www.celebzz.com Open in urlscan Pro
2606:4700:3031::ac43:c8b2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale.
Effective URL:
http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Submission: On July 08 via api (July 8th 2021, 3:38:01 pm UTC) from US

Summary HTTP 346 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 74 IPs in 9 countries across 66 domains to perform 346 HTTP transactions. The main IP is 2606:4700:3031::ac43:c8b2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.celebzz.com.

This is the only time www.celebzz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 34	2606:4700:303... 2606:4700:3031::ac43:c8b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.48.65.153 37.48.65.153	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:e400:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:eee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	51.195.131.226 51.195.131.226	16276 (OVH) (OVH)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ab::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:20:... 2606:4700:20::ac43:4739	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700::68... 2606:4700::6812:e13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:6400:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
1 6	2606:4700:303... 2606:4700:3032::ac43:d513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	52.29.0.64 52.29.0.64	16509 (AMAZON-02) (AMAZON-02)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
3	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::ac43:4597	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	67.202.94.93 67.202.94.93	32748 (STEADFAST) (STEADFAST)
1	192.99.0.58 192.99.0.58	16276 (OVH) (OVH)
18	2606:4700:20:... 2606:4700:20::681a:fee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
3	2a02:fa8:8806... 2a02:fa8:8806:16::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 7	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
5	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
10	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
5	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
5 60	2606:4700:20:... 2606:4700:20::681a:34e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.29.213.60 52.29.213.60	16509 (AMAZON-02) (AMAZON-02)
6	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
2 2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	68.67.179.90 68.67.179.90	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2606:4700:303... 2606:4700:3036::ac43:998d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
2 6	185.29.133.52 185.29.133.52	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	46.4.10.47 46.4.10.47	24940 (HETZNER-AS) (HETZNER-AS)
1 5	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
2	51.75.147.170 51.75.147.170	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
3	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
30 30	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
15 16	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
10	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
10 10	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
6 6	35.171.130.4 35.171.130.4	14618 (AMAZON-AES) (AMAZON-AES)
10 10	52.28.254.214 52.28.254.214	16509 (AMAZON-02) (AMAZON-02)
5	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
10 37	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
5	67.202.110.21 67.202.110.21	32748 (STEADFAST) (STEADFAST)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
10 10	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
5 10	52.94.232.32 52.94.232.32	16509 (AMAZON-02) (AMAZON-02)
5	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
3 3	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
1	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
2 2	91.228.74.226 91.228.74.226	16509 (AMAZON-02) (AMAZON-02)
1	52.30.135.179 52.30.135.179	16509 (AMAZON-02) (AMAZON-02)
2 4	54.204.142.198 54.204.142.198	14618 (AMAZON-AES) (AMAZON-AES)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
1	52.45.128.104 52.45.128.104	14618 (AMAZON-AES) (AMAZON-AES)
4 4	51.178.20.139 51.178.20.139	16276 (OVH) (OVH)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	3.120.242.149 3.120.242.149	16509 (AMAZON-02) (AMAZON-02)
2 3	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
346	74

34 2606:4700:3031::ac43:c8b2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.celebzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.48.65.153 (Den Helder, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

celebs.gallery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:e400:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

w.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:eee (United States)

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.195.131.226 (France)

ASN16276 (OVH, FR)
PTR: ip226.ip-51-195-131.eu

hosupshunk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e13 (United States)

ASN13335 (CLOUDFLARENET, US)

ad.impactify.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dvr.impactify.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:6400:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3032::ac43:d513 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mahimeta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adserve.mahimeta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.0.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4597 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.93 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.0.58 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns500326.ip-192-99-0.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:20::681a:fee (United States)

ASN13335 (CLOUDFLARENET, US)

assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:16::1460 (United States)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 5.178.65.246 (Woerden, Netherlands) 2 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 2606:4700:20::681a:34e (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.213.60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-213-60.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 68.67.179.90 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

nym1-ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::ac43:998d (United States)

ASN13335 (CLOUDFLARENET, US)

quantumsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.238.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.29.133.52 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.4.10.47 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

hal90002.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.84.245 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal900025.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.147.170 (France)

ASN16276 (OVH, FR)

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

cdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 185.33.221.53 (Amsterdam, Netherlands) 30 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 3.126.56.137 (Frankfurt am Main, Germany) 15 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.52.2.30 (United States) 10 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.171.130.4 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.28.254.214 (Frankfurt am Main, Germany) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-254-214.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2.18.234.21 (Frankfurt am Main, Germany) 10 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.202.110.21 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-110.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.184.194 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.94.232.32 (Ashburn, United States) 5 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.253.128.188 (Amsterdam, Netherlands) 3 redirects

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.226 (United Kingdom) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.135.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-135-179.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.204.142.198 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.128.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.178.20.139 (France) 4 redirects

ASN16276 (OVH, FR)

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.242.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	quantumdex.io 5 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	34 KB
37	casalemedia.com 10 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	41 KB
34	celebzz.com 1 redirects www.celebzz.com	281 KB
30	adnxs.com 30 redirects ib.adnxs.com	27 KB
29	adnxs-simple.com ib.adnxs-simple.com nym1-ib.adnxs-simple.com cdn.adnxs-simple.com	130 KB
23	vlitag.com services.vlitag.com tag.vlitag.com assets.vlitag.com stats.vlitag.com	483 KB
21	doubleclick.net 10 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	175 KB
17	yahoo.com 15 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	14 KB
16	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	251 KB
12	redintelligence.net 2 redirects hal9000.redintelligence.net hal90002.redintelligence.net hal900025.redintelligence.net	15 KB
10	amazon-adsystem.com 5 redirects s.amazon-adsystem.com	5 KB
10	advertising.com 10 redirects pixel.advertising.com	3 KB
10	lijit.com 10 redirects ap.lijit.com	5 KB
10	sonobi.com sync.go.sonobi.com	5 KB
8	mathtag.com 2 redirects tags.mathtag.com pixel.mathtag.com	4 KB
8	google-analytics.com www.google-analytics.com	39 KB
7	criteo.com bidder.criteo.com gum.criteo.com	2 KB
7	e-planning.net 2 redirects ads.us.e-planning.net	3 KB
6	pubmatic.com ads.pubmatic.com image6.pubmatic.com	27 KB
6	advangelists.com 6 redirects nep.advangelists.com	1 KB
6	mahimeta.com 1 redirects mahimeta.com adserve.mahimeta.com	23 KB
5	adsrvr.org match.adsrvr.org	1 KB
5	33across.com ssc-cms.33across.com	12 KB
5	onetag-sys.com onetag-sys.com	4 KB
5	a-mo.net prebid.a-mo.net	1 KB
5	creativecdn.com prebid-eu.creativecdn.com	880 B
4	dyntrk.com 4 redirects gu.dyntrk.com	2 KB
4	eqads.com 2 redirects um2.eqads.com	1 KB
4	googletagservices.com www.googletagservices.com	115 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	simpli.fi 3 redirects um.simpli.fi	2 KB
3	quantumsyndication.com quantumsyndication.com	1 KB
3	cloudflare.com ajax.cloudflare.com	13 KB
3	facebook.com 2 redirects web.facebook.com www.facebook.com	623 B
3	sharethrough.com btlr.sharethrough.com	340 B
3	dotomi.com web.hb.ad.cpe.dotomi.com	1 KB
3	google.com 1 redirects adservice.google.com www.google.com	1 KB
3	gstatic.com fonts.gstatic.com	45 KB
3	impactify.io ad.impactify.io dvr.impactify.io	75 KB
3	sharethis.com w.sharethis.com l.sharethis.com	9 KB
3	googleapis.com fonts.googleapis.com imasdk.googleapis.com ajax.googleapis.com	150 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	66 KB
2	quantserve.com 2 redirects pixel.quantserve.com	1022 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	645 B
2	criteo.net static.criteo.net	52 KB
2	contentspread.net cdn.contentspread.net	135 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
2	facebook.net connect.facebook.net	70 KB
2	hosupshunk.com hosupshunk.com
1	bidswitch.net x.bidswitch.net	147 B
1	adentifi.com rtb.adentifi.com	88 B
1	deepintent.com match.deepintent.com	45 B
1	demdex.net dpm.demdex.net
1	adform.net c1.adform.net	332 B
1	rfihub.com 1 redirects p.rfihub.com	777 B
1	googletagmanager.com www.googletagmanager.com	36 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	amung.us whos.amung.us	213 B
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	659 B
1	lockerdome.com lockerdome.com	2 KB
1	lockerdomecdn.com cdn2.lockerdomecdn.com	3 KB
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	waust.at waust.at	8 KB
1	aniview.com tg1.aniview.com	542 B
1	celebs.gallery celebs.gallery
346	66

	Domain	Requested by
50	sync.quantumdex.io	assets.vlitag.com sync.quantumdex.io ssum-sec.casalemedia.com
34	www.celebzz.com	1 redirects www.celebzz.com
30	ib.adnxs.com	30 redirects
22	dsum-sec.casalemedia.com	5 redirects ssum-sec.casalemedia.com um2.eqads.com
16	ups.analytics.yahoo.com	15 redirects ssum-sec.casalemedia.com
16	nym1-ib.adnxs-simple.com	ajax.cloudflare.com cdn.adnxs-simple.com nym1-ib.adnxs-simple.com
15	ssum-sec.casalemedia.com	5 redirects sync.quantumdex.io ssum-sec.casalemedia.com
13	assets.vlitag.com	tag.vlitag.com www.celebzz.com assets.vlitag.com ajax.cloudflare.com
10	s.amazon-adsystem.com	5 redirects ssum-sec.casalemedia.com
10	cm.g.doubleclick.net	10 redirects
10	pixel.advertising.com	10 redirects
10	ap.lijit.com	10 redirects
10	sync.go.sonobi.com	sync.quantumdex.io
10	ib.adnxs-simple.com	assets.vlitag.com
9	pagead2.googlesyndication.com	www.celebzz.com pagead2.googlesyndication.com tpc.googlesyndication.com nym1-ib.adnxs-simple.com googleads.g.doubleclick.net www.googletagservices.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com nym1-ib.adnxs-simple.com googleads.g.doubleclick.net
8	www.google-analytics.com	www.celebzz.com www.google-analytics.com www.googletagmanager.com
7	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
7	ads.us.e-planning.net	2 redirects www.celebzz.com assets.vlitag.com
6	nep.advangelists.com	6 redirects
6	tags.mathtag.com	2 redirects
6	bidder.criteo.com	assets.vlitag.com static.criteo.net
5	match.adsrvr.org	ssum-sec.casalemedia.com
5	ssc-cms.33across.com	sync.quantumdex.io
5	ads.pubmatic.com	sync.quantumdex.io
5	onetag-sys.com	sync.quantumdex.io
5	ms.quantumdex.io	5 redirects
5	hal900025.redintelligence.net	1 redirects ajax.cloudflare.com hal900025.redintelligence.net
5	hal90002.redintelligence.net	1 redirects ajax.cloudflare.com hal90002.redintelligence.net
5	stats.vlitag.com	tag.vlitag.com
5	useast.quantumdex.io	assets.vlitag.com
5	prebid.a-mo.net	assets.vlitag.com
5	prebid-eu.creativecdn.com	assets.vlitag.com
4	gu.dyntrk.com	4 redirects
4	um2.eqads.com	2 redirects ssum-sec.casalemedia.com
4	www.googletagservices.com	pagead2.googlesyndication.com tag.vlitag.com googleads.g.doubleclick.net
4	mahimeta.com	1 redirects www.celebzz.com mahimeta.com
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	um.simpli.fi	3 redirects
3	cdn.adnxs-simple.com	ajax.cloudflare.com nym1-ib.adnxs-simple.com
3	quantumsyndication.com
3	ajax.cloudflare.com	assets.vlitag.com
3	btlr.sharethrough.com	assets.vlitag.com
3	web.hb.ad.cpe.dotomi.com	assets.vlitag.com
3	tag.vlitag.com	services.vlitag.com tag.vlitag.com
3	fonts.gstatic.com	fonts.googleapis.com
3	maxcdn.bootstrapcdn.com	www.celebzz.com maxcdn.bootstrapcdn.com
2	pixel.quantserve.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	static.criteo.net	assets.vlitag.com static.criteo.net
2	cdn.contentspread.net	hal90002.redintelligence.net hal900025.redintelligence.net
2	pixel.mathtag.com
2	hal9000.redintelligence.net	ajax.cloudflare.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	web.facebook.com	2 redirects
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	adserve.mahimeta.com	mahimeta.com
2	l.sharethis.com	w.sharethis.com www.celebzz.com
2	ad.impactify.io	www.celebzz.com ad.impactify.io
2	connect.facebook.net	www.celebzz.com connect.facebook.net
2	hosupshunk.com	www.celebzz.com
2	services.vlitag.com	www.celebzz.com services.vlitag.com
1	x.bidswitch.net	ssum-sec.casalemedia.com
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	match.deepintent.com	ssum-sec.casalemedia.com
1	dpm.demdex.net	ssum-sec.casalemedia.com
1	c1.adform.net	ssum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	gum.criteo.com	static.criteo.net
1	ajax.googleapis.com	hal900025.redintelligence.net
1	www.googletagmanager.com	tag.vlitag.com
1	www.facebook.com	connect.facebook.net
1	stats.g.doubleclick.net	lockerdome.com
1	cdn.jsdelivr.net	assets.vlitag.com
1	imasdk.googleapis.com	tag.vlitag.com
1	s4.histats.com	s10.histats.com
1	dvr.impactify.io	ad.impactify.io
1	whos.amung.us	waust.at
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	lockerdome.com	cdn2.lockerdomecdn.com
1	s10.histats.com	www.celebzz.com
1	cdn2.lockerdomecdn.com	www.celebzz.com
1	c.sharethis.mgr.consensu.org	w.sharethis.com
1	waust.at	www.celebzz.com
1	tg1.aniview.com	www.celebzz.com
1	w.sharethis.com	www.celebzz.com
1	fonts.googleapis.com	www.celebzz.com
1	celebs.gallery	www.celebzz.com
346	92

This site contains links to these domains. Also see Links.

Domain
akismet.com
twitter.com
www.facebook.com
feeds.feedburner.com
plus.google.com
whos.amung.us
valueimpression.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2020-09-27` - `2021-10-29`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
histats.com R3	`2021-05-21` - `2021-08-19`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2020-03-30` - `2022-06-25`	2 years	crt.sh
ads.us.e-planning.net R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.adnxs-simple.com GeoTrust ECC CA 2018	`2021-03-17` - `2022-03-15`	a year	crt.sh
*.a-mo.net R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
contentspread.net R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
um3.eqads.com Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
adentifi.com Amazon	`2020-10-02` - `2021-11-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh

This page contains 54 frames:

Primary Page: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Frame ID: 792B2AD9372A070F998D17214FA56CF5
Requests: 134 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 919BA50AD4C228FA03CBE9A0E7932265
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210624/r20190131/zrt_lookup.html
Frame ID: 7DCAB224745028B0107BA3EF5D491EED
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13235904936384614?pubid=ld-7310-7070&pubo=http%3A%2F%2Fwww.celebzz.com&rid=&width=538
Frame ID: D4FE2FCEC47301B818FB6D3CBB5BF72E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8340352295618934&output=html&adk=1812271804&adf=3025194257&lmt=1625758661&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&ea=0&flash=0&pra=5&wgl=1&dt=1625758661403&bpp=5&bdt=342&idt=142&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2939721696992&frm=20&pv=2&ga_vid=1475286884.1625758661&ga_sid=1625758662&ga_hid=746912040&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=463318738551836&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=163
Frame ID: 0088CFE187282B6E171E9D64C27BD87E
Requests: 1 HTTP requests in this frame

Frame: https://mahimeta.com/networks/frame_ref.php
Frame ID: FA2CA2E7C5405A54E3DE9E6B131977CE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.6%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2be7cf51aecf14%2526domain%253Dwww.celebzz.com%2526origin%253Dhttp%25253A%25252F%25252Fwww.celebzz.com%25252Fface03568022c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCelebzz-501754036583664%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue&_rdc=1&_rdr
Frame ID: 04BC09EE4A8474300D0FF18D165B62DC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 46A344C7D94946ECEF135272845A46B6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 62AB376351C8BA22EB8562A1C3CBEC82
Requests: 1 HTTP requests in this frame

Frame: http://tag.vlitag.com/passback/?t=1625726623&d=91&z=19423&divID=vi_9119423_564&w=970&h=250
Frame ID: 0CCA6D28A4AEF8E1C7964526DB76DFC9
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Frame ID: ADB4328EDCBF9F376EC39DB807739AA1
Requests: 7 HTTP requests in this frame

Frame: http://tag.vlitag.com/passback/?t=1625726623&d=91&z=19424&divID=vi_9119424_964&w=336&h=280
Frame ID: 1F35DBA0946DE59275FF1103554C156D
Requests: 2 HTTP requests in this frame

Frame: http://assets.vlitag.com/plugins/safeframe/src/html/r.html
Frame ID: 2B792E8F648AF9F28F99EB53BA2A4E2B
Requests: 16 HTTP requests in this frame

Frame: http://assets.vlitag.com/plugins/safeframe/src/html/r.html
Frame ID: 014780AAD02B1C1B506CE57F9F66FCBE
Requests: 16 HTTP requests in this frame

Frame: http://hal90002.redintelligence.net/request_content.php?s=43704100104756000951433011649002&a=c23e3d2c
Frame ID: C875704374ECA34827EBF4E72D2D40A0
Requests: 5 HTTP requests in this frame

Frame: http://hal900025.redintelligence.net/request_content.php?s=13282700112036400951427011649025&a=692db05a
Frame ID: 0128D731FE514E76BD8CBA4982FFF50F
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.celebzz.com&gdpr=1&gdpr_consent=
Frame ID: 9AF55D03DE305F7A902AF30DCE4463E1
Requests: 1 HTTP requests in this frame

Frame: http://assets.vlitag.com/plugins/safeframe/src/html/r.html
Frame ID: 2051DCD30FF93836DB97C2B4207B87BF
Requests: 6 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 5B8EF8550B39A7C79AA3D9BB2AD9B41F
Requests: 10 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: AB09D22936451680903CB1FB0C999F3A
Requests: 10 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 53ACBC907DF5F289B97DCB2E8D547116
Requests: 10 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 9AF4C9DA476004B4BE98C31DEE9E8FF6
Requests: 10 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 05109F4D7138D31CCE121859EB9A6588
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 7257188DC59B852972202044D4E26E28
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 3DB207126C2EAB0618FF017423930B5E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 5655058E400C4A8DC543FD4FB8B40EF4
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: AA4515F2D5928881FEC078E2A753B992
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 401EA3C90E39A33182910F98018FE4EA
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: B52E88B94E69560E55DC2E6C23516C3F
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 28A91F03BEC3B0FF9B0A4598A6ECBCE5
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 2C24AF4AC25257A0B2C50F7B692E5461
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: D8EA54930B6D90F6C74B6587EBD2D1FB
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 98DC07229491F3E0F69BA7208821A910
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 4C1FEB712079C50E053478908D62CA87
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: B4A62C8910B66A46B05F496A50E3E22A
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: A8589660F346BF59440B0D6592C1B5D9
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 78C679546F0365173D38A5C06C2B5C82
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 1B03B7663657952FEE73D784B7D2BAA9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: C5A14F0E63C6238960208D1E18A78F7F
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 98DE54D17574450A307424DBA4380490
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 75101B3935286835FBEF9CD2A2F9DAF8
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 92D501741A0B89B343581482D77DC470
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 0F7E6D61AB560909195A708E784661FB
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 37DC60C1AAE85E6142BED9068A687E89
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: D7F23B4B7FE4E1E834C3B1197E843568
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 53B5026411D78C055E37621EAB0D1945
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: AFCCFE93BC32CF4C0E819B6AC3F7EA42
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 72A298DF322D8CA6360FA0376EC73516
Requests: 1 HTTP requests in this frame

