786eda9b90a203875473d666f66a341897d208a5
f1346360729e77380edf8f17fa421b76452289ae1b5f4be290b19c4d204e9587
f1be1de76b984abf298b3b55533b792aeb4476054db9ed3ffeff8c62cc990565
f27f2c5ef2235f3ebd92d86975e320bee43b6ae2b42a6be0cc8d2bd949aa7a80
f2deb614d60a5b4e871743a58a4d5d548fef538924a85cf05a67e5cd136a7028
f318891ad6648851cb87f3ef1fc175493ba8d2f22cfece9de64618c7520c7c8b
f328f4ae2fe983386843cc07db0af78c5fe9fa5ae67812f80062d5baa0e61047
f404bc24d3c7e2e7d810748a74672c6ebfbb16c07ea6df813ebd0240a74f1026
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
f4f4eb3b98700098e9662e25c2311381f17972a94b26b6b10049f10a6b5ac79a
f56e1e6ea6924b9fdcefd2093d524d6eab28197f8dcbb8146f17e3afad0d9f28
f58a4cb0962b0485bd2fc3d4f9d8435fc2ec7c1dfd2cd9e8953c17fce0e6d65b
f64fc7b1420b65cc4820a5fa115d93ffdfe6eb471cc27811806df52dcc52afc2
f6932f7d9db43ef1db08135a224fe9a14f6dc9724fcb52ae9fd8b1ab0f8d2bf5
f867f9dec1dd7c5e338e024001d9de4e7f25cbdb033358e0f11994d11ca472ad
f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427
f966917b5ee6a4cb021842cc04c5bf8ae2e4ad1749fc8b6d6725c8f31b824a3c
fab84463f40478d11b071cba07955a5cc7c055ec69fb38bbfddc19b0ef991394
fb5e6972093528062f04eb872f472b42c8bdd5538af4d5127fa06f1e79c6bf60
fb8ae618006941b6b9f90f644b3fffa993586c2ceb817a5fab715a0a7b543c47
fbc68ddd439c5979020b7b0938066d6c0b34e98b3a8503d7e95fe67775bc36b7
fe4ac64ff8960ad51a9d8fec5f438009921f3540bb657d59c4b8df9499675771
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e