Frame: https://nym1-ib.adnxs-simple.com/if?an_audit=0&referrer=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&e=wqT_3QKXLGwXFgAAAwDWAAUBCMi3nIcGEO3m2MG3st-UJBj_EQF4ASo2Cc78ag4QzJE_EbDHREqzeYw_GQAAAGC4HvU_IRESACkRJNAxAAAAQOF6pD8wmOuBCjihUEDlHkhlULWiyyVYztNrYABojaGtAXiRzwWAAQGKAQNVU0SSAQEG8JWYAcoHoAFaqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKniU7qAlpodHRwOi8vd3d3LmNlbGVienouY29tL21lbGFuaWUtYnJvd24tc3RlcHMtb3V0LXRvLWRpbm5lci13aXRoLWhlci1mcmllbmQtZ2FyeS1pbi1nbGVuZGFsZS_yAgwKBkhFSUdIVBICOTABD_D9BVdJRFRIEgM5NzDyAiEKBkxPQURFUhIXcmVuZGVyX3Bvc3RfYWRzX3YxLmh0bWzyAhcKCklGUkFNRV9LRVkSCTIzNDk0ODM3NfIC0A4KC1BSRV9TQ1JJUFRTEsAOPHNjcmlwdD4oZnVuY3Rpb24oKXsvKgoKIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuCiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMAoqLwp2YXIgaD10aGlzfHxzZWxmO2Z1bmN0aW9uIGsoYil7a1siICJdKGIpO3JldHVybiBifWtbIiAiXT0dmCR9O3ZhciBtPS9eIYDwSXM_OlwvXC8oXHd8LSkrXC5jZG5cLmFtcHByb2plY3RcLihuZXR8b3JnKShcP3xcL3wkKS87CmZ1bmN0aW9uIG4oKXt2YXIgYj1oBVcMYz1bXQUJJGQ9bnVsbDtkb3sBbhhhPWI7dHJ5BQwsZTtpZihlPSEhYSYmASQcIT1hLmxvY2EhNyAuaHJlZiliOnsBLZBrKGEuZm9vKTtlPSEwO2JyZWFrIGJ9Y2F0Y2gobCl7fWU9ITF9AV4IZz1lGRcAZwEWDGlmKGcJmQBmPl4AODtkPWEuZG9jdW1lbnQmJhkMKC5yZWZlcnJlcnx8AZckfWVsc2UgZj1kLA3LTGMucHVzaChuZXcgcChmfHwiIikpBdUkYj1hLnBhcmVudBmGAGIF__BAfX13aGlsZShiJiZhIT1iKTthPTA7Zm9yKGI9Yy5sZW5ndGgtMTthPD1iOysrYSljW2FdLmRlcHRoPWItYTthPWghKzkeAa41KjhhbmNlc3Rvck9yaWdpbnNuHAANawA9HXUAKQmGDDE7YjwRikw7KytiKWY9Y1tiXSxmLnVybHx8KAUILkIBOnYAFFtiLQoxXSEMGCxmLmg9ITAB4ykiAGgZqyHVFCwhMSk7ZiUWJQIEZD0yBAEgMDw9ZDstLWQpIbpEPWNbZF0sIWYmJm0udGVzdChnAY8gKSYmKGY9ZyksBQ4oJiYhZy5oKXthPWdJGwB9DV0AZBXmBCYmAcwBOwQ7MEFlAGQhWggmJmQFSAEbCCk7YwWtGHEoYSxmKTttNBRjLmc_Yy4FZQw6Yy5pAUAAfXE_NCBxKGIsYyl7dGhpcy5pQdUBCQhnPWMZIgBwHSIIdXJsESQUaD0hIWM7BS8FiCUKBH07FVkEcihJsIhiPW4oKSxjPWIuaW5kZXhPZigiPyIpO3NldFRpbWVvdXQoZm18DTFEZD12b2lkIDA9PT1kPy4wMTpkQTVEIShNYXRoLnJhbmRvbSgpPmQpCV8EYT1R-wwuY3VyQbQAU4W6EDthPShhGUoEYT9hA6A6YSkmJiI3NyI9PT1hLmdldEF0dHJpYnV0ZSgiZGF0YS1qYyIpP2E6ZG1OQC5xdWVyeVNlbGVjdG9yKCdbDSUAPQFEGF0nKTtkPSKFdFg6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY4kDCGNvbQ0ekC9nZW5fMjA0P2lkPWpjYSZqYz03NyZ2ZXJzaW9uPSIrKGEmJmFWmAAALQ0mkCIpfHwidW5rbm93biIpKyImc2FtcGxlPSIrZDthPXdpbmRvdzuBRI2WMGEubmF2aWdhdG9yKWUuDgBQLnVzZXJBZ2VudCxlPS9DaHJvbWUvSZ4gZSkmJiEvRWRnGREcPyEwOiExO2VhlhVRMC5zZW5kQmVhY29uPwodaR0YFChkKTooYS0VQF9pbWFnZV9yZXF1ZXN0c3x8XhoAED1bXSksAa453BxyZWF0ZUVsZYHlPCgiaW1nIiksZS5zcmM9ZCxaYACJ3xhlKSl9fSwwdQ5cMDw9Yz9iLnN1YnN0cmluZygwLGMpOmJ9KTsQLnJmbD1RxAgoKXttQ4BlbmNvZGVVUklDb21wb25lbnQocigpKX07fSkuY2FsbChhCBQpOwo8L3NFfmw-8gLJAgoKRVhUUkFfVEFHUxK6AjxkaXYgc3R5Ia0McG9zacEfZDogYWJzb2x1dGU7IGxlZnQ6IDBweDsgdG9wDQpkdmlzaWJpbGl0eTogaGlkZGVuOyI-PGltZyAB--J9AhRhd2JpZCYFBvCwX2I9QUtBbWYtQjR1bzhLS2dCd2p3RFRHSGhWcjIyaDFNc2RYVmF0dk5lblRlMFVUMmpqN2dKeks1VGZqVkVQM0xoVEY1ZGs4Z3NxTTNoU3pPUlIxRFQzTlBrVGNDSkZRNm9PNVEiIGJvcmRlcj0wIHdpZHRoPTEgaGVpZ2h0PTEgYWx0PSIiIHN0eWxlPSJkaXNwbGF5Om5vbmUiPjwvZGl2PvICmQEKDFBPU1RfU0NSEqIICIgBPClqNggBaX1QYWRzLmcuZG91YmxlY2xpY2submV0cYM8eGJmZV9iYWNrZmlsbC5qcwFlCUsAPg1TAD6dkiAge3IzcHgoJzIeLQkcJyk7fSkoKTs96lj-EQoQSE9TVF9QT1JUX1BBUkFNUxLpEZEZipQA8IFhZGZldGNoP2Fkaz0xNjEyNDI1NDgxJmFkc2FmZT1tZWRpdW0mY2xpZW50PWNhLXB1Yi0zMDc2ODkwMDEyNzQxNDY3JmZvcm1hdD05NzB4OTBfYXMmaXA9MmEwMTo0Zjg6MTkyOjU0MTQ6OiZvdXRwdXQ9aHRtbCZ1bnZpZXdlZF9wTZAgX3N0YXJ0PTEmoekBwf7OClbOChAmc3ViXw3QAGJB1vDtci01NTE0MzE2JmhsPWVuJmFjZWlkPU1Oc090QUIyRjdRQTdCbTBBUEFadEFBbUdyUUEtVlUwQVdaZk5BR05ZVFFCSDJJMEFUZGlOQUcwWkRRQkNtVTBBV2RsTkFGdlpUUUI1bVkwQVRSbk5BRi1aelFCc1djMEFlbG5OQUVFYURRQkNHZzBBUkZvTkFFa2FEUUJNV2cwQVRKb05BRTVhRFFCUEdnMEFVSm9OQUZWYURRQldHZzBBV0JvTkFGa2FEUUJaV2cwQVdab05BRm5hRFFCYUdnMEFXMW9OQUdBYURRQmgyZzBBWTlvTkFHZQFwAG8BMBhhZG9OQUdwARAYcW1nMEFiQgEQAHgBEAB4ASAAYwEg9NcGRkxjMEVCVTNOQkFWdjEyUUVxaEFjQ2tvUUhBc2NhWEFMRkcxd0NzQnhjQWdRZFhBSTEtWWdDb2ZtSUFydjVpQUlEUWFvQ0owS3FBaWhDcWdJLVE2b0NZMFdxQWdwZnFnTFBZYW9DZW1tcUFreHJxZ0xHY3FvQ3UzV3FBdjE0cWdKdGVhb0NrSHFxQW5tRnFnTG5pYW9DS0lxcUFsbUtxZ0pjaXFvQ0RZLXFBbWVQcWdMQ2xLb0NycGFxQWdPWnFnSzRtYW9DWVpxcUFvQ2JxZ0tCbTZvQ2dwdXFBcmFkcWdKRG9xb0N5YU9xQWxhbXFnS0RwcW9DMnFhcUFxYW5xZ0lOcUtvQ0ZLaXFBcUtvcWdKenFhb0NzNm1xQXVLcHFnSXRyS29DZksycUFoeXVxZ0llcnFvQ0txNnFBb211cWdKT3I2b0NsYS1xQWpxd3FnSmFzS29DZDdDcUFucXdxZ0pfc0tvQ2dyQ3FBb3F3cWdMWHNxb0NHck9xQWxXenFnS1N0S29DdTdTcUFpTzNxZ0lYdWFvQ09ycXFBczI3cWdMaXU2b0NjYjJxQW5POXFnS1l2YW9DcUwycUF0cTlxZ0psdjZvQ2dyLXFBbzZfcWdLMHY2b0MtNy1xQWl6QXFnSl93S29DdDhDcUFzX0FxZ0xnd0tvQ0I4S3FBZ19DcWdJbXdxb0NTY0txQXZMQ3FnTC13cW9DRGNPcUFndkVxZ0lXeEtvQ1ljU3FBcV9FcWdLMnhLb0NBc1dxQXVMRnFnTEt4cW9Dem5LNkFtUTNZUVFJczhVRnJNc2NEQV9MQ2cwMWxzQU9ncWI3RWdxby14SU5zZnNTOWNUN0V0UEsteEp3elBzU3Y5TDdFaHJVLXhLVTFmc1NoTmI3RXVfYy14SVA0UHNTemVEN0VsX2gteExSNGZzUzRlSDdFbWZpLXhJbDRfc1NNdVA3RWpUbC14SmI1ZnNTQ3ViN0VrWG0teEltNV9zU2xtWmtFX2RXYXhwWkFKSXBjcDNXTXcmZXhrPTIzNDk0ODM3NSZhd2JpZF9jPUFLQW1mLUFXNnBtdXJrTjA4M1l4RldBOHdlOTNxcE5IUXdnSndyQ25tclBTSFlERENFSzVrNzVRYWR6N0FLMGRwVjFrdF9HRXhSWVVoZWtQei1IeUh2SFJTTUtCOS03TVFTYWU1eXRHUVNfejROdjloemNrUW1EQy1keGxmbFh6dkM5OFB1M19xTTZDT3JuUFp6NTJDTllKUmMxQWlNN0ZFZyZhd2JpZF9kPUFLQW1mLUJXYnliNXB3Ny1Vc1FPWjZYUm1ScjA1RVNXUG00cFZxaTl2TzF0c0MzSzJYbHdldDlJMHdaaTFMRWpNd1VrMndnOWpEclhSLWFuUUNjNy1wVks3OFhFeVk2bnZUemNnd212a1lZb2RGbUJQNDYyRkdGYzNKeGt4cnpXb1FyMUZqTWtYWWtDb2ljX1d2Tzg4bXZGYVpvQXY2SkZPczFnUEJ4c0hLZG1JejMtTkRtMkhvcWkybzRfTm5rMkdEZnJ5YXlicjJmem9uRzJsajh0R01SWlhRaTJKSUktN0pDR2xSUmVSN3NEMmZiOUpRYnhLa2lXN0V3WHEtUzRkNGpfWFJvM1RwNFdORkxCaFJibTFaVnFyZ1YyODh1aE9sS2pSWnNidmhzWmJzSjlETUlJU2N3RG83WDZfTjF5R1hLRnFhWUJEdTREZWwxSlhYN3JybHVrTnBJT0FuSldqTGJGSS0tVlFZT1VpRUc3RGw1bkk4d3JZZjNkd1YxcXZQazhSWHZHd2k4NVh1MmxFLUh4UlBlWWw1eDV6TzVzUV8tVmN4MG1PQ29DRUt3cy1ES2xaZzlNLVR4VjJfSkp6djh1V1lKOVlhUm50ZkpnbUl2UGFnTm42ajlmbzZxa001X05IckFacGxqU0FScjk5ekdLWUJHZjNsYy1JcHlJUnh5QzNkb3E2TFRwU1p0YWVyNEFVSGJhNGx6MHhiT1IwbDk2Vnh2OGpzbzAtdU1DWU9iRlJXclFKZzhaUkJWVjRMS2ItQzg2VzB4cFZjRDhxaTViT1lfekFFRzdwZExKZjZLT3hJRElzczlyMHI5VEVGMFZZN2hET0FTakJHMWcwZV8xNDZmWFJVVUo5WnU4NVIxTzRIYWdLWkViUzBWc2twdzVFLWpBcjJaNUZoNEFFanRtTzczMjF3bXBxRVREbURWdlgzb3ZxQnRIJmNpZD1DQUFTQk9Sb2JyMCZhX2NpZD2AAwGIAwCQAwCYAxSgAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uWhgNEpUKOpsK8P1BUDdXd2pkeGFVV3FpNUlPWHV0NjJxUXZzS1BkcmFBbWIxN2ZkdE1GRkk4QTFfMW4zT0VEeHpkZnRLZE5nS2M4THRkYVRnTEZlVGQ3TXFlRFR5SzJ0QjRjNlZyUSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMyNjA1NzUxOTMxNzQxMDI1MTMzIgg3ODgyNzgyOSoEMzk0MToBMMADrALIAwDYA7eaVOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFDJhMDE6NGY4OjE5Mjo1NDE0OjoyqAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA2gQCCAHgBADwBA6lFPBe-gQSCQAAAKCZmUlAEQAAAMDMzCJAiAUBmAUAoAWK2dGj_e-xhhGqBSRkZTMyZTM1OS03OGVkLTQ3ZjEtOTU5Ni1hNzNiNWY4OTE5OTDABQDJBQAAAAAAAPA_0gUJCQAFDDwAANgFAeAFAfAF2sMf-gUEAZcokAYAmAYAuAYBwQYJJCzwP9AG7o8B2gYWChAJEhkBmBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzI2OTQwODcyOTY0ugcPCAUoACAB7iy6BkAAyAeRzwXSBw0B3wUBAUYI2gcGAX4wGADgBwDqBwIIAPAHAA..&s=bc2cfbe3d9c02a0562880807efc724feffc896dc
Frame ID: 42425895E151C29CC695DD361FEC6FC6
Requests: 8 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 0FA53F4C3FC0086905F9F38789EEF38B
Requests: 2 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 83C197E947D8121FD8E895189BB05AE7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: E0CB51537CF35E1346B450A0B06320CD
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 983E483ADAC07DE85496D8010F91AB7B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js
Frame ID: 032EC168F81704093F5525CD5E3A8F4E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale. HTTP 301
http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

346
Requests

76 %
HTTPS

42 %
IPv6

66
Domains

92
Subdomains

74
IPs

9
Countries

2310 kB
Transfer

5405 kB
Size

16
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed

Search URL Search Domain Scan URL

URL: http://twitter.com/celebzz_a
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.facebook.com/Celebzz-501754036583664/?ref=hl
Title: Facebook

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/Celebzz
Title: RSS

Search URL Search Domain Scan URL

URL: http://plus.google.com/+Celebzz/about
Title: Google+

Search URL Search Domain Scan URL

URL: https://whos.amung.us/stats/th0m99f4yi/
Title: 26

Search URL Search Domain Scan URL

URL: http://valueimpression.com/?ref=www.celebzz.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale. HTTP 301
http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css HTTP 307
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Request Chain 6

http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.4.2 HTTP 307
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.4.2

Request Chain 42

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 43

http://connect.facebook.net/en_US/sdk.js HTTP 307
https://connect.facebook.net/en_US/sdk.js

Request Chain 52

http://mahimeta.com/networks/vast_tag.js?cache=1625758661 HTTP 302
https://mahimeta.com/networks/vast_tag.js?cache=1625758661

Request Chain 88

https://ads.us.e-planning.net/pbjs/1/2c995/1/www.celebzz.com/ROS?rnd=0.3115249782254208&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?ct=1&r=pbjs&rnd=0.3115249782254208&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&gdpr=1&gdprcs=

Request Chain 103

https://ads.us.e-planning.net/pbjs/1/2c995/1/www.celebzz.com/ROS?rnd=0.3115249782254208&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?ct=1&r=pbjs&rnd=0.3115249782254208&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&gdpr=1&gdprcs=

Request Chain 123

https://web.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2be7cf51aecf14%26domain%3Dwww.celebzz.com%26origin%3Dhttp%253A%252F%252Fwww.celebzz.com%252Fface03568022c%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCelebzz-501754036583664%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=true HTTP 302
https://web.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.6%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2be7cf51aecf14%2526domain%253Dwww.celebzz.com%2526origin%253Dhttp%25253A%25252F%25252Fwww.celebzz.com%25252Fface03568022c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCelebzz-501754036583664%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.6%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2be7cf51aecf14%2526domain%253Dwww.celebzz.com%2526origin%253Dhttp%25253A%25252F%25252Fwww.celebzz.com%25252Fface03568022c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCelebzz-501754036583664%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue&_rdc=1&_rdr

Request Chain 154

https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTnpjd1lqRm1aRGN0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0Nzg1NTQ5MTcyMTYyMDc5OTEvNjYyMjM5Ni80NTYyMzEyLzEzL2dDQ3E1RTBPMG52S1lkcm12QTR6RjdsY2UyQW5Zb3hlQzlhdXhhekszN1UvMS8xMy8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzg0Nzg1NTQ5MTcyMTYyMDc5OTEvb3JkLzAvMTc4Ny83My85OTkvMzIyLzJhMDE6NGY4OjE5Mjo1NDAwOjovMC4wMDAvMTYyNTc1ODY2Mi8xNjI1NzcxMjYyLzEzLzExMzk1Lw/4cS8hTmr4Chsa01I6lEcaA7yMmY&nodeid=2690&group=us-east&auctionid=8478554917216207991&sid=4562312&cid=6622396&bp=a_bdhgdj&nfy_act=LD5wew&bfip=216.200.232.164&type=imp&client=c2s HTTP 302
https://tags.mathtag.com/ck-confirm?bid_id=8478554917216207991&node_id=2690&exch_id=13

Request Chain 159

https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTnpjd1lqRm1aRGN0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0Nzg1NTQ5MTcyMTYyMDc1MzYvNjYyMjM5My80NTYyMzEyLzEzL2dDQ3E1RTBPMG52S1lkcm12QTR6RjBvVlZaVUV2b292SGRDdWhYSlI4WE0vMS8xMy8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzg0Nzg1NTQ5MTcyMTYyMDc1MzYvb3JkLzAvMTc4Ny83My85OTkvMzIyLzJhMDE6NGY4OjE5Mjo1NDAwOjovMC4wMDAvMTYyNTc1ODY2Mi8xNjI1NzcxMjYyLzEzLzExMzk1Lw/W1IRwpKc9wlgSHrtJkNiVSdL4cg&nodeid=2690&group=us-east&auctionid=8478554917216207536&sid=4562312&cid=6622393&bp=a_bdhgdj&nfy_act=LD5wew&bfip=216.200.232.175&type=imp&client=c2s HTTP 302
https://tags.mathtag.com/ck-confirm?bid_id=8478554917216207536&node_id=2690&exch_id=13

Request Chain 163

http://hal90002.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=be6ff1d83d&subid=&uid=98d8d758a6610722&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8478554917216207991%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=http%3A%2F%2Fwww.celebzz.com%2F&ancestorOrigins=http%3A%2F%2Fwww.celebzz.com&random=3075693020513&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
http://hal90002.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=be6ff1d83d&subid=&uid=98d8d758a6610722&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8478554917216207991%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=http%3A%2F%2Fwww.celebzz.com%2F&ancestorOrigins=http%3A%2F%2Fwww.celebzz.com&random=3075693020513&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 164

http://hal900025.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=99dd00938f&subid=&uid=c219f3a1926cd827&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8478554917216207536%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=http%3A%2F%2Fwww.celebzz.com%2F&ancestorOrigins=http%3A%2F%2Fwww.celebzz.com&random=557284754979&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
http://hal900025.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=99dd00938f&subid=&uid=c219f3a1926cd827&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8478554917216207536%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=http%3A%2F%2Fwww.celebzz.com%2F&ancestorOrigins=http%3A%2F%2Fwww.celebzz.com&random=557284754979&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 206

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6228369404489295200

Request Chain 207

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-FS10D8tE2uElF_PG0vhfF1BZQfA1R4BY4iRW8jk-~A

Request Chain 209

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=9dd498165297ed98564f13c6

Request Chain 210

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7974683219268065359

Request Chain 211

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4508212335585529761

Request Chain 212

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-627e1b8e-775a-43fe-af62-9e3731293da8

Request Chain 213

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP71008d68-e002-11eb-b832-02aba4491fc2 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71008d68-e002-11eb-b832-02aba4491fc2

Request Chain 214

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d77f28d2-9f7a-4515-9db9-e6b86762ff75

Request Chain 217

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 220

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4fe687e35f6f287097f2e23e

Request Chain 221

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3065484692709509034

Request Chain 222

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4508212335585529761

Request Chain 223

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-edf4b8fd-fef5-46a2-a59d-db0f5ac4b3d3

Request Chain 224

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3685742224727502008

Request Chain 225

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP71052118-e002-11eb-8b79-069dedfdb540 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71052118-e002-11eb-8b79-069dedfdb540

Request Chain 226

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=0aa27dfe-ef0f-4cbd-9eb0-4a27642b9267

Request Chain 227

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-FS10D8tE2uElF_PG0vhfF1BZQfA1R4BY4iRW8jk-~A

Request Chain 229

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 234

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-FS10D8tE2uElF_PG0vhfF1BZQfA1R4BY4iRW8jk-~A

Request Chain 236

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4fe687e35f6f287097f2e23e

Request Chain 237

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6652613312709106452

Request Chain 238

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8687211221490158152

Request Chain 239

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-d75b1d6a-2544-451e-9309-68b437ffc458

Request Chain 240

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP71008d68-e002-11eb-b832-02aba4491fc2 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71008d68-e002-11eb-b832-02aba4491fc2

Request Chain 241

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8687211221490158152

Request Chain 242

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=f07ec676-0269-4a10-9351-57893e2209d3

Request Chain 244

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 248

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6652613312709106452

Request Chain 249

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-vAbYwXRE2uEWWDTI9ZredISrqgQt1Sdn024.0dE-~A

Request Chain 251

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4fe687e35f6f287097f2e23e

Request Chain 252

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6331878368950750854

Request Chain 253

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=6652613312709106452

Request Chain 254

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-fbd8b648-cad2-4721-9710-6bb92b9cb6bf

Request Chain 255

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP71008d68-e002-11eb-b832-02aba4491fc2 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71008d68-e002-11eb-b832-02aba4491fc2

Request Chain 256

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=5e98a4cd-a7aa-403f-a9f1-45bccca91e2e

Request Chain 259

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 263

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=9dd498165297ed98564f13c6

Request Chain 264

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6785658206170012938

Request Chain 265

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=6331878368950750854

Request Chain 266

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-1325278d-ba04-4a78-aa08-c3136cd357ff

Request Chain 267

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6228369404489295200

Request Chain 268

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP71008d68-e002-11eb-b832-02aba4491fc2 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71008d68-e002-11eb-b832-02aba4491fc2

Request Chain 269

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=cd46d5e5-ff00-4e3b-bfaf-db0ca4c6dc18

Request Chain 270

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-vAbYwXRE2uEWWDTI9ZredISrqgQt1Sdn024.0dE-~A

Request Chain 272

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 281

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YOcbyYPCb8bfiFscKecUzQAABFQAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIdD1YvrFrNeI8segj-t-ZI&google_cver=1

Request Chain 282

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyYPCb8bfiFscKecUzQAABFQAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyYPCb8bfiFscKecUzQAABFQAAAAB&dcc=t

Request Chain 284

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YOcbyYPCb8bfiFscKecUzQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1

Request Chain 285

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871316021449048433

Request Chain 286

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YOcbzAACY0HZowBg HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YOcbzAACY0HZowBg&gdpr=1&_test=YOcbzAACY0HZowBg

Request Chain 287

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C6F0C174FF3B48C6B86D9C825495C1DD&gdpr=1

Request Chain 290

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YOcbyQMi9VH60mapgMUV4gAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1

Request Chain 291

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YOcbyQMi9VH60mapgMUV4gAABLUAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENvtPO5JpHTyKKxj9Pi3rT4&google_cver=1

Request Chain 292

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyQMi9VH60mapgMUV4gAABLUAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyQMi9VH60mapgMUV4gAABLUAAAAB&dcc=t

Request Chain 294

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D51C892475764A51BADBC7E710C96829&gdpr=1

Request Chain 295

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=MsttmDWZa84pyjqWPJ4ll2WdPp0pyW6dYpjDfZv5

Request Chain 298

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 299

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbydnYXpw_a5DohITfrwAABK0AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbydnYXpw_a5DohITfrwAABK0AAAIB&dcc=t

Request Chain 300

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YOcbydnYXpw_a5DohITfrwAABK0AAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECnRAQ76ZmRV3dNYbKjC2_I&google_cver=1

Request Chain 302

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YOcbydnYXpw-a5DohITfrwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1

Request Chain 304

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=ehcpJH1FL3JhFn1wKERhIi0WdSZhEX8qLkWLYaBe

Request Chain 307

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 308

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YOcbyfldi3Qi3eGFyIIjjAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1

Request Chain 310

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyfldi3Qi3eGFyIIjjAAABIEAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyfldi3Qi3eGFyIIjjAAABIEAAAIB&dcc=t

Request Chain 311

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YOcbyfldi3Qi3eGFyIIjjAAABIEAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJORDWoeTZ-BGSgpsn-JRdc&google_cver=1

Request Chain 312

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 314

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-9b726c6f-43f6-4ee6-b482-580c20590fce

Request Chain 318

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyfldi3Qi3eGFyIIjjwAABK4AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyfldi3Qi3eGFyIIjjwAABK4AAAAB&dcc=t

Request Chain 319

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YOcbyfldi3Qi3eGFyIIjjwAABK4AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEITaAQkwwc0uTk6-CpsIE3s&google_cver=1

Request Chain 320

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YOcbyfldi3Qi3eGFyIIjjwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1

Request Chain 321

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 323

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6790450661072851653&uid=Q6790450661072851653&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 324

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2196076BC33242A7A8103E7F8BFBCBF8&gdpr=1

Request Chain 343

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

346 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Redirect Chain

http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale.
http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/

39 KB
11 KB

305ms
304ms

Document
text/html

2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a32a0979a6df38c40b78464d687786e7a1b031ce6035ff8db38c3e09fca76a2b

Request headers

Host: www.celebzz.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Pingback: http://www.celebzz.com/xmlrpc.php
Link: <http://www.celebzz.com/wp-json/>; rel="https://api.w.org/" <http://www.celebzz.com/?p=1585652>; rel=shortlink
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3JtgyxqehutzvPPHlAD61P0E4HyMeqcce3bghZRw0W2%2B8nKUNdvZ%2Fc4z1HMH7d5PMq%2Fb5nTxaqhPAQ5O573nQEwh%2BPVlzKLoph29nsMXfX%2FMH4ar19P2UzrWEtibKTkSqiQGA58tNChg"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 66ba652db93d4e0e-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Thu, 08 Jul 2021 15:37:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Pingback: http://www.celebzz.com/xmlrpc.php
X-Redirect-By: WordPress
Location: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=n7uTwJpCdK8%2BUNkbrQZufLtA4R0yP6lPZPAn73VGqsQU1aaOKCj57%2FHBL1gXHY1AYny%2F7Y1Sd8zB578E%2FnnE8JPlph29wHFkf1yHInwewM5gvwDMH29npNnjAO%2FH5Wb3k6JXCAw6tI0N"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 66ba652c1d534e0e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 404
Not Found jquery-extra.theme.min.js
celebs.gallery/wp-scripts/ 0
0 183ms
136ms Script
text/plain 37.48.65.153
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://celebs.gallery/wp-scripts/jquery-extra.theme.min.js
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 37.48.65.153 Den Helder, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:40 GMT
cache-control: max-age=0, private, must-revalidate
server: nginx
connection: close
content-length: 9

GET
H2

200

font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/
Redirect Chain

http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

21 KB
5 KB

26ms
25ms

Stylesheet
text/css

2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 718
age: 9311868
cdn-cachedat: 2021-03-11 11:57:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b0b99654f1852bea042d5b3f1081c580
cf-ray: 66ba652fbf294e9d-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

Redirect headers

Location: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK css
fonts.googleapis.com/ 8 KB
1 KB 17ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aedf443654dc81c3d47487a64d2a9e9e39b1ecde3595814b658be0f159335a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 08 Jul 2021 15:37:41 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Thu, 08 Jul 2021 15:37:41 GMT

GET
H/1.1 200
OK style.css
www.celebzz.com/wp-content/themes/hawtmen/ 27 KB
7 KB 30ms
23ms Stylesheet
text/css 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/themes/hawtmen/style.css
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98b47a282eb415846fd2d98effe2eb604c9462c0670858b988f6aebbe35f0a3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2315481
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Last-Modified: Sun, 13 Dec 2015 13:36:42 GMT
Server: cloudflare
ETag: W/"566d746a-6a81"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yeKhQaQRwscit4FBgizG%2FYqvh%2BJMOVTE9ANAX42RzZZsM8GLbYSepFjUBTB46NyH2SXqigX6mdulf3OngC5ffjUGFvfZPuC7WsBqWZTyxMDZ%2B9%2FQ4T1X2RoSsuPt7twRFk%2BYsQRGTkx3"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 66ba652fb9ce05d0-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK layout.css
www.celebzz.com/wp-content/plugins/special-recent-posts/css/ 5 KB
2 KB 30ms
22ms Stylesheet
text/css 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/plugins/special-recent-posts/css/layout.css?ver=5.4.2
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0b92945f599cd606acb1d5bf60b30d1f6a6b4cee0ff6cb8ea0a29e6903a8cae

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 6603606
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Last-Modified: Sat, 27 Sep 2014 18:29:41 GMT
Server: cloudflare
ETag: W/"54270215-121c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=C8bHzQ%2BuKWSGE8RCCYaSosvb858FQ%2FTZvBo5fxxYRYECUy5x0ljHe6TwwzRHPJXAeNOX44XKxgO4fvibFdFMERwT3rdYiPtFigLeAwncVN0191%2FZSA7j2GowiEM6FykoHOtR%2BOjsXQ%2FI"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 66ba652fbe024a61-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.min.css
www.celebzz.com/wp-includes/css/dist/block-library/ 52 KB
8 KB 35ms
27ms Stylesheet
text/css 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 6603606
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Last-Modified: Fri, 24 Apr 2020 15:32:14 GMT
Server: cloudflare
ETag: W/"5ea3067e-d159"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=d64n%2BjlIN7ajG6d7bE39SSmc5ILMP0WmsnI3vxSqy3tnAtso2tW4rDsm%2Fw%2BwTX2zX2V01ZzBrX4ojnHxYnMrFpOZN5k9D92BJEyCrBCzDj0XEjpuh%2BfRqlmsounrK3QEfgWMWE9NlRLO"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 66ba652fb8bb4abd-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/
Redirect Chain

http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.4.2
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.4.2

23 KB
5 KB

25ms
24ms

Stylesheet
text/css

2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.4.2

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 6902273
cdn-cachedat: 2021-04-19 19:31:13
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6f1f2da5acf3d24818efbb12b345f509
cf-ray: 66ba652fbf2c4e9d-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

Redirect headers

Location: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.4.2
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK style.css
www.celebzz.com/wp-content/plugins/wp-post-navigation/ 975 B
1 KB 63ms
56ms Stylesheet
text/css 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/plugins/wp-post-navigation/style.css?ver=5.4.2
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53711afd86ecc21dff5318d62d32ff928991f77181a845d3ec99b2fd2b844c0a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 6603759
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Last-Modified: Wed, 26 Apr 2017 19:34:54 GMT
Server: cloudflare
ETag: W/"5900f65e-3cf"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PjqEnuU459bVaGHYwA62Ds9gN6QmqhZm8AzXkQTV4GoDrJ%2FQl0N6BwVJEW2jB32toIYdU8QzT2qeIc%2BME3MLmpQ79NhQznwilil92Eod77xIInUH6i3Iq8hwDCKXBP%2BqUzfgWLhQLPJH"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 66ba652fb8f6dfcf-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK pagenavi-css.css
www.celebzz.com/wp-content/plugins/wp-pagenavi/ 374 B
1 KB 47ms
39ms Stylesheet
text/css 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 6603606
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Last-Modified: Wed, 08 Apr 2020 19:47:57 GMT
Server: cloudflare
ETag: W/"5e8e2a6d-176"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7IbvBRPjWHW%2BlcESGZvyXJhdfXbD85nEntn5d4ff7Eg9pqjQsaxtXNH7afc%2BLawPnoAasbt9F2t5RZtzmyUwviR%2B%2FC1NFWFU39ODb6qm%2BmwTshwCfkmS9wsM1OmrM%2FY%2Fvzp9JVtWytIJ"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 66ba652fb8114e8c-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK st_insights.js Show response
w.sharethis.com/button/ 26 KB
8 KB 15ms
6ms Script
application/javascript 2600:9000:20eb:e400:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2600:9000:20eb:e400:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f8284365ba340253ee9c71cfb5efcc37f10a23e8b8b5dd134ec7bbab05073845

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 00:11:43 GMT
Content-Encoding: gzip
Age: 141958
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 7567
Server: nginx/1.16.1
ETag: W/"60256fd5-676f"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 d8328954e51c0912a8419c1a67cea1dc.cloudfront.net (CloudFront)
Cache-Control: max-age=259200
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: rEdL-Hc2TfTdEbKeZRerWvnDLSCqceNGwUAZNzIK4LXsmlif0jM9_g==
Expires: Sat, 10 Jul 2021 00:11:43 GMT

GET
H/1.1 200
OK jquery.js Show response
www.celebzz.com/wp-includes/js/jquery/ 95 KB
34 KB 45ms
14ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 6603606
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Last-Modified: Fri, 17 May 2019 04:25:54 GMT
Server: cloudflare
ETag: W/"5cde37d2-17a69"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Vr7OAh3cSNu8bqiqO7PXHFAF6DigmaCXRfZT2uqhVYPzm0Ds3Qom6eB%2B5MUGqhdfQK8mEk1XGSrS5KHaTgS2Ka06dHRWZieN99XC9Ske7S4A7PrcqVtx8%2F1jAn%2Fb%2FzxHx8JrAja%2FXh0M"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=315360000
CF-RAY: 66ba652fda3505d0-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.celebzz.com/wp-includes/js/jquery/ 10 KB
5 KB 56ms
22ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 6603606
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Last-Modified: Fri, 20 May 2016 06:11:28 GMT
Server: cloudflare
ETag: W/"573eaa90-2748"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=W08lv%2BE4sWJsOcFK9b4VhTVojNwzRCYouoophjlykJ3hyxdHTrKSlNtBPE%2BMBQbpYW0JmJzUho9lJUebl0d%2B4RKQhH2vkdMwER98eB8PHTnJUiElMz1fjtHxpN88KhcyiGw5cxOBBXd2"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=315360000
CF-RAY: 66ba652fe92d4abd-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dd-multi-col-cats.css
www.celebzz.com/wp-content/themes/hawtmen/ 114 B
948 B 44ms
13ms Stylesheet
text/css 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/themes/hawtmen/dd-multi-col-cats.css
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 631a14305b79d9763d09570f3fdad0478484b27b0cf61f5196b3b954b8bc0db0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 6603759
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Last-Modified: Sun, 13 Dec 2015 12:52:37 GMT
Server: cloudflare
ETag: W/"566d6a15-72"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2%2B4BGm5orHTrPXnvrXm0xee2H6PxWWGtEHLb6VDCUCQRJcKUPWejxZx8chXguZpFgim7tnfDqKFeoh%2BqjmfQaREOIfLRdAVxjTeaMRMY1gHJvTTP9l0jPMc4xg0PZqTbExd0cG93Bsx4"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 66ba652fde554a61-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
49 KB 46ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83aa3ecb7b747db5d4b18b939eaf48357bf34fc839b041de1173ed1c3b6bef36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49111
x-xss-protection: 0
server: cafe
etag: 15935411871857926271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 08 Jul 2021 15:37:41 GMT

GET
H/1.1 404
Not Found classie.js
www.celebzz.com/wp-content/themes/hawtmen/js/ 0
0 242ms
198ms Script
text/html 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/themes/hawtmen/js/classie.js
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SulFgnGO5FWe3zdO7g0ng0s668KYyzBB90phDyTpijeJn3NjDVBwda0iQ96FadPwdip2p3WK7U%2Fj%2BxW0dkDKNqTJdKwMCSVqaeDB7dTjKpnvjUP4RCiCB359s8zuDwHeoIm0poScSAHu"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 66ba652ffe824a61-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK / Show response
services.vlitag.com/adv1/ 930 B
1 KB 149ms
140ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://services.vlitag.com/adv1/?q=54e09c31ad7d306ae43be19b235e354f

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a0193c2735ae8702ec837a4f1298c1fe6b384b3e7a1c80db21c87c73a6db5c4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 8 Jul 2021 15:37:41 GMT
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IqauXLtbwGox2WZiHzVOGVu%2B1H6wHTBAg80qzQkBPYq7AuXTVFDccrNRSY7voNTvFWb7aT%2B9F1orxqbFJ0LAoHLUg1dTVP%2FHrbaZXd%2BHXgj4qymabT4%2FPGylcN1%2F8Zqw0Nri8JLRNLCUiRCU"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
CF-RAY: 66ba65314e704ece-FRA
Expires: on, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 14410 Show response
hosupshunk.com/tTuH48OLkMTmgg6aW/ 0
0 98ms
71ms Script
text/html 51.195.131.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://hosupshunk.com/tTuH48OLkMTmgg6aW/14410
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 51.195.131.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-51-195-131.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://www.celebzz.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H/1.1 200
OK melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale-5_thumbnail.jpg
www.celebzz.com/wp-content/uploads/2017/11/ 61 KB
62 KB 416ms
415ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/uploads/2017/11/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale-5_thumbnail.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df29a177ab199f9590887e0a5e803306bf9af1bf68a274118968a99cd58dfef0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 62207
Last-Modified: Mon, 06 Nov 2017 14:31:16 GMT
Server: cloudflare
ETag: "5a007234-f2ff"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VsRXtne3QbTt4Z82%2Bk9IbaHVNsXRP%2FCVzlW8tcpvZo4hC72QLfOAseL457NrW8y%2BXnXYSpZGZJIZ4wMI6lv6xkvQujQ%2Fr8QJ32JX0yAigCkVeuUgBATmUxlRpbHOcPOXOkg1iptEgECQ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 66ba65314d5905d0-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale-0_thumbnail.jpg
www.celebzz.com/wp-content/uploads/2017/11/ 9 KB
10 KB 245ms
244ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/uploads/2017/11/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale-0_thumbnail.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a24ea7bc62ed1297e6ee429972594715a642353ae70ae060c6851fae6b08ae1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 9606
Last-Modified: Mon, 06 Nov 2017 14:31:10 GMT
Server: cloudflare
ETag: "5a00722e-2586"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RbICoKLbEupbpOhUac7W%2BVRhtQ4Cl%2F9h4CRHAE3MYpRxDlnyx3e6BtIiJT42DlxaGjKIxtuSO%2BoaHwMJ8f9Y8CMg7uRfAyfjI1kEoJAQqu1jdVOuD%2FqmtDrelvANfUykRP9FiVj9Slcm"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 66ba653149f54a61-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale-1_thumbnail.jpg
www.celebzz.com/wp-content/uploads/2017/11/ 9 KB
10 KB 233ms
232ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/uploads/2017/11/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale-1_thumbnail.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 088236b792355b4c310c126abfb78bea090b331ab1008766b9808a1c5a610560

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 9450
Last-Modified: Mon, 06 Nov 2017 14:31:11 GMT
Server: cloudflare
ETag: "5a00722f-24ea"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LRHgLesIBc1HVbXxQzgQRygnoV5YKSAwIlHrFgHCyjsHhBoIhSdNwd7Bl16GZUE8lny5KEOhl0S3NBltUjZwP50C0dteEIrPUWzUquMW24beTA5QPdf0zjm21lIEtSnSP0p2sd5zciJd"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 66ba65315c30dfcf-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale-2_thumbnail.jpg
www.celebzz.com/wp-content/uploads/2017/11/ 9 KB
10 KB 209ms
208ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/uploads/2017/11/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale-2_thumbnail.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85d76f2a01b0cf98c4938262a4740b2c36ec66b3a5adf6cd6fb816e44a38549f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 9089
Last-Modified: Mon, 06 Nov 2017 14:31:12 GMT
Server: cloudflare
ETag: "5a007230-2381"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=d7NgRE9EQZt2wlNyaqfv6VGhUbOUIUfitSD1BqHoEOG63ylE%2Bf55CIiqW2Zf31qtPeWif4c%2F4vCX0hMCEg8KXvvX1t6zyvNR4Gl%2BTZ4H9cBS734vgd3l%2BjS7%2Fb%2Bz90%2FjAF3M1vb8%2FLSx"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 66ba65315d6d4abd-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale-3_thumbnail.jpg
www.celebzz.com/wp-content/uploads/2017/11/ 10 KB
10 KB 214ms
214ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/uploads/2017/11/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale-3_thumbnail.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80a0bd3b32710ca6dd574142f88dc3c5fc556364677e289f554e516500c6dddf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 9733
Last-Modified: Mon, 06 Nov 2017 14:31:13 GMT
Server: cloudflare
ETag: "5a007231-2605"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=laMwT8iQAoMjIlbneI7FFiMcshNMn7BNw26dWsvPg%2BUPdzP1AHZNC7XB8GzpuKb2bwoylgovQKcxmwHGTH2oKbdFiWODLRkRFXrsw3x6hYC000MBfaOkabZGdUvuu950kQdtLss%2Fc0sA"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 66ba65317bed4e8c-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale-4_thumbnail.jpg
www.celebzz.com/wp-content/uploads/2017/11/ 10 KB
11 KB 362ms
216ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/uploads/2017/11/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale-4_thumbnail.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4618fd944b60db0ec6ecf5aef73181ebf9fb4022596af42f729a69f646bf012e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 10361
Last-Modified: Mon, 06 Nov 2017 14:31:14 GMT
Server: cloudflare
ETag: "5a007232-2879"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YQem7PWmZajEVetTLXfFamXr0Otnw1WY%2B7DFeze7ep9J5Hkkh%2FeUWtSbFC%2BHD3VKREzBLEZrNtIPkh5IUGh604Beyos1ruFaeZKU9WmZls3m%2BlYRXk%2FsXdu3dIz0FTN1IWY6Hm0SqCNo"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 66ba65327c544e0e-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK srpthumb-p3808025-160x240-no.jpg
www.celebzz.com/wp-content/plugins/special-recent-posts/cache/ 9 KB
10 KB 190ms
15ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/plugins/special-recent-posts/cache/srpthumb-p3808025-160x240-no.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c03337c533f0262395baad10ca8f438f4711916e0e3136ce10ebc94cbb2021f3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 80845
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 9483
Last-Modified: Wed, 07 Jul 2021 17:08:43 GMT
Server: cloudflare
ETag: "60e5df9b-250b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VIRt7uG6UyxEhl5rodZBu%2BjFavIaryOtr4xqsuzk8EnlnXIHS%2FI2LR3V9N%2BD8%2BAil28Slacjseof4NAhBHzW0g8ks8lPRSazYAAMKXpzSlxp%2FlDWP1PEWZUdbI32NC3f1Ft%2F4xYb25VL"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 66ba6532c8e44abd-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK srpthumb-p3808006-160x240-no.jpg
www.celebzz.com/wp-content/plugins/special-recent-posts/cache/ 8 KB
9 KB 174ms
13ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/plugins/special-recent-posts/cache/srpthumb-p3808006-160x240-no.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ace3eab41425ddbab51b21f62b12c3e73f7f481499b86e5aa518cf51461fb442

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 80844
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 8555
Last-Modified: Wed, 07 Jul 2021 17:08:37 GMT
Server: cloudflare
ETag: "60e5df95-216b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=a2%2FTo%2B2mog51cxBgT3ksHoigsUlr9LvZTlyR%2FOqEoQ002CTOGgKuiJ%2FVyl4JRGUbQOA5gJcT7WZb1xYmm21jzgWD41TM2FCszt3Y5i91dZARGrjWJJcaREtPdepyJa%2Be8jSURbaMWB5l"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 66ba6532a8aa4abd-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK srpthumb-p3807977-160x240-no.jpg
www.celebzz.com/wp-content/plugins/special-recent-posts/cache/ 10 KB
11 KB 244ms
34ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/plugins/special-recent-posts/cache/srpthumb-p3807977-160x240-no.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f321551026a4b9cfe6c04a5cf27a46b4d676bf868a33df8975fd9685d0cf79a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 80952
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 10324
Last-Modified: Wed, 07 Jul 2021 17:07:45 GMT
Server: cloudflare
ETag: "60e5df61-2854"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lf99jM%2FprRhSEsnod0FKwZGkZvTFv67xdZyXQ9avtYEml1o5QdNI0fpqoPKjg61Ze7W2Yrh0EJn8nR3afJDs8fCB226ui%2FI1v2k42kjro6wG9R8BaAqb4AKOpPdDX%2FnKdD9oy941KRnV"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 66ba6532ff0a4e8c-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK srpthumb-p3807960-160x240-no.jpg
www.celebzz.com/wp-content/plugins/special-recent-posts/cache/ 9 KB
10 KB 211ms
18ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/plugins/special-recent-posts/cache/srpthumb-p3807960-160x240-no.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9601e1acbb8556de070ae1e0b64ab8c5f026981a574e5f14e6c22f9a536901b4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 80998
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 9478
Last-Modified: Wed, 07 Jul 2021 17:07:09 GMT
Server: cloudflare
ETag: "60e5df3d-2506"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KRZHZ5ouYoDUek3AckZMN1xleEbQyO0cWpXntPAo%2BGI6v%2BdivIkoAxCihRytobyCXBl6iyBBKR8IU55KfoKKVphwd3ISU15ERn%2B02miEzn99K%2FYPZ4yGpe%2BS4jq94FMopz3Dbc%2FVBHR3"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 66ba6532e93d4abd-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK srpthumb-p3807955-160x240-no.jpg
www.celebzz.com/wp-content/plugins/special-recent-posts/cache/ 11 KB
12 KB 205ms
22ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/plugins/special-recent-posts/cache/srpthumb-p3807955-160x240-no.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b75803202c57c3b9dddebf77203203bb340d2d007e8c3dbb7781866f337e44f7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 80998
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 11567
Last-Modified: Wed, 07 Jul 2021 17:06:01 GMT
Server: cloudflare
ETag: "60e5def9-2d2f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Z5%2Brjap67nAdxtSlqb6%2BRieDkvNBIas5L6vV9fgbSej%2BT71fIXNnewAbNaBkwLFiWRqyRxEf1z6FoJA60HIFZIQKF9%2FK3Kxyg%2BphrUE0ovH1J0defJJlqy%2FrXuQmFZNu65wGrxb3cMNf"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 66ba6532cee8dfcf-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK srpthumb-p3807942-160x240-no.jpg
www.celebzz.com/wp-content/plugins/special-recent-posts/cache/ 7 KB
8 KB 224ms
17ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/plugins/special-recent-posts/cache/srpthumb-p3807942-160x240-no.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66531754f37720a31ccdf6ada0be85ca12ca076cfa10648ca3336b1fe2cbb7ba

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 81703
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 7044
Last-Modified: Wed, 07 Jul 2021 16:55:29 GMT
Server: cloudflare
ETag: "60e5dc81-1b84"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IkwHnCUtabhIDQfB5nyfXx2%2FXCqAiTluR1zo9GWHVRp2MHJZFB5RTlcir3gpbmTaFWynpsDj%2B14qwtQtH%2BRDIYtxLbbE1e%2FF%2B3NQMPjJlIAHlt6%2BdroxmD1fMHgmPnA1idmtJFZQMk2Y"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 66ba6532ff37dfcf-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK srpthumb-p3807935-160x240-no.jpg
www.celebzz.com/wp-content/plugins/special-recent-posts/cache/ 11 KB
12 KB 208ms
20ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/plugins/special-recent-posts/cache/srpthumb-p3807935-160x240-no.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e50ee18363e5cbeeee6971e87db129273eaa73c212e8cb76a69c59a1b07eb8aa

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 81703
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 10965
Last-Modified: Wed, 07 Jul 2021 16:54:54 GMT
Server: cloudflare
ETag: "60e5dc5e-2ad5"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Tt2f1f1GzddXMJA37L11%2FMqOo04yq85eQ3g%2Fw3%2FBvkr6bhLHMYg6snmEddFxoaYriIGNc4ZvPS%2ByK7ic%2BTQeQLFB9Ncqc%2BKtwepne7uCdfGw3cS1UaR6d7rsTEgZlbsBEE86S3J499WV"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 66ba6532de6c4a61-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK srpthumb-p3807910-160x240-no.jpg
www.celebzz.com/wp-content/plugins/special-recent-posts/cache/ 7 KB
8 KB 209ms
27ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/plugins/special-recent-posts/cache/srpthumb-p3807910-160x240-no.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e886f8e30f47a959f2f3bfc2de5eb4a112624916f87a438a747eab36691bc643

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 81702
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 7656
Last-Modified: Wed, 07 Jul 2021 16:54:46 GMT
Server: cloudflare
ETag: "60e5dc56-1de8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cqTyj0hbhYNhiZPaRETsTwo4J8kzQGhuyQRneahdBa5Ykt0qJB8bqQEoEZ62a1mh4zmBRyBQcuNjUQU%2BtL0VjKD7myWCJFx7KLVfxb8mJcoQQFvfJvdmyycPhwy0Kie2SbpVoaZX8E76"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 66ba6532ceac4e8c-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK email-decode.min.js Show response
www.celebzz.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
8ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.celebzz.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cf-request-id: 0b285d928200004e0e49a13000000001
Last-Modified: Tue, 29 Jun 2021 09:14:34 GMT
Server: cloudflare
ETag: W/"60dae47a-4d7"
X-Frame-Options: DENY
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gPYUzhCRA2yajNWF8c%2FfPNHpiZJJzfgWDZQyBDtHSxd7pbZxE1tNtc4%2FQjz%2BvHicSUcCyD9PSQJnpdozPpDXO%2FJhGobw%2FdQH86tNIpLe4kq07Zll%2BRPU9WR5Spu8RFtOsRFEKHspe%2BjO"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=172800 public
CF-RAY: 66ba6530d8ac4e0e-FRA
Expires: Sat, 10 Jul 2021 15:37:41 GMT

GET
H/1.1 200
OK 14409 Show response
hosupshunk.com/t8VdWtsSUPQFQ3k/ 0
0 82ms
64ms Script
text/html 51.195.131.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://hosupshunk.com/t8VdWtsSUPQFQ3k/14409
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 51.195.131.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-51-195-131.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://www.celebzz.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H/1.1 200
OK main.js Show response
www.celebzz.com/wp-content/themes/hawtmen/js/ 505 B
1 KB 15ms
14ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/themes/hawtmen/js/main.js
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032b19d131b735f2ffb20bed03574dc1a05b3413cdc9f9ab0a9efd5bfb2353dd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 6603758
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Last-Modified: Thu, 25 Jan 2018 16:10:10 GMT
Server: cloudflare
ETag: W/"5a6a0162-1f9"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vbAFCqTLLb%2BhgMXZgOIpdGr8qSXv%2BOS024P5Tfznn2OBWmt6opQQw%2Fb%2FKXBpuZ%2BLcEOOsNz9Rrxy5WZBeb0kwjqUaMkL0fDzUtUzFHHptKt9QUUUyWjKVrZqD5K3XrkfJ5LxATxmR9dt"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=315360000
CF-RAY: 66ba6531399a4a61-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found template.js
www.celebzz.com/wp-content/themes/hawtmen/js/ 0
0 201ms
198ms Script
text/html 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/themes/hawtmen/js/template.js
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=K%2FVrixVu40p3gb10CwxI%2F%2FsVLeD8iqL7LF5jxoNAhr2lwQytBJOTRao1FqScbDfEyoKNJgnqleLSgdHiTZcnMsNo5lcnrJHQHm%2B8ZMIbMnyIRwzrcAcJ0y%2BxxaF4l9DQnIVFWMVHMqg5"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 66ba653139aa4e0e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK spt Show response
tg1.aniview.com//api/adserver/ 0
542 B 131ms
109ms Script
text/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.aniview.com//api/adserver/spt?AV_TAGID=5fb51f6a392877685a3bfa19&AV_PUBLISHERID=5fb51ce9c8b6ef66d03644b4
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 20
Expires: Thu, 08 Jul 2021 15:42:41 GMT

GET
H/1.1 200
OK ssba.js Show response
www.celebzz.com/wp-content/plugins/simple-share-buttons-adder/js/ 2 KB
2 KB 22ms
19ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=5.4.2
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 6603758
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Last-Modified: Mon, 25 May 2020 08:27:44 GMT
Server: cloudflare
ETag: W/"5ecb8180-792"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ae5A8O7hKvL7HUpGUyn1IpgDjUTVrKQR%2F3T9fMX75l4ZTC%2Bvw0OybiLIluETX3Li761RRT0Hujg1qW8zC%2FxY7360H66FJtUh9lNY4n7GZYrMoct%2BU7%2B9pwjFJYQ7AZ%2B%2FQXVVVgP026Qo"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=315360000
CF-RAY: 66ba65313befdfcf-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK detectmobilebrowser.js Show response
www.celebzz.com/wp-content/plugins/mystickysidebar/js/ 2 KB
2 KB 22ms
18ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/plugins/mystickysidebar/js/detectmobilebrowser.js?ver=1.2.3
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a258fa2108c7a4579876f75154378f19e3ee8af7753499bad8bfb18b56cb6dfc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 6603606
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Last-Modified: Thu, 09 Jul 2020 08:39:49 GMT
Server: cloudflare
ETag: W/"5f06d7d5-8a9"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FsutRieVGiDq4c9BwHmWQMxXTCr6fjp6xj0818McExPUs96OIKjHKgZk6uztFWBMJ9Gv4FmKlK3JWZAMCMXQA663ZCaM6Cx8GuiKblqLq%2BlRAuE%2BO9bPGvOupRQUvs7Lps7kFV7cCicK"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=315360000
CF-RAY: 66ba65313d0e4abd-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK theia-sticky-sidebar.js Show response
www.celebzz.com/wp-content/plugins/mystickysidebar/js/ 17 KB
5 KB 38ms
35ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/plugins/mystickysidebar/js/theia-sticky-sidebar.js?ver=1.2.3
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7a66c0cb964ac30903ab4db3f91847f5ce265c9f5aaed47c00d8154a9eab121

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 6603606
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Last-Modified: Thu, 09 Jul 2020 08:39:49 GMT
Server: cloudflare
ETag: W/"5f06d7d5-45ef"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WvO%2B6hb%2B9y%2FFLkWM0luZpsj%2BbiSX1KnpOIVYbMmFF%2BzgXrwRbhPpYwDM1TTngxVaHuZdMiIFzuApMddRkEElUqp2ktOxt%2F2XM9i1cgGn94iVV6ljlbmy%2B%2BphG9VH4bjMJ4J7mqzEcIJ5"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=315360000
CF-RAY: 66ba65313b5f4e8c-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
www.celebzz.com/wp-includes/js/ 1 KB
2 KB 14ms
12ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-includes/js/wp-embed.min.js?ver=5.4.2
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 6603758
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Last-Modified: Sat, 26 Oct 2019 00:17:07 GMT
Server: cloudflare
ETag: W/"5db39083-59a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EPb8MsLXXb%2Fsz4YERfThV7EBgrinQlkSWbTVzn4tkp904N2tG75wfPy3CmPeN0O47GYe%2Bi7l%2FY8E6uCqBmBtoybAx7qv9mg%2F3TyHgZ7LQrwUkyiBDZYDRVrSw2Nnj8HQenUr2tvGCPTo"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=315360000
CF-RAY: 66ba65313d2a05d0-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK form.js Show response
www.celebzz.com/wp-content/plugins/akismet/_inc/ 700 B
1 KB 16ms
16ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/plugins/akismet/_inc/form.js?ver=4.1.6
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Cookie: _ga=GA1.2.1475286884.1625758661; _gid=GA1.2.1863006764.1625758661; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 6603758
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Last-Modified: Mon, 15 Jun 2020 16:17:34 GMT
Server: cloudflare
ETag: W/"5ee79f1e-2bc"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HzL6%2Fxu6a5V6GaHlBWJGCJI4haT7n%2FEDhTLqPkAPZky9DVTTsga%2FMd%2BBk4pAL1GTl2sIpSKuAKIue2F8dPHxyIjzg%2FT2WNkewRrc5MX4KTrwNc8TQvfMeunza0Mc2Bk%2BkP6RIpccUNYS"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=315360000
CF-RAY: 66ba6532feda4a61-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK d.js Show response
waust.at/ 13 KB
8 KB 30ms
22ms Script
application/x-javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://waust.at/d.js
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3314
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 03 May 2021 17:48:21 GMT
Server: cloudflare
etag: W/"60903765-3444"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nERLyIhu6co2f1tBPK2y5ikEHgaaFLUd%2FO6D6h%2FOH4bae%2BD2jUpGjAy86PdqxAxBSFk2i1QsWyLd3Kl%2BqkdNeoOiAI4HKGji1h14fxEXkbXCjgMt2OTlqhQA8CZyd70idg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
CF-RAY: 66ba653198a52c01-FRA
expires: Fri, 09 Jul 2021 14:42:27 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
19 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 716
date: Thu, 08 Jul 2021 15:25:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Thu, 08 Jul 2021 17:25:45 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2

200

sdk.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/sdk.js
https://connect.facebook.net/en_US/sdk.js

3 KB
2 KB

7ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7bcbdc228e908f62aded415c1d653a51120a39596a57eee46a352c88dac52bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LAb3Xj7Tg/WFODtbn0myag==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: wJLTvI3m6QBITigh+nGpARwUaidVtAaRJHqDhOp+w2PDLtTquqAtu1UwRdHM7f816qr0YosIZP/FWLjD5D+YKA==
x-fb-trip-id: 686109401
x-fb-content-md5: 110ba84741b9bfd7a3e4cbfe290c6462
x-frame-options: DENY
date: Thu, 08 Jul 2021 15:37:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "54482557a0b1e73105bc0d23d1bb7d3f"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 08 Jul 2021 15:51:08 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.6
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.celebzz.com/wp-includes/js/ 14 KB
5 KB 23ms
22ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Cookie: _ga=GA1.2.1475286884.1625758661; _gid=GA1.2.1863006764.1625758661; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 6603606
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Last-Modified: Tue, 05 Nov 2019 22:04:02 GMT
Server: cloudflare
ETag: W/"5dc1f1d2-364d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RfQTudyeucXKqrMp6jh7XT87ynw6%2FX88Iw8TL5wg%2FsCVYebIfW17x4NCq7lo5ZJOSbg8iAFq4Ao46ID%2B29fstLUxS%2Bn8pG5NM2zFoZMRJKLdJ2SIrih7pFv5U9BGeC7dEuExTqdG0n7h"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=315360000
CF-RAY: 66ba6532f98a4abd-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tag.js Show response
ad.impactify.io/static/ad/ 2 KB
1 KB 59ms
21ms Script
application/javascript 2606:4700::6812:e13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.impactify.io/static/ad/tag.js
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6183659cb22d77ae18c90d5799e76c5c2f96f06868c29dc39925ffcb29144109

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:41 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3543
x-amz-request-id: 7DRF4FCE1C1BY9NR
x-amz-id-2: tXMdd0/+uPr1vvg8iX34uzA0SRzFt7w5xfOkIn2mufA1FbG0R+a9B6YGEZ0Alf131WoeZdi+F0Q=
last-modified: Mon, 28 Jun 2021 22:32:05 GMT
server: cloudflare
etag: W/"91a4f8048ee2bdd437dc4fc3afc8fcb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-version-id: bAw0W.17f7Lyz1OPsw17uRTgzizjIzG4
cf-ray: 66ba6531c92b4db8-FRA
expires: Thu, 08 Jul 2021 16:37:41 GMT

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.celebzz.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 04:27:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 May 2021 21:21:19 GMT
Server: sffe
Age: 213029
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14440
X-XSS-Protection: 0
Expires: Wed, 06 Jul 2022 04:27:12 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.celebzz.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 04:29:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 May 2021 21:21:50 GMT
Server: sffe
Age: 212863
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15112
X-XSS-Protection: 0
Expires: Wed, 06 Jul 2022 04:29:58 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.celebzz.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 07:00:42 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 May 2021 21:21:24 GMT
Server: sffe
Age: 203819
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14992
X-XSS-Protection: 0
Expires: Wed, 06 Jul 2022 07:00:42 GMT

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame 919B 2 KB
1 KB 23ms
6ms Document
text/html 2600:9000:21f3:6400:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6400:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Thu, 08 Jul 2021 15:25:19 GMT
etag: W/"865-g9QqzjbIJI1xmvSY3DM2A/8Cpl8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: PtrVJLwAdaQSRuUaQuBbV_0j9_C-xjukn2OWEayeJ4a5D06b4kPGZQ==
age: 742

GET
H/1.1 200
OK ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 57ms
20ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jul 2021 16:35:27 GMT
Server: NetDNA-cache/2.2
ETag: W/"14f4-17a81d30457"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: https://lockerdome.com
Content-Length: 2348

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 55 KB
56 KB 46ms
35ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.4.2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: http://www.celebzz.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.4.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 6601305
cdn-cachedat: 2021-04-23 07:32:05
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 56780
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 22a46b0693a96fe84faec44d475d14c8
accept-ranges: bytes
cf-ray: 66ba653189c0dfe7-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2

200

vast_tag.js Show response
mahimeta.com/networks/
Redirect Chain

http://mahimeta.com/networks/vast_tag.js?cache=1625758661
https://mahimeta.com/networks/vast_tag.js?cache=1625758661

17 KB
5 KB

35ms
18ms

Script
application/javascript

2606:4700:3032::ac43:d513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mahimeta.com/networks/vast_tag.js?cache=1625758661
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7f937942475665b3fb41633d9df5bcec1423c5424b43000b34120dfcef6d42e

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 04 Jan 2021 21:14:09 GMT
server: cloudflare
etag: W/"5ff38521-447e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VQHcIfcpRpUp9%2B3YQtPZG10a2RmTV02g5HOa3g1AZFNV1F42mpHxIX%2BgLAmGnpm8QinUcIy4a%2B7kedvSTP2qqiNKKGzXXDvhK3cAoqKNf2ZK1M3lNCG4pWgwf14%2FYI9STIbKWqcN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
cf-ray: 66ba65321b02073e-FRA
expires: Sat, 07 Aug 2021 15:37:40 GMT

Redirect headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zS6Kkj4Nd%2FiL2uW40fLfeEr3W1g4xpn7GpLUhnakXGvgA1VT5r%2BshN%2Bzg3B5E8F2INKaOOmeXYmzLsCcX30U8Fc3rHva7JgxMm6obKROOMdGUf7I9FPTN67PUYsvYm%2Bu%2Bj6zbO0H"}],"group":"cf-nel","max_age":604800}
Location: https://mahimeta.com/networks/vast_tag.js?cache=1625758661
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 66ba6531ad654e6e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b285d930b00004e6e55b84000000001
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/ 240 KB
89 KB 45ms
29ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8340352295618934&plah=www.celebzz.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77dc4e5bc1c42cd2a6f390b77286de6df5f0ead908357a4c0df4c2de59f60716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91041
x-xss-protection: 0
server: cafe
etag: 14008214618944263571
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 08 Jul 2021 15:37:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210624/r20190131/ Frame 7DCA 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210624/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210624/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 07 Jul 2021 15:50:10 GMT
expires: Wed, 21 Jul 2021 15:50:10 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 85651
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 234 KB
68 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d87e7ff46ea1f90764e6093a25ad14da

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f2bb94940413e0bfcb3354195eba35e2101005ca0195fc53489a065892f5cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://www.celebzz.com
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: nMJ39Gek/euMoGg2t84WVg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69367
x-fb-rlafr: 0
x-fb-debug: 6yGYGBh/fecATLsmDOLM9zUiTCwlVQZH7ChPl3/1iZWXjearGVikNg7ZmZoVD2VPffnJFHd/kktoAGggjThBUw==
x-fb-content-md5: 833d11df3fd9c8b27d3d088a87f651bb
x-frame-options: DENY
date: Thu, 08 Jul 2021 15:37:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ec613e5b9ed5ca251510bccc0077232f"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 08 Jul 2022 13:08:20 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=746912040&t=pageview&_s=1&dl=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&ul=en-us&de=UTF-8&dt=Melanie%20Brown%20Steps%20out%20to%20dinner%20with%20her%20friend%20Gary%20in%20Glendale%20-%20Celebzz%20-%20Celebzz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=719275723&gjid=2066215930&cid=1475286884.1625758661&tid=UA-53583176-1&_gid=1863006764.1625758661&_r=1&_slc=1&z=116519763

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.celebzz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
336 B 142ms
36ms XHR
text/plain 52.29.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1625758661286.52565&hostname=www.celebzz.com&location=%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&bsamesite=true&consent_cookie_duration=178&consent_duration=178&gdpr_domain=.consensu.org&gdpr_method=cookie&url=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&title=Melanie%20Brown%20Steps%20out%20to%20dinner%20with%20her%20friend%20Gary%20in%20Glendale%20-%20Celebzz%20-%20Celebzz&sop=false&description=celebrity%20pictures%2C%20celebzz%2C%20pictures%2C%20Daily%20Celebrities%20Pictures%2C%20hollywood%2C%20pics%2C%20candid%2C%20famous%2C%20actresses%2C%20celebzz%2C%20celebrity%2C%20los%20angeles%2C%20pictures%2C%20pretty%2C%20actress%2C%20model%2C%20sexy
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: http://www.celebzz.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 screen.js Show response
ad.impactify.io/static/ad/v5f/ 221 KB
72 KB 24ms
24ms Script
application/javascript 2606:4700::6812:e13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.impactify.io/static/ad/v5f/screen.js?v=5r87
Requested by: Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ef094c6e01e887d9e844323dbafd3c445c5462fe8e2b3241abade6493321bab

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:41 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3543
x-amz-request-id: 7DR3N9DDVE23BBPH
x-amz-id-2: vcMIf0HxUIeAThbBe1Yi/z4jZaqXVVGuF7Fq2a7Xdj9Y4NPvEdR2RpPodd/wPhjFG+Y8W9IUeao=
last-modified: Mon, 28 Jun 2021 22:31:39 GMT
server: cloudflare
etag: W/"1e59c1eda8db27c1213c2297bf0cd108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-version-id: ZP2k5hDVp4OPSfH.uEPRkK32eNGhivGE
cf-ray: 66ba65327ace4db8-FRA
expires: Thu, 08 Jul 2021 16:37:41 GMT

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 63ms
42ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:32:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Apr 2020 10:44:16 GMT
X-CDN-Pop-IP: 137.74.120.0/27
ETag: "-375139978"
X-Cacheable: Matched cache
Vary: Accept-Encoding
X-IPLB-Instance: 40746
Content-Type: text/javascript
X-CDN-Pop: sbg
Accept-Ranges: bytes
X-IPLB-Request-ID: 8B1CDB6C:80DC_2E69C9F0:0050_60E71BC5_125AB2:9D26
Content-Length: 4547
X-Request-ID: 715919802

GET
H/1.1 200
OK 13235904936384614 Show response
lockerdome.com/lad/ Frame D4FE 1 KB
2 KB 524ms
158ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/13235904936384614?pubid=ld-7310-7070&pubo=http%3A%2F%2Fwww.celebzz.com&rid=&width=538
Requested by: Host: cdn2.lockerdomecdn.com
URL: http://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.celebzz.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Thu, 08 Jul 2021 15:37:41 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
659 B 105ms
38ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.celebzz.com&callback=_gfp_s_&client=ca-pub-8340352295618934

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8340352295618934&plah=www.celebzz.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d4fec1e4b91d6489adf3868159e607bcfc0ae733414d2992330346c4da9ea3f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.celebzz.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 15:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
317 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.celebzz.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 15:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0088 603 B
68 B 45ms
31ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8340352295618934&output=html&adk=1812271804&adf=3025194257&lmt=1625758661&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&ea=0&flash=0&pra=5&wgl=1&dt=1625758661403&bpp=5&bdt=342&idt=142&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2939721696992&frm=20&pv=2&ga_vid=1475286884.1625758661&ga_sid=1625758662&ga_hid=746912040&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=463318738551836&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=163

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8340352295618934&output=html&adk=1812271804&adf=3025194257&lmt=1625758661&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&ea=0&flash=0&pra=5&wgl=1&dt=1625758661403&bpp=5&bdt=342&idt=142&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2939721696992&frm=20&pv=2&ga_vid=1475286884.1625758661&ga_sid=1625758662&ga_hid=746912040&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=463318738551836&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=163
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 08 Jul 2021 15:37:41 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 08-Jul-2021 15:52:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Jul 2021 15:37:41 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea666b0953da9928fad569dd20e99bc4900935a2ba63f82246e4d0c4012e1970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:41 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625657948508962"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27726
x-xss-protection: 0
expires: Thu, 08 Jul 2021 15:37:41 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 45ms
38ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-8340352295618934&c=17&e=2570847921467975139&n=0&t=0&w=242&x=0

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:41 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
services.vlitag.com/uv/ 13 B
707 B 159ms
137ms XHR
application/json 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/uv/?page_url=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&mtk=91

Requested by

Host: services.vlitag.com
URL: http://services.vlitag.com/adv1/?q=54e09c31ad7d306ae43be19b235e354f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:41 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 8 Jul 2021 15:37:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EUIGtm1pkpBiCyt3sX2DavRW9FGjQTb3fjlHimGCz1ykUpbF1Xz6l%2Fcv49Q8%2FaU%2BirrLIamTzU0gGLcsnLBAvfV1PUDnge%2Bw2jat1g5rdM0cwGLH2bpeVd9iAQERuUNdgkzc0IBLm080XUty"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: http://www.celebzz.com
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 66ba653318cf16e6-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 54e09c31ad7d306ae43be19b235e354f.js Show response
tag.vlitag.com/v1/1625726623/ 501 KB
129 KB 38ms
30ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://tag.vlitag.com/v1/1625726623/54e09c31ad7d306ae43be19b235e354f.js

Requested by

Host: services.vlitag.com
URL: http://services.vlitag.com/adv1/?q=54e09c31ad7d306ae43be19b235e354f

Protocol

HTTP/1.1

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5303d3dd47ea0e46cdb18dd3074284010e48d10ad64ccc042732374059c1cf0f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 31806
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Cf-Bgj: minify
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MKNAuGedCLE6nePzNCuf1N6oubGuo8%2BrL2Bf1oRYYGDPcManJ3IIrdN2O4ikMkEVO7yPm0I3mKGuK3%2FRKeZXDgVyZxQTDUxkncvluEhrdI7HjLT4QkGQkn3v7dPziNP%2Fd6eJG4u04g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=31536000, immutable
CF-RAY: 66ba6532fca896da-FRA

GET
H3-29 200 frame_ref.php Show response
mahimeta.com/networks/ Frame FA2C 1 KB
1014 B 66ms
51ms Document
text/html 2606:4700:3032::ac43:d513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mahimeta.com/networks/frame_ref.php
Requested by: Host: mahimeta.com
URL: http://mahimeta.com/networks/vast_tag.js?cache=1625758661
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf53475933a3501e640b0ddee2ee40938cc086ec446be3362964feed16dc7412

Request headers

:method: GET
:authority: mahimeta.com
:scheme: https
:path: /networks/frame_ref.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cf_bm=c4c77909bbcc46e5449b60243d4e89afcfd01a8c-1625758661-1800-AaKy0l8BMChisQtkcZRsDYoLrUpIxS4MzNJEmsCQN9hD/egrBy5dYpiXecft9mwYXvVAIDITcn5ti2u9JdqxSxs=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

date: Thu, 08 Jul 2021 15:37:41 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pgONK8rfGmrCo39AxqpQxx5QKk4yv5ulOBIZipQM8AsKNb3Eby8ZgMXqU7X3G2WxCANxmvPhAgKkgQKEodEe0FVyaA5981mU91KgO8tDx4rrojiJg5oDMFidyKy7WX9hkR76Xn92"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66ba65331cd7c2bd-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H/1.1 200
OK / Show response
adserve.mahimeta.com/networks/time/ 32 B
1 KB 56ms
39ms XHR
text/html 2606:4700:3032::ac43:d513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://adserve.mahimeta.com/networks/time/?domain=www.celebzz.com&pathname=%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&query=&currentPage=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&screenWidth=1600&screenHeight=1200&landed=true&ping=false
Requested by: Host: mahimeta.com
URL: http://mahimeta.com/networks/vast_tag.js?cache=1625758661
Protocol: HTTP/1.1
Server: 2606:4700:3032::ac43:d513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42de001995e87984e667fe12f86ffc287a31f9f47d12403c55daa7846072e315

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:41 GMT
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-Token
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UP5GdLfJJdsCqiJAwD%2FSeWOpoeX6zG1gpFJUeaHG8kI%2FcTOxCmeCghIZ1Ur7Ui4bkrtB%2FWmYYcH5aZaBCCF%2BH7YicK1yPqpAPWJA%2FtmzBAaJGhSv%2BLS2u7%2BVo%2Fk%2F11jycylXNyuXh%2FbLQsyFkU8%3D"}],"group":"cf-nel","max_age":604800}
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
CF-RAY: 66ba653319ed4e37-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 tag_config.js Show response
mahimeta.com/networks/ 38 KB
14 KB 39ms
30ms Script
application/javascript 2606:4700:3032::ac43:d513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mahimeta.com/networks/tag_config.js?ver=122.2
Requested by: Host: mahimeta.com
URL: http://mahimeta.com/networks/vast_tag.js?cache=1625758661
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69e10d1e8491820cc1e05ead1fd62f8048a63e9450f7b54b626eda195e7899e5

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 517107
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uJ33UKBypM5Qx0HZSk19F5C%2FbO%2BFUqYuT8bImvB7ymmxaXUdIhmAW8gU8LsX%2BcQZhXifZDwBXNEWw%2F%2BbSCMFVihVaNL7d2cu2CcVkq1kMh%2B7ip1F3Xetb94ArXSbx36ju%2Bu5I5SW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
cf-ray: 66ba65331cd9c2bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ 29 B
213 B 230ms
207ms Script
text/javascript 67.202.94.93
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=th0m99f4yi&t=Melanie%20Brown%20Steps%20out%20to%20dinner%20with%20her%20friend%20Gary%20in%20Glendale%20-%20Celebzz%20-%20C&c=d&x=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&y=&a=0&v=27&r=5529
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Server: 67.202.94.93 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: c239706ac91ab82f62386459b84e33159cab9be74b3de6149cc86c1c5e9b44e9

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:41 GMT
content-encoding: gzip
transfer-encoding: chunked
content-type: text/javascript;charset=UTF-8

GET
H2 200 loader.json Show response
dvr.impactify.io/celebzz.com/ 4 KB
2 KB 55ms
25ms XHR
application/json 2606:4700::6812:e13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dvr.impactify.io/celebzz.com/loader.json?v=5r87
Requested by: Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5f/screen.js?v=5r87
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 002c7038bcab10a8b618a655984729abe996fc39f412ae07df5a37641985a3c4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:41 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 2540
content-type: application/json; charset=utf-8
x-amz-request-id: J9PRMZJXGK3C78T6
x-amz-id-2: JIV/yPMzY770i37YRwuGz5jX5uphrBSqPgEzuf2AaOYoTvbb6m0aayrsUZthTWC0IzYGjEpgD5s=
last-modified: Fri, 21 May 2021 14:01:04 GMT
server: cloudflare
etag: W/"b422d4bb8ca363751cbea43d884e6819"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-language: en
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 66ba65336ed74a6d-FRA
expires: Thu, 08 Jul 2021 16:07:41 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 50 B
184 B 393ms
130ms Script
text/html 192.99.0.58
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?2352469&@f16&@g1&@h1&@i1&@j1625758661638&@k0&@l1&@mMelanie%20Brown%20Steps%20out%20to%20dinner%20with%20her%20friend%20Gary%20in%20Glendale%20-%20Celebzz%20-%20Celebzz&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-171795954&@b3:1625758662&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.0.58 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500326.ip-192-99-0.net
Software: /
Resource Hash: ddfa11b105202603c2ae73f6cd3b7b2248f7deec238bcbf0f8bc98df13f34bf1

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Connection: close
Content-Length: 50
Content-Type: text/html;charset=UTF-8

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
315 B 36ms
35ms Image
text/plain 52.29.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1625758661286.52565&hostname=www.celebzz.com&location=%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&bsamesite=true&consent_cookie_duration=178&consent_duration=178&gdpr_domain=.consensu.org&gdpr_method=cookie&url=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&title=Melanie%20Brown%20Steps%20out%20to%20dinner%20with%20her%20friend%20Gary%20in%20Glendale%20-%20Celebzz%20-%20Celebzz&sop=false&description=celebrity%20pictures%2C%20celebzz%2C%20pictures%2C%20Daily%20Celebrities%20Pictures%2C%20hollywood%2C%20pics%2C%20candid%2C%20famous%2C%20actresses%2C%20celebzz%2C%20celebrity%2C%20los%20angeles%2C%20pictures%2C%20pretty%2C%20actress%2C%20model%2C%20sexy&gdpr_domain=.consensu.org&gdpr_method=cookie&description=celebrity%20pictures%2C%20celebzz%2C%20pictures%2C%20Daily%20Celebrities%20Pictures%2C%20hollywood%2C%20pics%2C%20candid%2C%20famous%2C%20actresses%2C%20celebzz%2C%20celebrity%2C%20los%20angeles%2C%20pictures%2C%20pretty%2C%20actress%2C%20model%2C%20sexy&img_pview=true
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H/1.1 200
OK / Show response
adserve.mahimeta.com/networks/ 0
1 KB 68ms
68ms XHR
text/plain 2606:4700:3032::ac43:d513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://adserve.mahimeta.com/networks/?domain=www.celebzz.com&pathname=%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&query=&currentPage=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&size=Responsive&placement=inline&adId=mMTag_Responsive_2234&screenWidth=1600&screenHeight=1200&keywordViolation=false&blockedKeyword=&autoBlock=false&timezone=-2&currTime=15:37&desktop=hide&tablet=hide&mobile=hide&time_exceeded=false&page_categories=
Requested by: Host: mahimeta.com
URL: http://mahimeta.com/networks/vast_tag.js?cache=1625758661
Protocol: HTTP/1.1
Server: 2606:4700:3032::ac43:d513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:41 GMT
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-Token
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TQA%2BqQ4YTw4LyhkvOLoTSiid%2Fcpzbjwbk7nK3w4jLRUKL8CjrNxT65gQN108IbWeAPJLfKlvj3m%2BWoPxCXKB%2Fm45Es4QyC4VODdh85sRybPFzcrHYj0uKcqcpBLH8z%2FUa%2FmKDsoHbtlc3b0d0Cw%3D"}],"group":"cf-nel","max_age":604800}
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
CF-RAY: 66ba6533dc004e37-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 cmp-v2.0.1.js Show response
assets.vlitag.com/plugins/cmptcf2/ 267 KB
68 KB 58ms
27ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1625726623/54e09c31ad7d306ae43be19b235e354f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1275093
cf-polished: origSize=489839
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 29 Dec 2020 02:18:12 GMT
server: cloudflare
etag: W/"5fea91e4-7796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XQnkr%2BfO6v6xWcSkl280XC%2Bftbk6rfQ%2BkjK6zqTC1GRs2g%2FhjSnBQg9mcB%2BMr%2BFLBEpbxKF7eAjiLOG5pdNCgy%2Bm7mWPAe0DpCaUNxezoNU6AGjTSHAIFfMTFs7b9C4%2Fm%2B5h4JE%2FgixH2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 66ba65342d202c3a-FRA
expires: Wed, 23 Jun 2021 21:56:07 GMT

GET
H/1.1 200
OK prebid-v5.0.4.js Show response
assets.vlitag.com/prebid/default/ 430 KB
134 KB 39ms
22ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1625726623/54e09c31ad7d306ae43be19b235e354f.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adde6bf4af70bdf43fb3a175f9a763903f4abb329a37d5a2ecc293a6b8256e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 180625
Cf-Polished: origSize=440890
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 06 Jul 2021 13:27:03 GMT
Server: cloudflare
ETag: W/"60e45a27-6ba3a"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SbrkBHmzveo9SwOCzblizw1863JB1sMZa5%2B4OmxOsAUogvyD5OZHxtJ519fcfvt2cNCgi5b3aap5wM4ZVcTj4A3vN8fWZaoLaSGXtfodY4qy%2FiEI%2FvxvGV4c7A6BEwzPZBMi5hJKQgIXVA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Expires: Tue, 06 Jul 2021 13:57:16 GMT
Cache-Control: max-age=16070400
CF-RAY: 66ba653419e81f25-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 68 KB
24 KB 21ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1625726623/54e09c31ad7d306ae43be19b235e354f.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0446457ca648e3281c36ac2428533b91ed017fc27a568cfc0b5fa6bd2d335782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "924 / 233 of 1000 / last-modified: 1625742623"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 24143
X-XSS-Protection: 0
Expires: Thu, 08 Jul 2021 15:37:41 GMT

GET
H/1.1 200
OK viPlayer_v45.min.js Show response
assets.vlitag.com/plugins/vlPlayer/ 13 KB
6 KB 38ms
22ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/vlPlayer/viPlayer_v45.min.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1625726623/54e09c31ad7d306ae43be19b235e354f.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cce2306a2b7a641280a0e61d53b3cd645edb91d9389edaa2ba961a29337cfc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2066873
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 14 Jun 2021 17:20:56 GMT
Server: cloudflare
ETag: W/"60c78ff8-34ff"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mmHzZltAfDgA7Iyr5%2B%2Fk7F6xcYeClFd472Jf4XYp1bB8wBJ5X4BXfq4V6jXkEa2QsT3ZwkYBnQcvhwwQIpaN7FgKbbPK8NgJhjQM9v6uYWi4SLOvF07H8v3fDFzYS302x2WoKf4PxyBWcw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=16070400
CF-RAY: 66ba65341c052c19-FRA
Expires: Mon, 14 Jun 2021 17:59:48 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 339 KB
116 KB 21ms
14ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1625726623/54e09c31ad7d306ae43be19b235e354f.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 118860
X-XSS-Protection: 0
Expires: Thu, 08 Jul 2021 15:37:41 GMT

GET
H/1.1 200
OK sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
19 KB 34ms
19ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1625726623/54e09c31ad7d306ae43be19b235e354f.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2069765
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 01 Nov 2019 05:04:50 GMT
Server: cloudflare
ETag: W/"5dbbbcf2-9806"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JSgoQ8RmJ1LoCtPlqOPBXXC8iSR42XfySRRN8wSQ5f%2BD80NG%2BC8LDM6f2INBt%2BoxE2nvdRuugHnsw6la2M842ab9NQUy624zyS8hJ5E1QGsC5cUPAudEnX7oStM9n0c6r8TRDZoVWwaylA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=16070400
CF-RAY: 66ba65341dfc4ed4-FRA
Expires: Mon, 14 Jun 2021 17:11:36 GMT

GET
H2 200 pubads_impl_2021070701.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 103ms
37ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js?31061757

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

b63d3a021bc40338676b7587fc61214da3ab273779ffa0a97b1a94921f655734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Jul 2021 08:38:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117051
x-xss-protection: 0
expires: Thu, 08 Jul 2021 15:37:41 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 66 B
728 B 104ms
38ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.celebzz.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2661ef602de22f915ee03967ecc437feed5d07f8297884dbe43fe85ea9aa7e91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 15:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71
x-xss-protection: 0
expires: Thu, 08 Jul 2021 15:37:41 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 24ms
6ms XHR
application/json 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210708

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

55c26a6237909d2b6ea9ce62f59a02af51bd25af788fa940371341e6d9b9a92c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1955
x-jsd-version: 1.0.1032
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 946
etag: W/"69c-NvBjnUUHwAKAjdeeaL2dxU8ehFM"
x-served-by: cache-fra19123-FRA
x-jsd-version-type: version
date: Thu, 08 Jul 2021 15:37:41 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 74 KB
75 KB 31ms
30ms Image
image/webp 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.vlitag.com/widget/2020/06/22/1592801729.jpg

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:41 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 162162
Cf-Polished: qual=85, origFmt=jpeg, origSize=103053
Content-Disposition: inline; filename="1592801729.webp"
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 75514
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Jun 2020 04:55:29 GMT
Server: cloudflare
ETag: "5ef039c1-1928d"
X-Robots-Tag: noindex, nofollow
Vary: Accept
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LFbDGVRAV3eMjWl8DQ7YR0wj2EONLdXqd4Q%2B6fV2Q0BUpFBp8qz5CDGDoQfBSQgraEo4GOB6d7g2IiRk2KBXVelMP3adel%2F%2F1VRg%2BizV4y2CDY6SYSIvgr0ucVxEggy8U7JUX3bDNbdUlA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Expires: Tue, 06 Jul 2021 19:04:59 GMT
Cache-Control: max-age=16070400
Accept-Ranges: bytes
CF-RAY: 66ba6534bae81f25-FRA
Cf-Bgj: imgq:85,h2pri

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 212 B
397 B 82ms
15ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: a2e83d463c96dd7168b0a4f9b8484f3e780e2f09bf18c8672b510d94fd624d62

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:42 GMT
server: nginx
content-type: application/json
access-control-allow-origin: http://www.celebzz.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 212
expires: 0

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/
Redirect Chain

https://ads.us.e-planning.net/pbjs/1/2c995/1/www.celebzz.com/ROS?rnd=0.3115249782254208&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=http%3A%2F%...
https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?ct=1&r=pbjs&rnd=0.3115249782254208&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=h...

62 B
383 B

37ms
36ms

XHR
application/json

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?ct=1&r=pbjs&rnd=0.3115249782254208&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&gdpr=1&gdprcs=
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: be01b23a6ab9ef9dbe693126fe64fcca0b073cbb6fd60f9ceb3a8a5355218855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:42 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: http://www.celebzz.com
expires: Thu, 08 Jul 2021 15:37:42 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 62
x-sid: AMS-606

Redirect headers

date: Thu, 08 Jul 2021 15:37:42 GMT
server: openresty
access-control-allow-origin: http://www.celebzz.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/www.celebzz.com/ROS?ct=1&r=pbjs&rnd=0.3115249782254208&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-606

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 103ms
34ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Thu, 08 Jul 2021 15:37:42 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 254 B
941 B 125ms
51ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

36a5f17ae509df64e4429c2c9260ddd7434473d7b5427e6f797d71b0558eff2a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:42 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid: a6b752f7-0646-4834-813f-beb62f6854ff
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 254
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
236 B 316ms
118ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Thu, 08 Jul 2021 15:37:41 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 20
vary: origin

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
360 B 339ms
323ms XHR
text/plain 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jul 2021 15:37:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: http://www.celebzz.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6e0pGxZOBUymQDBE1bAwZbeGiwIVE2Q%2BiHBxUN0%2BKSjmHYct05Kap88PvyTr%2FD0kcRuTbTr8wNb7a8VgDVpyaWbl9gsmW5rYlMjIfQO89iOZb7UA9mA784Nqy%2BceZme3YH8IskdmwK1Y0fl4sA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 66ba653538da4db2-FRA

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
114 B 105ms
34ms XHR
text/plain 52.29.213.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-213-60.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Thu, 08 Jul 2021 15:37:42 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 64ms
20ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.0.0&cb=89729700034
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Thu, 08 Jul 2021 15:37:41 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 250 B
937 B 126ms
57ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

edefddb5552b8049c93a08a46ffcecf569edd61e065ac9c8b74b73c86136bc66

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:42 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid: 2fea9a94-34c8-4f35-8941-4e308a3e0985
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 250
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 58ms
21ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.0.0&cb=4386624410
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Thu, 08 Jul 2021 15:37:41 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
260 B 342ms
155ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Thu, 08 Jul 2021 15:37:42 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 39
vary: origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
113 B 96ms
34ms XHR
text/plain 52.29.213.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-213-60.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Thu, 08 Jul 2021 15:37:42 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 249 B
936 B 94ms
34ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a6249f68a343ae0e1222b111b665e867524261aa0fadcb24fb5761dacd67f27f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:42 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid: 1dac71f4-e2f4-469b-8aa1-232501942951
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 249
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
616 B 297ms
293ms XHR
text/plain 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jul 2021 15:37:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: http://www.celebzz.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WXI1m%2Frdt3uOJQz9%2BE%2FEp8rUY3YqIgzzNuIJ947%2Buiq%2FVDZpZV7QSzJ%2Fip2KJ2TpvYpkisqtmHkz0ZUF1jBWhl00lNrhX27AFJRDpS4jUSmK1o67ix4XYcD7lZU4pkPFf58AgpNJ%2BilZSTEmeA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 66ba653538dc4db2-FRA

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 88ms
35ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Thu, 08 Jul 2021 15:37:42 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 255 B
942 B 144ms
85ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e143dde7f7d21d4e0f6e4716640cb627a2399893163a165820db381330358984

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:42 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid: 65cf8587-3a12-42c5-9c76-131abc58b082
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 255
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/
Redirect Chain

https://ads.us.e-planning.net/pbjs/1/2c995/1/www.celebzz.com/ROS?rnd=0.3115249782254208&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown...
https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?ct=1&r=pbjs&rnd=0.3115249782254208&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2Fmel...

63 B
384 B

36ms
35ms

XHR
application/json

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?ct=1&r=pbjs&rnd=0.3115249782254208&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&gdpr=1&gdprcs=
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 58869f44d637b47ec364672d4275b69f7d38b117ab33e0ce6c84d739e192202e

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:42 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: http://www.celebzz.com
expires: Thu, 08 Jul 2021 15:37:42 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 63
x-sid: AMS-606

Redirect headers

date: Thu, 08 Jul 2021 15:37:42 GMT
server: openresty
access-control-allow-origin: http://www.celebzz.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/www.celebzz.com/ROS?ct=1&r=pbjs&rnd=0.3115249782254208&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-606

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 36ms
36ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Thu, 08 Jul 2021 15:37:42 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 ROS Show response
ads.us.e-planning.net/pbjs/1/2c995/1/www.celebzz.com/ 63 B
384 B 34ms
34ms XHR
application/json 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/pbjs/1/2c995/1/www.celebzz.com/ROS?rnd=0.3115249782254208&e=160x600_0%3A160x600%2C120x600&ur=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&gdpr=1&gdprcs=
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 0914701ad443e5f9b78f0895e4078e63d3c29764d39fa5770eb62e9937039344

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jul 2021 15:37:42 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: http://www.celebzz.com
expires: Thu, 08 Jul 2021 15:37:42 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 63
x-sid: AMS-606

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 22ms
22ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.0.0&cb=5455460491
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Thu, 08 Jul 2021 15:37:41 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 139 B
826 B 29ms
29ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

fcb3152f4faab396c084afee41f3c5daefea1a0cd3619a2e7c1d706efb4a5f67

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:42 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid: 39a5f25e-dec9-4845-abe2-b81c2b1a66c4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 213 B
397 B 14ms
14ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 92cc1bccf53cf6d8724ecb81535a1e013846d1d3cbd27349beb9c21c92d690cd

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:42 GMT
server: nginx
content-type: application/json
access-control-allow-origin: http://www.celebzz.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 213
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
367 B 195ms
110ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Thu, 08 Jul 2021 15:37:41 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 12
vary: origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 138 B
825 B 66ms
55ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

9b0e90031be582284c8de54cd2025277e48978d2a11ede156916ffeb86d82b7c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:42 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid: f38d7d2d-e769-4d3a-a366-eeb058a53fe4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 quantumdex Show response
useast.quantumdex.io/auction/ 3 KB
3 KB 400ms
400ms XHR
application/json 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d8790a1b64661b91867073f252f9f06fc5a6bbee6a6d7c1949d2a8f573ae99e

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jul 2021 15:37:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: http://www.celebzz.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=k2xrf2RzkOHMciwvYeVd%2Bb5Vb2NI94GtcHYSNveuLtE38PhHaNinsYtnNJmCpCKtrgBZpP9P3HpM8wYawZBR9aMdRB08LjcVKefiN3o9oWt67Y7FuMj2hBl8%2BIvLTKeoxXSQolj7ejZi7WlT0w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 66ba6535ca284db2-FRA

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame D4FE 45 KB
17 KB 15ms
14ms Script
text/javascript 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/13235904936384614?pubid=ld-7310-7070&pubo=http%3A%2F%2Fwww.celebzz.com&rid=&width=538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 2744
date: Thu, 08 Jul 2021 14:51:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Thu, 08 Jul 2021 16:51:58 GMT

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 213 B
397 B 14ms
14ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: aac59866087fa855619da8881d3e9e18c9d4b263a917033d54f2e0daae6ba143

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:42 GMT
server: nginx
content-type: application/json
access-control-allow-origin: http://www.celebzz.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 213
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 250 B
937 B 49ms
49ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

6eddbd3e3c79d1e82e9b51ac236a9555f958312adbae806f2f873260afaae3bb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:42 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid: 9614c976-9374-4dcf-a33e-d3383a6fa940
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 250
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 256 B
943 B 127ms
119ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

c4fc2c7ff564a1d17ae55020d3c8e5ad64fa3389101d1700f91b3d9683e74117

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:42 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid: 0506f74a-2c71-47b3-b9f6-46cf1d4ed62c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 256
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 quantumdex Show response
useast.quantumdex.io/auction/ 3 KB
3 KB 251ms
251ms XHR
application/json 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ec8ba4d619a1d4d95d6a496985bb1225642efbf15204ee61d32f5ce226d80ac

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jul 2021 15:37:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: http://www.celebzz.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4wXy1TDo%2Bo2Hszm3BFkS4HwkrX2K7VUMm%2FVvb6hbcJYp%2BNzLCPrthMQNL0F4SS7wB9Ze%2FEnbIRQz8cqiNYSvDv6d9PD8uayLyFMkP3RIJOYZp8Czb56YzMi0Ffnq8WO9PNWBwqpQREUhKlcsug%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 66ba6535ea6d4db2-FRA

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 21ms
21ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.0.0&cb=472923574
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Thu, 08 Jul 2021 15:37:41 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
236 B 248ms
186ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Thu, 08 Jul 2021 15:37:41 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 70
vary: origin

GET
H2 200 ROS Show response
ads.us.e-planning.net/pbjs/1/2c995/1/www.celebzz.com/ 75 B
396 B 35ms
34ms XHR
application/json 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/pbjs/1/2c995/1/www.celebzz.com/ROS?rnd=0.3115249782254208&e=300x250_0%3A300x250%2C300x600%2C160x600%2C250x250%2C120x600%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&gdpr=1&gdprcs=
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 5cb0002d3437280a632e9d1c4e8cab3d325369f209a379dbd5e7cba1a6bb92a0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jul 2021 15:37:42 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: http://www.celebzz.com
expires: Thu, 08 Jul 2021 15:37:42 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 75
x-sid: AMS-606

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 36ms
36ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Thu, 08 Jul 2021 15:37:42 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
113 B 34ms
34ms XHR
text/plain 52.29.213.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-213-60.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Thu, 08 Jul 2021 15:37:42 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2

200

/
www.facebook.com/login/ Frame 04BC
Redirect Chain

https://web.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2be7cf51aecf14%26d...
https://web.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.6%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%2...
https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.6%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%2...

0
0

174ms
174ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.6%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2be7cf51aecf14%2526domain%253Dwww.celebzz.com%2526origin%253Dhttp%25253A%25252F%25252Fwww.celebzz.com%25252Fface03568022c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCelebzz-501754036583664%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue&_rdc=1&_rdr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d87e7ff46ea1f90764e6093a25ad14da

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.6%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2be7cf51aecf14%2526domain%253Dwww.celebzz.com%2526origin%253Dhttp%25253A%25252F%25252Fwww.celebzz.com%25252Fface03568022c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCelebzz-501754036583664%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue&_rdc=1&_rdr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: NGHbuAA6EMWfNWQdP0hKZxPa8QfAUgaY1X9uw6/TsEkJl+fsGdH6+lwrz6F8yKJom3LQuDnGkHD+avTe4ioDqA==
date: Thu, 08 Jul 2021 15:37:42 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.6%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2be7cf51aecf14%2526domain%253Dwww.celebzz.com%2526origin%253Dhttp%25253A%25252F%25252Fwww.celebzz.com%25252Fface03568022c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCelebzz-501754036583664%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue&_rdc=1&_rdr
x-fb-zr-redirect: 02|1625845062|
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: ihclzBvmg9NaPtDoht3TOFvkR/QDf46KUgneKd5G5cjEBkJ6TCtVHFh7T05OCY2oK3TDxlE5kNgtYBlyTtZ5cg==
content-length: 0
date: Thu, 08 Jul 2021 15:37:42 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 31ms
18ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210624&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6efdaac3e400114ed280c3fbc1560d180b3ad063a5b8e942d1c189fb8599c92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 15:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8529
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 08 Jul 2021 15:37:42 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 46A3 12 KB
5 KB 21ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 08 Jul 2021 15:32:48 GMT
expires: Fri, 08 Jul 2022 15:32:48 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 62AB 783 B
780 B 16ms
15ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a47fbbfec5b3f871b929fb2e437576268a1858385fe8cb52b121b8d6e7e23b9c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-05ytOJe7e/Pye3LC1WkdKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

expires: Thu, 08 Jul 2021 15:37:42 GMT
date: Thu, 08 Jul 2021 15:37:42 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-05ytOJe7e/Pye3LC1WkdKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js Show response
pagead2.googlesyndication.com/bg/ Frame 46A3 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c971ec4829376335946d1beaa191f2c64a48e8954b422dea372c2d9029177b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 07:16:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 202851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5747
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 07:16:51 GMT

GET
H/1.1 200
OK / Show response
tag.vlitag.com/passback/ Frame 0CCA 0
779 B 246ms
246ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://tag.vlitag.com/passback/?t=1625726623&d=91&z=19423&divID=vi_9119423_564&w=970&h=250

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1625726623/54e09c31ad7d306ae43be19b235e354f.js

Protocol

HTTP/1.1

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:42 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TbfjoMc3Woj58CwACE%2BzPmyL5ZZp0m3q0nfAh%2BNfiHMbHEx0f93ccP%2FEZmKbyPTw2IzbTiWei%2Boe4AQ6DhMHuu1ach3xBqfd7AGG%2FQZ1lR6Dt9PZYTbtk%2B7s8qgF%2F7PTv4gWWxqBUg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 66ba65374f4696da-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK /
stats.vlitag.com/pi/ Frame 0CCA 0
671 B 105ms
98ms Image
image/jpeg 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stats.vlitag.com/pi/?e=zdNeKePZwAe-PYMK-PBMq-MytY-UrwBweqPqAYTRzNhqllwqe0RrNaTRmNTaPYBRrtNRcsokty_orN
Requested by: Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1625726623/54e09c31ad7d306ae43be19b235e354f.js
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:42 GMT
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2E5X6tNVRB1NOIGKNX0XsKsHpkwUMXw%2BX8VRY52pR0JZHYTUMV0SJ7qmveyzUyabrRV5HkIiQf1hs%2FDkM9v9D7myJWC5PbSI05SZRzyZY%2BQk6%2FEs5N%2B%2BgdU74ppuPjA8mG7z4t8kJZlA"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 66ba65374da04e67-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame ADB4 91 KB
36 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-30

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1625726623/54e09c31ad7d306ae43be19b235e354f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e58ad0cdda0f2c0b14cbb8d59a233e419322aa64ce399a1a96d3a58beb86b74c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36892
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Jul 2021 15:37:42 GMT

GET
H/1.1 200
OK / Show response
tag.vlitag.com/passback/ Frame 1F35 0
775 B 275ms
268ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://tag.vlitag.com/passback/?t=1625726623&d=91&z=19424&divID=vi_9119424_964&w=336&h=280

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1625726623/54e09c31ad7d306ae43be19b235e354f.js

Protocol

HTTP/1.1

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:42 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bPFpuwKGjkw1b36Ek6vkcvqkzputCwkYo7MJKvX706meZrJLlZ%2FaAIKeGzKjZh7DUmi7M4Qj%2BO%2B78QT1EMy1i4cK%2BR0V5%2FNwHyMAhwVB0ITO7LeauaUMIm59ljnpGsG9HKWD7tvNiA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 66ba65377cdc2be9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK /
stats.vlitag.com/pi/ Frame 1F35 0
681 B 101ms
94ms Image
image/jpeg 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stats.vlitag.com/pi/?e=zdNyUZBTAYq-BKer-PKtA-aytt-ZTZrweetaAeaRzNhqllwqe0RrNaTRmNTaPYPRrtNRcsokty_orN
Requested by: Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1625726623/54e09c31ad7d306ae43be19b235e354f.js
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:42 GMT
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=s5%2Fj48IKRPjRQ3bGU5IGOl%2FCgflvhcIyX6i9pFhNyyiST%2Bf44E%2BI2nnjDc7%2BtG%2F1grvt185URRAyJU9AV%2FMdyIec%2BHMgVcHLUPW%2F71mP%2FTm%2Fyti02YLFe9p1xctGBifDgOaa3VSJFgVY"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 66ba65376acd4e19-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame ADB4 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 717
date: Thu, 08 Jul 2021 15:25:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Thu, 08 Jul 2021 17:25:45 GMT

GET
H/1.1 200
OK r.html Show response
assets.vlitag.com/plugins/safeframe/src/html/ Frame 2B79 1 KB
1 KB 181ms
181ms Document
text/html 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/safeframe/src/html/r.html

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

185ec6209504453558c6ca11546382553fd756df793146e7b648ed88a3bc1e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: assets.vlitag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.celebzz.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

Date: Thu, 08 Jul 2021 15:37:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 01 Nov 2019 05:04:50 GMT
Expires: Thu, 08 Jul 2021 16:07:42 GMT
Cache-Control: max-age=1800
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: noindex, nofollow
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=D4abgf2YvsTjM1aLyNOQD1nYMpcvbb9XdDpuOtWWdlbZic6t3xrcilVua%2Freg4LhwCyBL7VWXukIDHrrE7iZjDJ6A7Z56tFdq9A5Q3qqR9sgKAjmRnL6cvHTOAVanu8nBGtdROUsgu1Fjg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 66ba6537a8491f25-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK vi-icon.svg
assets.vlitag.com/media/icon/ 3 KB
2 KB 22ms
22ms Image
image/svg+xml 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.vlitag.com/media/icon/vi-icon.svg

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

647f43cd0cfdbafe354249e2c9831cc97c843fe0e44a726febdfb956bd1d25c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1275063
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 01 Nov 2019 05:04:49 GMT
Server: cloudflare
ETag: W/"5dbbbcf1-dc6"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bW9z4xHDMZ96oTXeBb%2FM7g%2FBrrNI%2FNCpl3ZPOa5OZkFcD8vNhxNNDhJ%2BnEijCKctnnrLps%2FwjSAFCiF7RCLRCOi4b34laStugVsl0bdoFw%2Fqx7XDT5%2B%2B6J8qASAGNbTinuamurNnHSBpCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Cache-Control: max-age=16070400
CF-RAY: 66ba6537aca42c19-FRA

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame ADB4 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=657168299&t=pageview&_s=1&dl=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&ul=en-us&de=UTF-8&dt=noBid_celebzz.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=celebzz.com&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=1738891743&gjid=1075149569&cid=1475286884.1625758661&tid=UA-128776493-30&_gid=1863006764.1625758661&_r=1&gtm=2ou770&z=183126

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.celebzz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ Frame ADB4 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=657168299&t=pageview&_s=2&dl=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&ul=en-us&de=UTF-8&dt=noBid_celebzz.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=celebzz.com&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=1475286884.1625758661&tid=UA-128776493-30&_gid=1863006764.1625758661&gtm=2ou770&z=75730737

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 23:45:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57113
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ Frame ADB4 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=657168299&t=pageview&_s=3&dl=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&ul=en-us&de=UTF-8&dt=quantumdex_celebzz.com_0.105707_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.105707&cs=celebzz.com&cm=quantumdex&cc=Default&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=1475286884.1625758661&tid=UA-128776493-30&_gid=1863006764.1625758661&gtm=2ou770&z=903255397

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 23:45:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57113
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210624&jk=463318738551836&bg=!GhmlGV3NAAYo4NJEKOA7ACkAdvg8Wm946QmwlHpm-rbw5W5OhZuVqoT7AXVME-5uhFs1Ev_y-9y6rwIAAACtUgAAAA1oAQeZAoI64fRTAfUGEQCq1VLROk19etKbEYGAnhuPVHcr9Ly2ksKx0dOU2hmxNwkCSS-GsPLSz0oR5db34S6Z3oodgypY7Rm_H8R9cYTLed4klU_N9fkGo5epBFfVBnRRUYboGVmOqjpP6hCSbxyV2124RQeWwcl0oPle5Jrhuff50v3jDM6g8hrDgzf8QC4HgxvwIxWVeIWH78SUx6FLaaLIpASjhdgTo7tcuI61-6pHJJCUDbxau3NaGVR-mTrPwrYacywXn5Y_EIi7kaK_oDmkOgxHCmhs-EbFb-KiFBViWqonW24CQnsjLYnRQeDlTNZ2V7v3PQblJDl2MsCusTb7ULg_vXpr2NIXbLXGhGbDfveCPJ1LfRBO4GTB8ShejCG2vTguNh9gRD4MDFfUU-MkRsfETtfWV90Gn63_gPuUAz2f52Rp-SbVbhFrDHGW8f21qR1WIZAxRtDPdCxORIh-LHBNbcK3j430O5qfhcVxN6yrgC7FQ5fl03mVE4Sh4CPfL25-mr3j5ZNC9ISyVNO30nH7nrWl5IOl9Zrh3agAAOmqKSUbUEzg8fFu_oBirxDo8IPXC_QLb2nXkCsOk_ctCp2mIpvDCaH-Kv-R1bGPxTJjZb9AOkH0LMlCuLMYtB9_VD0diwOhtIvJvMfQHTg56PUBtZOpYvYHtZHmSzHZDT-k6LZCSfMMLH_VItVYb4-Nnnhtx2Lk-zidls7bZbW4pGTtTbPuGnY8DTva8O5uBVJYlxvo1i8bjWaV1U-yx4IpdFdA_JpJlRtZPD7IjYK39GslMPwGbP_8B3OrynIDS-HHIBinGaocxqz5AarRVWGKmLn-QG6RNgihyfKoFgeczDhcijQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK r.html Show response
assets.vlitag.com/plugins/safeframe/src/html/ Frame 0147 1 KB
1 KB 160ms
159ms Document
text/html 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/safeframe/src/html/r.html

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f1ec090d95eb926a34a7c859713b9aefaac58f741c38f7f31130296e4688c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: assets.vlitag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.celebzz.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

Date: Thu, 08 Jul 2021 15:37:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 01 Nov 2019 05:04:50 GMT
Expires: Thu, 08 Jul 2021 16:07:42 GMT
Cache-Control: max-age=1800
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: noindex, nofollow
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=z%2FHTFUkq%2FS55EzxVPZ6zrQ6yxz20w%2BuQnv%2BnP0a9U7w0vu7da%2B5S6WPaltppSUVIMZb9BSPIVWhcvB68v4D4%2BPzZwFFHkadystrKdYj0Dt1TlDqqWvYd%2BgRz6M4WRgmdD7Y1dX7lwPvH0A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 66ba65385e882c19-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 collect
www.google-analytics.com/ Frame ADB4 35 B
55 B 8ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=657168299&t=pageview&_s=4&dl=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&ul=en-us&de=UTF-8&dt=quantumdex_celebzz.com_0.105707_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.105707&cs=celebzz.com&cm=quantumdex&cc=Default&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=1475286884.1625758661&tid=UA-128776493-30&_gid=1863006764.1625758661&gtm=2ou770&z=1662836349

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 23:45:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57113
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 2B79 12 KB
5 KB 30ms
13ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/plugins/safeframe/src/html/r.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0b285d97940000c28b6327a000000001
last-modified: Tue, 29 Jun 2021 09:14:34 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60dae47a-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3GTj3gO%2BGnlrvs4kweRv2Zdas5iMI3Qd6n1aNDFZ%2FFVmUku%2FjKlRH5JxhgZ3UkP4ztiFvV9Bjbc8hvuK0%2Bogn6YcEMsfm3E0oyAlAJP7k88O%2FVmgyW2WndaowLk4EddBSi54vAzeqN8%2FuagD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 66ba6538e80cc28b-FRA
expires: Sat, 10 Jul 2021 15:37:42 GMT

GET
H/1.1 200
OK sf_ext.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ Frame 2B79 23 KB
12 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1273696
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 01 Nov 2019 05:04:50 GMT
Server: cloudflare
ETag: W/"5dbbbcf2-5aed"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tzicLwePpKbhdbHzPO0M9YAzKsvdiD9mgdLZHbnwAU2OrFLvpko9TaZfXGIpE1RNJhHc%2Fl3Lmzff%2FdxQKmBC%2ByeoRlbUnSO7p3UslqkEPes4QQQZqg6l%2Bj3Ueiw%2B0VojhavV6%2Bh%2BlskYMw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=16070400
CF-RAY: 66ba65390ad61f25-FRA
Expires: Wed, 23 Jun 2021 22:19:26 GMT

GET
H/1.1 200
OK ab Show response
nym1-ib.adnxs-simple.com/ Frame 2B79 13 KB
7 KB 308ms
93ms Script
application/javascript 68.67.179.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.90 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2f4d057d1878d9f21ea9ece93f685424eda71fe31f2f1e431881fd470802d40

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:42 GMT
Content-Encoding: gzip
X-Creative-ID: 281684672
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 662e337e-1191-42f2-a036-06ba92a9acdd
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 161957c6-cb46-4c00-a21b-9a07d4392688
quantumsyndication.com/pixel/ Frame 2B79 43 B
326 B 173ms
113ms Image
image/gif 2606:4700:3036::ac43:998d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quantumsyndication.com/pixel/161957c6-cb46-4c00-a21b-9a07d4392688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:998d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SZ0uLnWgDYXcSjsW%2BWqMfG2sZmVQc8ZeO%2BzHQFWYddtK8wCp5SPUTFR40kimzLyXGg0%2F3NL8V4QfhL0EGop8VUrQRbMBDNoUuQdfR3s8a1yXpvXQYsy2XkONZj54f51pE5cArsLqAjNcfzLp995tsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba65399dbd4ee6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43

GET
H/1.1 200
OK /
stats.vlitag.com/pi/ Frame 2B79 0
665 B 96ms
95ms Image
image/jpeg 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stats.vlitag.com/pi/?e=zdNwwwAwYeY-BttK-PBaM-MZUK-BTUqrBwqPPeARrNaTRmNYYPMRwNjxqfzxdrtbRhNAGTAZKAKRrtNRcsokty_orN
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:42 GMT
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UVbN3klgJC7ke8TCN530M2BP7xVkRy1StFRaHqciSNp9XXN4vOVhlJTtUiQY9KD40%2BvC7gKgc2YfaGXM%2BRCzvViYdENqJT5gs4nZ6uwMsBEVRBG3E3h%2BkPVFSpk2PlmSsvIlNs7rM5gd"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 66ba65393f3d4e19-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 0147 12 KB
4 KB 11ms
11ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/plugins/safeframe/src/html/r.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0b285d97e00000c28bcbbf8000000001
last-modified: Tue, 29 Jun 2021 09:14:34 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60dae47a-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yjeIbgUOeJNod2Em%2FwdY%2FRjXJUBCFVei5EjjdZmRXC%2BykmVvhO%2FsW4AthF8LXwmRfmBFgr6o%2BVHw1sbxxTZkwJlM1JBo2VpXbXZBoGnsHI%2BzT9Y39JxNAcZSR1REos2Id0TJxC8BICWwGvYS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 66ba653968eac28b-FRA
expires: Sat, 10 Jul 2021 15:37:42 GMT

GET
H/1.1 200
OK sf_ext.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ Frame 0147 23 KB
12 KB 18ms
17ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1273696
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 01 Nov 2019 05:04:50 GMT
Server: cloudflare
ETag: W/"5dbbbcf2-5aed"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RBXL6PUdD1q%2BuQR7mF5oHbDJ7Opi3xQcnT9nwx2ZxCIkZnxIPipxsJkJ4ve3CLxjFpC3k0iWDgXfCeYjj%2B4C11su%2FqUj5wgqQiFcHYk%2Fi%2Bcx1GU8bXrvlqZUcxfTuycGs%2FKD0UYIrLSl3w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=16070400
CF-RAY: 66ba653979c32c19-FRA
Expires: Wed, 23 Jun 2021 22:19:26 GMT

GET
H/1.1 200
OK ab Show response
nym1-ib.adnxs-simple.com/ Frame 0147 13 KB
7 KB 275ms
92ms Script
application/javascript 68.67.179.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.90 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

8beef6704960cc2225b7ea9d96ba8724862fc453ac4ea2f8a63e8dbee51ebeb9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:42 GMT
Content-Encoding: gzip
X-Creative-ID: 281686126
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ac5178d6-f988-422d-b910-d1a864a86600
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 11a5faea-c2ec-4208-8e34-fefd3f431c22
quantumsyndication.com/pixel/ Frame 0147 43 B
597 B 98ms
98ms Image
image/gif 2606:4700:3036::ac43:998d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quantumsyndication.com/pixel/11a5faea-c2ec-4208-8e34-fefd3f431c22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:998d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9b3%2FuI01Tj7Z%2FzqpxELFvmweDK7xGow4uv1rEhZF8aKHsxfkJa6HJnY977eZv8oi%2BL6jbaPviOCuzF1tsM0VpW1yfqULkK58v3q%2BGAJZFiO%2Fvr7iBv%2BWRA3kd0%2BHoLeRIgamqMVRkJ2OdHYMVoc4cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba6539ade54ee6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43

GET
H/1.1 200
OK /
stats.vlitag.com/pi/ Frame 0147 0
671 B 101ms
100ms Image
image/jpeg 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stats.vlitag.com/pi/?e=zdNYKBYYyKe-ryqw-PrKw-wUyT-UwaUarUeZAUrRrNaTRmNPZARwNjxqfzxdrtbRhNAGTAZKAKRrtNRcsokty_orN
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:42 GMT
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4zzhv5JzivcLPFZnF3Tk5N%2BQXbJgAggnlzj%2Bps79LrwB14lYBSZkRRCL8hWqwPj5BjNT6We%2F53S4OH1lxAKEcc4B2lsvl%2BYM4VKq0v5JqWOZ9J82OoR4Wk%2FKSQsRAQ8Wy%2BNpWbii7evI"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 66ba65399c2f4e67-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0

GET
H/1.1 200
OK qfqcwu936glt Show response
hal9000.redintelligence.net/zone/ Frame 2B79 10 KB
3 KB 79ms
59ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal9000.redintelligence.net/zone/qfqcwu936glt?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=8478554917216207991&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8478554917216207991%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 27afccdb7198eef318c703504ceef913a46f44f00b734a88cb2f3c02c4d38701

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:42 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2798
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ck-confirm
tags.mathtag.com/ Frame 2B79
Redirect Chain

https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTnpjd1lqRm1aRGN0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0Nzg1NTQ5MTcyMTYyMDc5OTEvNjYyMjM5Ni80NTYyMzEyLzEzL2dDQ3...
https://tags.mathtag.com/ck-confirm?bid_id=8478554917216207991&node_id=2690&exch_id=13

49 B
330 B

266ms
266ms

Image
image/gif

185.29.133.52
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=8478554917216207991&node_id=2690&exch_id=13
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.52 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.201.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:38 GMT
Server: MMBD/3.201.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x75, ord-bidder-x350
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 08 Jul 2021 15:37:37 GMT

Redirect headers

Date: Thu, 08 Jul 2021 15:37:38 GMT
x-mm-bid-request-time: 1625758662
Last-Modified: Thu, 08 Jul 2021 15:37:42 GMT
Server: MMBD/3.201.0
x-mm-latency: 232 (2)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://tags.mathtag.com/ck-confirm?bid_id=8478554917216207991&node_id=2690&exch_id=13
x-mm-dbg: Invalid
Cache-Control: no-cache
x-mm-host: zrh-router-x69, ord-bidder-x350
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Keep-Alive: timeout=360
Content-Length: 86
Expires: Thu, 08 Jul 2021 15:37:37 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 2B79 43 B
506 B 42ms
41ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=8478554917216207991&v3=651871&v4=4562312&v5=6622396&mt_nsync=1&no_attr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3799 851f7e8 master cdg-pixel-x15 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:42 GMT
Server: MT3 3799 851f7e8 master cdg-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:40:21 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 2B79 49 B
330 B 356ms
271ms Image
image/gif 185.29.133.52
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=8478554917216207991&st=4562312&time=[IMP_ATTR.time]&nodeid=2690
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.52 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.201.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:38 GMT
Server: MMBD/3.201.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x31, ord-bidder-x350
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 08 Jul 2021 15:37:37 GMT

GET
H/1.1 200
OK it
nym1-ib.adnxs-simple.com/ Frame 2B79 0
657 B 92ms
91ms Image
text/html 68.67.179.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nym1-ib.adnxs-simple.com/it?an_audit=0&referrer=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&e=wqT_3QKdC2ydBQAAAwDWAAUBCMa3nIcGEN3mjcCX-O26VBj_EQF4ASo2Cf66050nnsE_ERhvzgKZD7s_GQAAACCuR_U_IRESACkRJNAxAAAAQOF6pD8wq-GBCjiDWUAdSAhQwNWohgFY9-KIAWAAaI6hrQF41NEEgAEBigEDVVNEkgUG9CQCmAGsAqAB2ASoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAoHiVuoCWmh0dHA6Ly93d3cuY2VsZWJ6ei5jb20vbWVsYW5pZS1icm93bi1zdGVwcy1vdXQtdG8tZGlubmVyLXdpdGgtaGVyLWZyaWVuZC1nYXJ5LWluLWdsZW5kYWxlL4ADAYgDAJADAJgDFKADAaoDjgYKxQVodHRwOi8vdGFncy5tYXRodGFnLmNvbS9ub3RpZnkvaW1nP2V4Y2g9YXBuJnNfZXhjaD1hcG4maWQ9NWFXOTVxMmpMekl6THlBdlRucGpkMWxxUm0xYVJHTjBUVVJCZDAxRE1IZE5SRUYzVEZSQmQwMUVRWFJOUkVGM1RVUkJkMDFFUVhkTlJFRjNMemcwTnpnMU5UUTVNVGN5TVRZeU1EYzVPVEV2TmpZeU1qTTVOaTgwTlRZeU16RXlMekV6TDJkRFEzRTFSVEJQTUc1MlMxbGtjbTEyUVRSNlJubDFkR2hVWldaeU1scFRRM2xSYTNSNlRtZzNlakF2TVM4eE15OHdMekF2T1RVMk9EQXpMekF2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVFYUk5SRUYzVFVNd2QwMUVRWGRNVkVGM1RVUkJkRTFFUVhkTlJFRjNUVVJCZDAxRVFYY3ZNQzh3THpBdk1DOHdMemcwTnpnMU5UUTVNOvAAEGIzSmtMAXT0KgFUYzROeTgzTXk4NU9Ua3ZNekl5THpKaE1ERTZOR1k0T2pFNU1qbzFOREF3T2pvdk1DNHdNREF2TVRZeU5UYzFPRFkyTWk4eE5qSTFOemN4TWpZeUx6RXpMekV4TXprMUx3L24wUEZPUms1UXpPaTl4Y1J5aGd2VVpsT1Z2cyZub2RlaWQ9MjY5MCZncm91cD11cy1lYXN0JmF1Y3Rpb25pZD04NDc4NTU0OTE3MjE2MjA3OTkxJnByaWNlPSR7QVVDVElPTl9QUklDRX0mbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MjE2LjIwMC4yMzIuMTY0JnNpZD00NTYyMzEyJmNpZD02NjIyMzk2JnNyYz1hcGkmdHlwZT1idXJsJmNsaWVudD1zMnMSEzg0Nz6GAPR1ARoTNjA4NTk3MjUxMzAzMTE1NjU3MyIJMjgxNjg0NjcyKgYxMDE5MzY6BzY2MjIzOTbAA6wCyAMA2AO3mlTgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBBQyYTAxOjRmODoxOTI6NTQxNDo6MqgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANoEAggB4AQA8ATA1aiGAfoEEgkAAACgmZlJQBEAAADAzMwiQIgFAZgFAKAFlLOD0NP_0oMDqgUkZWQzODZiNGItYmFhMS00Y2UwLWFlMWQtY2M2MzcwMTMwNWM4wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAcEGAAAAAAAA8D_QBvmrAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3MboHDwgAEAAYACAAMAA4ugZAAMgH1NEE0gcNFYAYEAAYANoHBgknKOAHAOoHAggA8AcA&s=e1e3fa3cf4c2a9c3dda1f1ede640c89700cb0829

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.90 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:42 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: dcc1c5b3-4cd4-4497-a850-b67443458e31
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 6cywgeu7gf0e Show response
hal9000.redintelligence.net/zone/ Frame 0147 10 KB
3 KB 67ms
47ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal9000.redintelligence.net/zone/6cywgeu7gf0e?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=8478554917216207536&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8478554917216207536%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 78daecc5bdee5fce53c24de665504fb159649124c5fecf1a4f05f8f19cf03610

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:42 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2799
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ck-confirm
tags.mathtag.com/ Frame 0147
Redirect Chain

https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTnpjd1lqRm1aRGN0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0Nzg1NTQ5MTcyMTYyMDc1MzYvNjYyMjM5My80NTYyMzEyLzEzL2dDQ3...
https://tags.mathtag.com/ck-confirm?bid_id=8478554917216207536&node_id=2690&exch_id=13

49 B
330 B

261ms
261ms

Image
image/gif

185.29.133.52
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=8478554917216207536&node_id=2690&exch_id=13
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.52 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.201.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:38 GMT
Server: MMBD/3.201.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x82, ord-bidder-x350
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 08 Jul 2021 15:37:37 GMT

Redirect headers

Date: Thu, 08 Jul 2021 15:37:38 GMT
x-mm-bid-request-time: 1625758662
Last-Modified: Thu, 08 Jul 2021 15:37:42 GMT
Server: MMBD/3.201.0
x-mm-latency: 141 (25)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://tags.mathtag.com/ck-confirm?bid_id=8478554917216207536&node_id=2690&exch_id=13
x-mm-dbg: Invalid
Cache-Control: no-cache
x-mm-host: zrh-router-x23, ord-bidder-x350
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Keep-Alive: timeout=360
Content-Length: 86
Expires: Thu, 08 Jul 2021 15:37:37 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 0147 43 B
505 B 65ms
56ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=8478554917216207536&v3=651871&v4=4562312&v5=6622393&mt_nsync=1&no_attr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3799 851f7e8 master cdg-pixel-x6 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:42 GMT
Server: MT3 3799 851f7e8 master cdg-pixel-x6
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:40:21 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 0147 49 B
330 B 350ms
272ms Image
image/gif 185.29.133.52
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=8478554917216207536&st=4562312&time=[IMP_ATTR.time]&nodeid=2690
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.52 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.201.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:38 GMT
Server: MMBD/3.201.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x38, ord-bidder-x350
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 08 Jul 2021 15:37:37 GMT

GET
H/1.1 200
OK it
nym1-ib.adnxs-simple.com/ Frame 0147 0
657 B 117ms
116ms Image
text/html 68.67.179.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nym1-ib.adnxs-simple.com/it?an_audit=0&referrer=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&e=wqT_3QKdC2ydBQAAAwDWAAUBCMa3nIcGEK2us-7YyK3eMhj_EQF4ASo2Cf66050nnsE_ERhvzgKZD7s_GQAAACCuR_U_IRESACkRJNAxAAAAQOF6pD8wq-GBCjiDWUAdSAhQ7uCohgFY9-KIAWAAaI6hrQF4n80FgAEBigEDVVNEkgUG9CQCmAGgAaAB2ASoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAoHiVuoCWmh0dHA6Ly93d3cuY2VsZWJ6ei5jb20vbWVsYW5pZS1icm93bi1zdGVwcy1vdXQtdG8tZGlubmVyLXdpdGgtaGVyLWZyaWVuZC1nYXJ5LWluLWdsZW5kYWxlL4ADAYgDAJADAJgDFKADAaoDjgYKxQVodHRwOi8vdGFncy5tYXRodGFnLmNvbS9ub3RpZnkvaW1nP2V4Y2g9YXBuJnNfZXhjaD1hcG4maWQ9NWFXOTVxMmpMekl6THlBdlRucGpkMWxxUm0xYVJHTjBUVVJCZDAxRE1IZE5SRUYzVEZSQmQwMUVRWFJOUkVGM1RVUkJkMDFFUVhkTlJFRjNMemcwTnpnMU5UUTVNVGN5TVRZeU1EYzFNell2TmpZeU1qTTVNeTgwTlRZeU16RXlMekV6TDJkRFEzRTFSVEJQTUc1MlMxbGtjbTEyUVRSNlJucFJZM1JOY21welpVNUJNR3QzV0dObWFuRm5ObmN2TVM4eE15OHdMekF2T1RVMk9EQXpMekF2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVFYUk5SRUYzVFVNd2QwMUVRWGRNVkVGM1RVUkJkRTFFUVhkTlJFRjNUVVJCZDAxRVFYY3ZNQzh3THpBdk1DOHdMemcwTnpnMU5UUTVNOvAAEGIzSmtMAXT0KgFUYzROeTgzTXk4NU9Ua3ZNekl5THpKaE1ERTZOR1k0T2pFNU1qbzFOREF3T2pvdk1DNHdNREF2TVRZeU5UYzFPRFkyTWk4eE5qSTFOemN4TWpZeUx6RXpMekV4TXprMUx3LzVIRkJBSnlZcW5nQnNSbHF3bnRnZVY0MUVjSSZub2RlaWQ9MjY5MCZncm91cD11cy1lYXN0JmF1Y3Rpb25pZD04NDc4NTU0OTE3MjE2MjA3NTM2JnByaWNlPSR7QVVDVElPTl9QUklDRX0mbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MjE2LjIwMC4yMzIuMTc1JnNpZD00NTYyMzEyJmNpZD02NjIyMzkzJnNyYz1hcGkmdHlwZT1idXJsJmNsaWVudD1zMnMSEzg0Nz6GAPR1ARoTMzY1NTk5NzQwNzM2NjAxMDY2OSIJMjgxNjg2MTI2KgYxMDE5MzY6BzY2MjIzOTPAA6wCyAMA2AO3mlTgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBBQyYTAxOjRmODoxOTI6NTQxNDo6MqgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANoEAggB4AQA8ATu4KiGAfoEEgkAAACgmZlJQBEAAADAzMwiQIgFAZgFAKAF55W0_PTR-cEOqgUkY2E4MGQyYzItNDFhMS00NTI2LThiZDMtNzZkMzNlYjBkNDA5wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAcEGAAAAAAAA8D_QBvmrAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3MboHDwgAEAAYACAAMAA4ugZAAMgHn80F0gcNFYAYEAAYANoHBgknKOAHAOoHAggA8AcA&s=d00a5b148744eb65a1761a264d702c338c0f03bd

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.90 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:43 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: b01d64e5-d3ac-4472-8509-3ddb96a26843
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

request.php Show response
hal90002.redintelligence.net/ Frame 2B79
Redirect Chain

http://hal90002.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=be6ff1d83d&subid=&uid=98d8d758a6610722&screenSize=1600x1200&screenSizeAvail=1600x1200&clie...
http://hal90002.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=be6ff1d83d&subid=&uid=98d8d758a6610722&screenSize=1600x1200&screenSizeAvail=1600x1200&clie...

611 B
911 B

140ms
121ms

Script
application/x-javascript

46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal90002.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=be6ff1d83d&subid=&uid=98d8d758a6610722&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8478554917216207991%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=http%3A%2F%2Fwww.celebzz.com%2F&ancestorOrigins=http%3A%2F%2Fwww.celebzz.com&random=3075693020513&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Protocol: HTTP/1.1
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c785cab5bb9f425d18932b129f531ec6c9ab1dc79f5106e8ed883606f42e1172

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:43 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 43704100104756000951433011649002
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 328
Expires: Thu, 08 Jul 2021 16:37:43 +0200

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:43 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=be6ff1d83d&subid=&uid=98d8d758a6610722&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8478554917216207991%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=http%3A%2F%2Fwww.celebzz.com%2F&ancestorOrigins=http%3A%2F%2Fwww.celebzz.com&random=3075693020513&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Thu, 08 Jul 2021 16:37:43 +0200

GET
H/1.1

200
OK

request.php Show response
hal900025.redintelligence.net/ Frame 0147
Redirect Chain

http://hal900025.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=99dd00938f&subid=&uid=c219f3a1926cd827&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
http://hal900025.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=99dd00938f&subid=&uid=c219f3a1926cd827&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

612 B
912 B

123ms
103ms

Script
application/x-javascript

138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal900025.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=99dd00938f&subid=&uid=c219f3a1926cd827&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8478554917216207536%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=http%3A%2F%2Fwww.celebzz.com%2F&ancestorOrigins=http%3A%2F%2Fwww.celebzz.com&random=557284754979&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Protocol: HTTP/1.1
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 41346e6cc0183243d649cd4a14c2e55c64822f9c526cb78763532611bdf208e4

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:43 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 13282700112036400951427011649025
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 329
Expires: Thu, 08 Jul 2021 16:37:43 +0200

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:43 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=99dd00938f&subid=&uid=c219f3a1926cd827&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8478554917216207536%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=http%3A%2F%2Fwww.celebzz.com%2F&ancestorOrigins=http%3A%2F%2Fwww.celebzz.com&random=557284754979&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Thu, 08 Jul 2021 16:37:43 +0200

GET
H/1.1 200
OK request_content.php Show response
hal90002.redintelligence.net/ Frame C875 4 KB
2 KB 77ms
58ms Document
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal90002.redintelligence.net/request_content.php?s=43704100104756000951433011649002&a=c23e3d2c
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 9348b017fadafe5f39845f4119774abcb5a47c1337590a05ff878aa4222e29b8

Request headers

Host: hal90002.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://assets.vlitag.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://assets.vlitag.com/

Response headers

Date: Thu, 08 Jul 2021 15:37:43 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 08 Jul 2021 16:37:43 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1415
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK rd_log Show response
nym1-ib.adnxs-simple.com/ Frame 2B79 0
657 B 92ms
91ms Script
text/html 68.67.179.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.90 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:43 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: cd870b54-7734-4263-94c1-644e233842d5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900025.redintelligence.net/ Frame 0128 7 KB
3 KB 78ms
59ms Document
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal900025.redintelligence.net/request_content.php?s=13282700112036400951427011649025&a=692db05a
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: baf13cf4d7e93dfda61adf7d25fef65fb50076834e244d2f4aa1f93371258482

Request headers

Host: hal900025.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://assets.vlitag.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://assets.vlitag.com/

Response headers

Date: Thu, 08 Jul 2021 15:37:43 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 08 Jul 2021 16:37:43 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2286
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK rd_log Show response
nym1-ib.adnxs-simple.com/ Frame 0147 0
657 B 98ms
97ms Script
text/html 68.67.179.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.90 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:43 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: 0c37e00e-8ecc-40d3-bcd4-4781da87da32
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK S-300x600.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame C875 95 KB
95 KB 138ms
40ms Image
image/gif 51.75.147.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-300x600.gif
Requested by: Host: hal90002.redintelligence.net
URL: http://hal90002.redintelligence.net/request_content.php?s=43704100104756000951433011649002&a=c23e3d2c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.75.147.170 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: a24bf435f35ac214cad692735eb2f8a9235101f45c115b1ef1265cc275cf3c50

Request headers

Referer: http://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:43 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-17bca"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 97226

GET
H/1.1 200
OK viewability Show response
hal90002.redintelligence.net/ Frame C875 0
150 B 78ms
59ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal90002.redintelligence.net/viewability?s=43704100104756000951433011649002&a=d76d843f&vb=m
Requested by: Host: hal90002.redintelligence.net
URL: http://hal90002.redintelligence.net/request_content.php?s=43704100104756000951433011649002&a=c23e3d2c
Protocol: HTTP/1.1
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://hal90002.redintelligence.net/request_content.php?s=43704100104756000951433011649002&a=c23e3d2c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:43 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame C875 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 0128 89 KB
32 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900025.redintelligence.net
URL: http://hal900025.redintelligence.net/request_content.php?s=13282700112036400951427011649025&a=692db05a

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 11:02:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 102909
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 32245
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 07 Jul 2022 11:02:34 GMT

GET
H/1.1 200
OK S-160x600.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 0128 40 KB
40 KB 139ms
47ms Image
image/gif 51.75.147.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-160x600.gif
Requested by: Host: hal900025.redintelligence.net
URL: http://hal900025.redintelligence.net/request_content.php?s=13282700112036400951427011649025&a=692db05a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.75.147.170 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4f4ed318db35c5f69af7305536516e10419a8a2ce9459ff38149fad2a5602c1c

Request headers

Referer: http://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:43 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:29 GMT
Server: nginx
ETag: "5b55f201-9f7f"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 40831

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs-simple.com/v/s/212/ Frame 2B79 85 KB
29 KB 128ms
56ms Script
application/x-javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs-simple.com/v/s/212/trk.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1e7d37655cb5bde289f377edc0d853e0850c0f7ee432d92caf2702b2f3d7b1de

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Jun 2021 07:29:39 GMT
Server: AkamaiNetStorage
ETag: "6d91472bc3da5214e6fbe83dbe89394e:1624433379.808788"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29216
Expires: Fri, 08 Jul 2022 15:37:43 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs-simple.com/v/s/212/ Frame 0147 85 KB
29 KB 108ms
47ms Script
application/x-javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs-simple.com/v/s/212/trk.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1e7d37655cb5bde289f377edc0d853e0850c0f7ee432d92caf2702b2f3d7b1de

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Jun 2021 07:29:39 GMT
Server: AkamaiNetStorage
ETag: "6d91472bc3da5214e6fbe83dbe89394e:1624433379.808788"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29216
Expires: Fri, 08 Jul 2022 15:37:43 GMT

GET
H/1.1 200
OK viewability Show response
hal900025.redintelligence.net/ Frame 0128 0
150 B 77ms
58ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal900025.redintelligence.net/viewability?s=13282700112036400951427011649025&a=69df035e&vb=m
Requested by: Host: hal900025.redintelligence.net
URL: http://hal900025.redintelligence.net/request_content.php?s=13282700112036400951427011649025&a=692db05a
Protocol: HTTP/1.1
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://hal900025.redintelligence.net/request_content.php?s=13282700112036400951427011649025&a=692db05a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:43 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 0128 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 200
OK vevent
nym1-ib.adnxs-simple.com/ Frame 2B79 0
680 B 92ms
91ms Ping
text/html 68.67.179.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/vevent?an_audit=0&referrer=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&e=wqT_3QKdC2ydBQAAAwDWAAUBCMa3nIcGEN3mjcCX-O26VBj_EQF4ASo2Cf66050nnsE_ERhvzgKZD7s_GQAAACCuR_U_IRESACkRJNAxAAAAQOF6pD8wq-GBCjiDWUAdSAhQwNWohgFY9-KIAWAAaI6hrQF41NEEgAEBigEDVVNEkgUG9CQCmAGsAqAB2ASoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAoHiVuoCWmh0dHA6Ly93d3cuY2VsZWJ6ei5jb20vbWVsYW5pZS1icm93bi1zdGVwcy1vdXQtdG8tZGlubmVyLXdpdGgtaGVyLWZyaWVuZC1nYXJ5LWluLWdsZW5kYWxlL4ADAYgDAJADAJgDFKADAaoDjgYKxQVodHRwOi8vdGFncy5tYXRodGFnLmNvbS9ub3RpZnkvaW1nP2V4Y2g9YXBuJnNfZXhjaD1hcG4maWQ9NWFXOTVxMmpMekl6THlBdlRucGpkMWxxUm0xYVJHTjBUVVJCZDAxRE1IZE5SRUYzVEZSQmQwMUVRWFJOUkVGM1RVUkJkMDFFUVhkTlJFRjNMemcwTnpnMU5UUTVNVGN5TVRZeU1EYzVPVEV2TmpZeU1qTTVOaTgwTlRZeU16RXlMekV6TDJkRFEzRTFSVEJQTUc1MlMxbGtjbTEyUVRSNlJubDFkR2hVWldaeU1scFRRM2xSYTNSNlRtZzNlakF2TVM4eE15OHdMekF2T1RVMk9EQXpMekF2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVFYUk5SRUYzVFVNd2QwMUVRWGRNVkVGM1RVUkJkRTFFUVhkTlJFRjNUVVJCZDAxRVFYY3ZNQzh3THpBdk1DOHdMemcwTnpnMU5UUTVNOvAAEGIzSmtMAXT0KgFUYzROeTgzTXk4NU9Ua3ZNekl5THpKaE1ERTZOR1k0T2pFNU1qbzFOREF3T2pvdk1DNHdNREF2TVRZeU5UYzFPRFkyTWk4eE5qSTFOemN4TWpZeUx6RXpMekV4TXprMUx3L24wUEZPUms1UXpPaTl4Y1J5aGd2VVpsT1Z2cyZub2RlaWQ9MjY5MCZncm91cD11cy1lYXN0JmF1Y3Rpb25pZD04NDc4NTU0OTE3MjE2MjA3OTkxJnByaWNlPSR7QVVDVElPTl9QUklDRX0mbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MjE2LjIwMC4yMzIuMTY0JnNpZD00NTYyMzEyJmNpZD02NjIyMzk2JnNyYz1hcGkmdHlwZT1idXJsJmNsaWVudD1zMnMSEzg0Nz6GAPR1ARoTNjA4NTk3MjUxMzAzMTE1NjU3MyIJMjgxNjg0NjcyKgYxMDE5MzY6BzY2MjIzOTbAA6wCyAMA2AO3mlTgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBBQyYTAxOjRmODoxOTI6NTQxNDo6MqgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANoEAggB4AQA8ATA1aiGAfoEEgkAAACgmZlJQBEAAADAzMwiQIgFAZgFAKAFlLOD0NP_0oMDqgUkZWQzODZiNGItYmFhMS00Y2UwLWFlMWQtY2M2MzcwMTMwNWM4wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAcEGAAAAAAAA8D_QBvmrAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3MboHDwgAEAAYACAAMAA4ugZAAMgH1NEE0gcNFYAYEAAYANoHBgknKOAHAOoHAggA8AcA&s=e1e3fa3cf4c2a9c3dda1f1ede640c89700cb0829&type=nv&nvt=5&jm=1140|1141|1143|1003&px=0&py=0&bw=300&bh=600&sid=6757631511545949652&vd=ct~0|rr~0&sv=212&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=21000363&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/212/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.90 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:43 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: 3b1ca27e-9ca7-4dbc-87e6-c38a2f9871b8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://assets.vlitag.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
nym1-ib.adnxs-simple.com/ Frame 0147 0
680 B 99ms
99ms Ping
text/html 68.67.179.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/vevent?an_audit=0&referrer=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&e=wqT_3QKdC2ydBQAAAwDWAAUBCMa3nIcGEK2us-7YyK3eMhj_EQF4ASo2Cf66050nnsE_ERhvzgKZD7s_GQAAACCuR_U_IRESACkRJNAxAAAAQOF6pD8wq-GBCjiDWUAdSAhQ7uCohgFY9-KIAWAAaI6hrQF4n80FgAEBigEDVVNEkgUG9CQCmAGgAaAB2ASoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAoHiVuoCWmh0dHA6Ly93d3cuY2VsZWJ6ei5jb20vbWVsYW5pZS1icm93bi1zdGVwcy1vdXQtdG8tZGlubmVyLXdpdGgtaGVyLWZyaWVuZC1nYXJ5LWluLWdsZW5kYWxlL4ADAYgDAJADAJgDFKADAaoDjgYKxQVodHRwOi8vdGFncy5tYXRodGFnLmNvbS9ub3RpZnkvaW1nP2V4Y2g9YXBuJnNfZXhjaD1hcG4maWQ9NWFXOTVxMmpMekl6THlBdlRucGpkMWxxUm0xYVJHTjBUVVJCZDAxRE1IZE5SRUYzVEZSQmQwMUVRWFJOUkVGM1RVUkJkMDFFUVhkTlJFRjNMemcwTnpnMU5UUTVNVGN5TVRZeU1EYzFNell2TmpZeU1qTTVNeTgwTlRZeU16RXlMekV6TDJkRFEzRTFSVEJQTUc1MlMxbGtjbTEyUVRSNlJucFJZM1JOY21welpVNUJNR3QzV0dObWFuRm5ObmN2TVM4eE15OHdMekF2T1RVMk9EQXpMekF2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVFYUk5SRUYzVFVNd2QwMUVRWGRNVkVGM1RVUkJkRTFFUVhkTlJFRjNUVVJCZDAxRVFYY3ZNQzh3THpBdk1DOHdMemcwTnpnMU5UUTVNOvAAEGIzSmtMAXT0KgFUYzROeTgzTXk4NU9Ua3ZNekl5THpKaE1ERTZOR1k0T2pFNU1qbzFOREF3T2pvdk1DNHdNREF2TVRZeU5UYzFPRFkyTWk4eE5qSTFOemN4TWpZeUx6RXpMekV4TXprMUx3LzVIRkJBSnlZcW5nQnNSbHF3bnRnZVY0MUVjSSZub2RlaWQ9MjY5MCZncm91cD11cy1lYXN0JmF1Y3Rpb25pZD04NDc4NTU0OTE3MjE2MjA3NTM2JnByaWNlPSR7QVVDVElPTl9QUklDRX0mbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MjE2LjIwMC4yMzIuMTc1JnNpZD00NTYyMzEyJmNpZD02NjIyMzkzJnNyYz1hcGkmdHlwZT1idXJsJmNsaWVudD1zMnMSEzg0Nz6GAPR1ARoTMzY1NTk5NzQwNzM2NjAxMDY2OSIJMjgxNjg2MTI2KgYxMDE5MzY6BzY2MjIzOTPAA6wCyAMA2AO3mlTgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBBQyYTAxOjRmODoxOTI6NTQxNDo6MqgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANoEAggB4AQA8ATu4KiGAfoEEgkAAACgmZlJQBEAAADAzMwiQIgFAZgFAKAF55W0_PTR-cEOqgUkY2E4MGQyYzItNDFhMS00NTI2LThiZDMtNzZkMzNlYjBkNDA5wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAcEGAAAAAAAA8D_QBvmrAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3MboHDwgAEAAYACAAMAA4ugZAAMgHn80F0gcNFYAYEAAYANoHBgknKOAHAOoHAggA8AcA&s=d00a5b148744eb65a1761a264d702c338c0f03bd&type=nv&nvt=5&jm=1140|1141|1143|1003&px=0&py=0&bw=160&bh=600&sid=6757631511545949652&vd=ct~0|rr~0&sv=212&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=21000363&sw=1600&sh=1200&pw=160&ph=600&ww=160&wh=600&ft=3

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/212/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.90 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:43 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: 08c05782-b311-4021-9f89-befbf9458129
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://assets.vlitag.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 publishertag.prebid.105.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 68ms
23ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:30 GMT
server: nginx
etag: W/"6034e04e-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 09 Jul 2021 15:37:43 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9AF5 291 B
724 B 66ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.celebzz.com&gdpr=1&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.celebzz.com&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1912
set-cookie: uid=f5f02788-83a0-4236-91f8-de21cdda59b6; expires=Fri, 08 Jul 2022 15:37:43 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Thu, 08 Jul 2021 15:37:43 GMT
content-length: 321

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 71ms
25ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:44 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 09 Jul 2021 15:37:44 GMT

GET
H/1.1 200
OK viewability Show response
hal90002.redintelligence.net/ Frame C875 0
150 B 78ms
58ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal90002.redintelligence.net/viewability?s=43704100104756000951433011649002&a=d76d843f&vb=v
Requested by: Host: hal90002.redintelligence.net
URL: http://hal90002.redintelligence.net/request_content.php?s=43704100104756000951433011649002&a=c23e3d2c
Protocol: HTTP/1.1
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://hal90002.redintelligence.net/request_content.php?s=43704100104756000951433011649002&a=c23e3d2c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:44 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal900025.redintelligence.net/ Frame 0128 0
150 B 78ms
58ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal900025.redintelligence.net/viewability?s=13282700112036400951427011649025&a=69df035e&vb=v
Requested by: Host: hal900025.redintelligence.net
URL: http://hal900025.redintelligence.net/request_content.php?s=13282700112036400951427011649025&a=692db05a
Protocol: HTTP/1.1
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://hal900025.redintelligence.net/request_content.php?s=13282700112036400951427011649025&a=692db05a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:44 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK vevent
nym1-ib.adnxs-simple.com/ Frame 2B79 0
680 B 91ms
91ms Ping
text/html 68.67.179.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/vevent?an_audit=0&referrer=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&e=wqT_3QKdC2ydBQAAAwDWAAUBCMa3nIcGEN3mjcCX-O26VBj_EQF4ASo2Cf66050nnsE_ERhvzgKZD7s_GQAAACCuR_U_IRESACkRJNAxAAAAQOF6pD8wq-GBCjiDWUAdSAhQwNWohgFY9-KIAWAAaI6hrQF41NEEgAEBigEDVVNEkgUG9CQCmAGsAqAB2ASoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAoHiVuoCWmh0dHA6Ly93d3cuY2VsZWJ6ei5jb20vbWVsYW5pZS1icm93bi1zdGVwcy1vdXQtdG8tZGlubmVyLXdpdGgtaGVyLWZyaWVuZC1nYXJ5LWluLWdsZW5kYWxlL4ADAYgDAJADAJgDFKADAaoDjgYKxQVodHRwOi8vdGFncy5tYXRodGFnLmNvbS9ub3RpZnkvaW1nP2V4Y2g9YXBuJnNfZXhjaD1hcG4maWQ9NWFXOTVxMmpMekl6THlBdlRucGpkMWxxUm0xYVJHTjBUVVJCZDAxRE1IZE5SRUYzVEZSQmQwMUVRWFJOUkVGM1RVUkJkMDFFUVhkTlJFRjNMemcwTnpnMU5UUTVNVGN5TVRZeU1EYzVPVEV2TmpZeU1qTTVOaTgwTlRZeU16RXlMekV6TDJkRFEzRTFSVEJQTUc1MlMxbGtjbTEyUVRSNlJubDFkR2hVWldaeU1scFRRM2xSYTNSNlRtZzNlakF2TVM4eE15OHdMekF2T1RVMk9EQXpMekF2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVFYUk5SRUYzVFVNd2QwMUVRWGRNVkVGM1RVUkJkRTFFUVhkTlJFRjNUVVJCZDAxRVFYY3ZNQzh3THpBdk1DOHdMemcwTnpnMU5UUTVNOvAAEGIzSmtMAXT0KgFUYzROeTgzTXk4NU9Ua3ZNekl5THpKaE1ERTZOR1k0T2pFNU1qbzFOREF3T2pvdk1DNHdNREF2TVRZeU5UYzFPRFkyTWk4eE5qSTFOemN4TWpZeUx6RXpMekV4TXprMUx3L24wUEZPUms1UXpPaTl4Y1J5aGd2VVpsT1Z2cyZub2RlaWQ9MjY5MCZncm91cD11cy1lYXN0JmF1Y3Rpb25pZD04NDc4NTU0OTE3MjE2MjA3OTkxJnByaWNlPSR7QVVDVElPTl9QUklDRX0mbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MjE2LjIwMC4yMzIuMTY0JnNpZD00NTYyMzEyJmNpZD02NjIyMzk2JnNyYz1hcGkmdHlwZT1idXJsJmNsaWVudD1zMnMSEzg0Nz6GAPR1ARoTNjA4NTk3MjUxMzAzMTE1NjU3MyIJMjgxNjg0NjcyKgYxMDE5MzY6BzY2MjIzOTbAA6wCyAMA2AO3mlTgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBBQyYTAxOjRmODoxOTI6NTQxNDo6MqgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANoEAggB4AQA8ATA1aiGAfoEEgkAAACgmZlJQBEAAADAzMwiQIgFAZgFAKAFlLOD0NP_0oMDqgUkZWQzODZiNGItYmFhMS00Y2UwLWFlMWQtY2M2MzcwMTMwNWM4wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAcEGAAAAAAAA8D_QBvmrAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3MboHDwgAEAAYACAAMAA4ugZAAMgH1NEE0gcNFYAYEAAYANoHBgknKOAHAOoHAggA8AcA&s=e1e3fa3cf4c2a9c3dda1f1ede640c89700cb0829&type=pv&jm=1140|1141|1143|1003&px=0&py=0&bw=300&bh=600&sf=1&sid=6757631511545949652&vd=ct~0|rr~5&sv=212&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=21000363&ft=3

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/212/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.90 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:44 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: f9590a85-9209-4ce0-a3f9-e98e33a12240
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://assets.vlitag.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
nym1-ib.adnxs-simple.com/ Frame 0147 0
680 B 108ms
107ms Ping
text/html 68.67.179.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/vevent?an_audit=0&referrer=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&e=wqT_3QKdC2ydBQAAAwDWAAUBCMa3nIcGEK2us-7YyK3eMhj_EQF4ASo2Cf66050nnsE_ERhvzgKZD7s_GQAAACCuR_U_IRESACkRJNAxAAAAQOF6pD8wq-GBCjiDWUAdSAhQ7uCohgFY9-KIAWAAaI6hrQF4n80FgAEBigEDVVNEkgUG9CQCmAGgAaAB2ASoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAoHiVuoCWmh0dHA6Ly93d3cuY2VsZWJ6ei5jb20vbWVsYW5pZS1icm93bi1zdGVwcy1vdXQtdG8tZGlubmVyLXdpdGgtaGVyLWZyaWVuZC1nYXJ5LWluLWdsZW5kYWxlL4ADAYgDAJADAJgDFKADAaoDjgYKxQVodHRwOi8vdGFncy5tYXRodGFnLmNvbS9ub3RpZnkvaW1nP2V4Y2g9YXBuJnNfZXhjaD1hcG4maWQ9NWFXOTVxMmpMekl6THlBdlRucGpkMWxxUm0xYVJHTjBUVVJCZDAxRE1IZE5SRUYzVEZSQmQwMUVRWFJOUkVGM1RVUkJkMDFFUVhkTlJFRjNMemcwTnpnMU5UUTVNVGN5TVRZeU1EYzFNell2TmpZeU1qTTVNeTgwTlRZeU16RXlMekV6TDJkRFEzRTFSVEJQTUc1MlMxbGtjbTEyUVRSNlJucFJZM1JOY21welpVNUJNR3QzV0dObWFuRm5ObmN2TVM4eE15OHdMekF2T1RVMk9EQXpMekF2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVFYUk5SRUYzVFVNd2QwMUVRWGRNVkVGM1RVUkJkRTFFUVhkTlJFRjNUVVJCZDAxRVFYY3ZNQzh3THpBdk1DOHdMemcwTnpnMU5UUTVNOvAAEGIzSmtMAXT0KgFUYzROeTgzTXk4NU9Ua3ZNekl5THpKaE1ERTZOR1k0T2pFNU1qbzFOREF3T2pvdk1DNHdNREF2TVRZeU5UYzFPRFkyTWk4eE5qSTFOemN4TWpZeUx6RXpMekV4TXprMUx3LzVIRkJBSnlZcW5nQnNSbHF3bnRnZVY0MUVjSSZub2RlaWQ9MjY5MCZncm91cD11cy1lYXN0JmF1Y3Rpb25pZD04NDc4NTU0OTE3MjE2MjA3NTM2JnByaWNlPSR7QVVDVElPTl9QUklDRX0mbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MjE2LjIwMC4yMzIuMTc1JnNpZD00NTYyMzEyJmNpZD02NjIyMzkzJnNyYz1hcGkmdHlwZT1idXJsJmNsaWVudD1zMnMSEzg0Nz6GAPR1ARoTMzY1NTk5NzQwNzM2NjAxMDY2OSIJMjgxNjg2MTI2KgYxMDE5MzY6BzY2MjIzOTPAA6wCyAMA2AO3mlTgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBBQyYTAxOjRmODoxOTI6NTQxNDo6MqgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANoEAggB4AQA8ATu4KiGAfoEEgkAAACgmZlJQBEAAADAzMwiQIgFAZgFAKAF55W0_PTR-cEOqgUkY2E4MGQyYzItNDFhMS00NTI2LThiZDMtNzZkMzNlYjBkNDA5wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAcEGAAAAAAAA8D_QBvmrAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3MboHDwgAEAAYACAAMAA4ugZAAMgHn80F0gcNFYAYEAAYANoHBgknKOAHAOoHAggA8AcA&s=d00a5b148744eb65a1761a264d702c338c0f03bd&type=pv&jm=1140|1141|1143|1003&px=0&py=0&bw=160&bh=600&sf=1&sid=6757631511545949652&vd=ct~0|rr~5&sv=212&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=21000363&ft=3

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/212/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.90 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:44 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: ee52387e-b185-4ad3-9f38-3c17037c6aa0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://assets.vlitag.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 250 B
937 B 42ms
42ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b87351929a01e63e0a858044ade68bd2117f1b83d10b41e52c3ebde2b9b68544

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:44 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid: 7aeb8e37-d51c-4266-ab4e-e77a12546a40
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 250
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 250 B
937 B 31ms
30ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

2f8ca415bb87ce967f974efd9862e2fadf44c7bb939abffe54c768856ccc23a6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:44 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid: 7f502fc2-a804-47e5-81c3-c77df6016f7a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 250
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 37ms
37ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Thu, 08 Jul 2021 15:37:44 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 quantumdex Show response
useast.quantumdex.io/auction/ 7 KB
6 KB 342ms
342ms XHR
application/json 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27350434bc6316cf661b799d1dd89ca27672bb5862fd1fca66cf6616cd38d2f2

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: http://www.celebzz.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pWK8SXafc6dK8P8U5D1USkqtbzE9l8gtppiB4lU4tF%2FS6lrY%2FhAP8YpFu%2FPIxuIegYXWxB4Hl3FHnZsnsMa4d4hiKet0hqzxKCC8eb3Z55JpofHyGbOxaRG6X0yhp9W27aCy6OHzxy3FbkWAeg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 66ba65477d1d4db2-FRA

GET
H2 200 ROS Show response
ads.us.e-planning.net/pbjs/1/2c995/1/www.celebzz.com/ 79 B
402 B 34ms
33ms XHR
application/json 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/pbjs/1/2c995/1/www.celebzz.com/ROS?rnd=0.3115249782254208&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&pbv=5.0.0&ncb=1&vs=FF&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&gdpr=1&gdprcs=
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 134f166c1a9db6ecf96496d588dfc365d5cfb8e1e65468599540df7cc31a60cc

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jul 2021 15:37:44 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: http://www.celebzz.com
expires: Thu, 08 Jul 2021 15:37:44 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 79
x-sid: AMS-606

POST
H2 200 cdb Show response
bidder.criteo.com/ 145 B
388 B 23ms
22ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=105&profileId=185&av=34&wv=5.0.0&cb=78351324245
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: cc509eb00731e251705ecd5f85d545f2d10db63bc03e715d949f30a49f9b8691

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jul 2021 15:37:43 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.celebzz.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 148

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
142 B 149ms
149ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Thu, 08 Jul 2021 15:37:44 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 51
vary: origin

POST
H2 204 events
bidder.criteo.com/csm/ 0
187 B 23ms
22ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Thu, 08 Jul 2021 15:37:44 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK r.html Show response
assets.vlitag.com/plugins/safeframe/src/html/ Frame 2051 1 KB
1 KB 181ms
180ms Document
text/html 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/safeframe/src/html/r.html

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e185fc9d1ca30cfce22382c0659138d12b8287a8a7ee2f76f6664e2bc005a9bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: assets.vlitag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.celebzz.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 01 Nov 2019 05:04:50 GMT
Expires: Thu, 08 Jul 2021 16:07:45 GMT
Cache-Control: max-age=1800
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: noindex, nofollow
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4A%2BpPr4HxfjIye4ufQwnmCJoXCzmb5gozFeqdVivf7bmqoSPmvAkpM5tiDddlEZfaP3qEVlHSw2l6TqVWvgEoasSnFnH3U2D3FomJ5WNv8RJBvO2MnKNWATzsus5buH3m56XT0DoCLLOWA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 66ba6549a8102c19-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK vi-logo.svg
assets.vlitag.com/media/icon/ 11 KB
4 KB 43ms
42ms Image
image/svg+xml 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.vlitag.com/media/icon/vi-logo.svg

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2104538
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 01 Nov 2019 05:04:49 GMT
Server: cloudflare
ETag: W/"5dbbbcf1-2c34"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6FSzwIjtCr6y2eA4hVMPlFW3KEQcMlnMr8iSufJep%2B4w2FOcdR2S9J8RtWHN9jASJ8TTcdziKFkCzUvjjS4IZAopy1RFkYyDfI2Xf0RzedtjF1J7d5f222l%2FtoHpJHewKuMmCgkEGh0bqg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Cache-Control: max-age=16070400
CF-RAY: 66ba6549b8561f25-FRA

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 5B8E 3 KB
925 B 144ms
133ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 353af19fb5dc719ef8c08db5eed3ab35d0fa2cce91a417a7303209cf20b5755a

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=5dc2e132-a002-4d7c-b52b-1e99ccdc253b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
content-type: text/html
set-cookie: uid=5dc2e132-a002-4d7c-b52b-1e99ccdc253b; expires=Wed, 28 Jul 2021 15:37:45 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=37k1I0DQbgxQixCvJEvIUSihSdwTLrALZjUlGd866PX%2BTP0C9w6RzYFVy7c2opro7B1hDI756v%2FsTJR1%2FjLKGv4IlXgjTvHv66GmCKgc%2Be0UOyChNqXA1k0F6oun1iY%2FvVPzlAeZE84ZR3M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66ba654a1bce4db2-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame AB09 3 KB
1 KB 142ms
132ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2b917bb783aefa376b929952e1d312ce2dca9b444ca7e9e00aadd96ee87a94c

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=5dc2e132-a002-4d7c-b52b-1e99ccdc253b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
content-type: text/html
set-cookie: uid=5dc2e132-a002-4d7c-b52b-1e99ccdc253b; expires=Wed, 28 Jul 2021 15:37:45 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zRFdtwreb7Enna4joAYHwsFb503Zl3KUDE1PvQA3QuwjC5gGma53DvKnErdN0HQSOqacfk43bliRsnqtMUcFalEMXq1IapU4KGvospSaOd%2F%2B6flxKgapwu8CcpVlRbG9sJ9p48KKQuUU55o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66ba654a1bc34db2-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 53AC 3 KB
926 B 144ms
135ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15768fbc776d23248d701ec52af72cbbafb1edde6865c4528eb10025aac7f355

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=5dc2e132-a002-4d7c-b52b-1e99ccdc253b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
content-type: text/html
set-cookie: uid=5dc2e132-a002-4d7c-b52b-1e99ccdc253b; expires=Wed, 28 Jul 2021 15:37:45 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KF%2F9UVEWvJny0INLwKpr1KOAroWW%2FJRYpGsiNlmufGUTTOPjpImdW66HEMQUxplO4vSlrCb30ksnnYzHlibvWofL%2FDPmA5ViTsq00F4xkpEpXxMawxy1NXfGGv5QXD0AsqwMZdB58LJM3P0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66ba654a1bcc4db2-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 9AF4 3 KB
1 KB 146ms
138ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2b917bb783aefa376b929952e1d312ce2dca9b444ca7e9e00aadd96ee87a94c

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=5dc2e132-a002-4d7c-b52b-1e99ccdc253b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
content-type: text/html
set-cookie: uid=5dc2e132-a002-4d7c-b52b-1e99ccdc253b; expires=Wed, 28 Jul 2021 15:37:45 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BX8IYtA016HycK78MGJBWc27a%2B1OMjxXR2noUBQFFL2BZ5auwierEIf7QrYkf6dfoWUfjOBcwisheQx5J9cJIzrPx%2BmKgvRjP6J4A4RgyYa4LhWl1O6M%2BIrDucZk7QqVl1zTUDrx7pcisds%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66ba654a1bc54db2-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 0510 3 KB
924 B 147ms
140ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e09a10fbbcb590fefc81d2ccd10bbd4a300ae576863ef13bdef7e64db919383

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=5dc2e132-a002-4d7c-b52b-1e99ccdc253b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
content-type: text/html
set-cookie: uid=5dc2e132-a002-4d7c-b52b-1e99ccdc253b; expires=Wed, 28 Jul 2021 15:37:45 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wSc1o0a7NwAPLNJK7YECSCq03d%2BGAounAdIHmkVBK0lRjgwCSjUIPt6d6au5TPQQ9AIrnPOqvT858R1zc0WmOrP%2BPHhw7Nd8G0Gz5kbTtQhDJpXNDxC%2BCX2gkYi3HSSVf%2B0Kz6KnmrCpe7E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66ba654a1bc94db2-FRA
content-encoding: br

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 2051 12 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/plugins/safeframe/src/html/r.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0b285da2c50000c28b8d2ac000000001
last-modified: Tue, 29 Jun 2021 09:14:34 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60dae47a-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=R46%2FQzoeerxdWWT9o8PA9%2BX27RQmhAVJB4gdmSwJypHpH8l2ltThFW%2FejD8%2FwygyAuLThq74ZzbCXHmZXrOcu4KyLvo9lQ%2Bu%2BZwvvseuwQ4zYW8eYqrVcb5BcGNceTcdbGWOXVQ7N7nCQdUR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 66ba654adaa7c28b-FRA
expires: Sat, 10 Jul 2021 15:37:45 GMT

GET
H/1.1 200
OK sf_ext.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ Frame 2051 23 KB
12 KB 15ms
14ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1273699
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 01 Nov 2019 05:04:50 GMT
Server: cloudflare
ETag: W/"5dbbbcf2-5aed"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=q5c516JeJnmX8jVEhRCaGbJbnMvce3TM8USDBYdjQaEaPR%2BX59IQ9Fm8clIycPCzhi2MLlSmU6vx8ng5kVPrYkSeoSk8aiDerXHPPZTsOCns6JiVywllV8cA%2BZFShfHhoH4bZFC83RYK4w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=16070400
CF-RAY: 66ba654aeacd2c19-FRA
Expires: Wed, 23 Jun 2021 22:19:26 GMT

GET
H/1.1 200
OK /
stats.vlitag.com/pi/ 0
665 B 96ms
95ms Image
image/jpeg 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stats.vlitag.com/pi/?e=zdNtBMTtMeY-qwBY-PUeT-MrZA-qyrAZtMaTeMYRrNaTRmNTMMARwNjxqfzxdrtbRhNAGATBaAPRrtNRcsokty_orN
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sCEP5U64qTi%2Bog7SJOkTUgVdQlBZu0yt7eTpH%2Fh4M%2FgAAYYGpDCC6uVGe5WdQuBcsQflBisXuKpqlUW90R8JdBCxtpGWQamXPN2F8GnW9wzF3D4nYPjYpnKAc1HKNwKwVniv5mAFbVQB"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 66ba654afa974e67-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0

GET
H3-29 200 collect
www.google-analytics.com/ Frame ADB4 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=657168299&t=pageview&_s=5&dl=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&ul=en-us&de=UTF-8&dt=quantumdex_celebzz.com_0.013904_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.013904&cs=celebzz.com&cm=quantumdex&cc=Default&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=1475286884.1625758661&tid=UA-128776493-30&_gid=1863006764.1625758661&gtm=2ou770&z=676460773

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 23:45:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57116
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame AB09
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6228369404489295200

43 B
343 B

146ms
146ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6228369404489295200
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YKEJgIEu8mXyqggd0DIhrerp9gd%2Ff9vQzJHgmHunCpvoxmXqk9RbxTGLqes4GvLWAOXWlvnRzBjm%2FQJTs54DArVnKGgW8xF%2FqWHHShb2WUHBbuledbfGU7QKTc4nOrzZY951h4zoqtrW2%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c28de4db2-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c78c9224-b77f-48eb-8204-4c2e19f73ec3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6228369404489295200
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame AB09
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-FS10D8tE2uElF_PG0vhfF1BZQfA1R4BY4iRW8jk-~A

43 B
319 B

150ms
149ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-FS10D8tE2uElF_PG0vhfF1BZQfA1R4BY4iRW8jk-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vNKM9qysmOJeWka2hOvTFPrD3qjMwktrWwfrjnkkKYbedIPb7%2F%2Fm5hp2LyifpqAKAD0U%2B1RjPE1RRCTEgoRY8r50Gw34C372IQ5Vu6naQ6EBRtAEa32IywJtxGiUStrZ7fkPAvmc0z%2BlK%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c59e34db2-FRA
content-length: 43

Redirect headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-FS10D8tE2uElF_PG0vhfF1BZQfA1R4BY4iRW8jk-~A
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame AB09 0
474 B 146ms
32ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame AB09
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=9dd498165297ed98564f13c6

43 B
326 B

142ms
142ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=9dd498165297ed98564f13c6
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sKPRtTZJa8Z3%2B5OPzFhQrq7ZJK4EYWLL4gp5acTHOUz9g4MZXs%2F%2FjaPWlzvxyr68YZc%2FZWcYj%2FatGr%2BxT12a7cTOZlRpyk1W4mPXYgZ0K%2F1MUPd7FMo18wz%2FogynEQkEgvpZWntQSb5D3XY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c28dd4db2-FRA
content-length: 43

Redirect headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=9dd498165297ed98564f13c6
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame AB09
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7974683219268065359

43 B
319 B

159ms
158ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7974683219268065359
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HIHN4ZUbmQCgZGKHhRvumgKshkPu8cw3WgGN5mAoLKH%2Fi1MmfIQdD1pcy8AkcaFxUtzCDvJ8ExgufNHMotlUb3lLafjrCZ5ZTlklHI3UjHd0NX%2F78yDFzsz0uZy7V%2Fj7LTU%2FW1NrTrj1tSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c59d94db2-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6f7513c5-beff-4f51-834c-33a74d724561
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7974683219268065359
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame AB09
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4508212335585529761

43 B
320 B

163ms
163ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4508212335585529761
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DqsAFFJIzgGGTjvTdgpBHKPK7FdTYp4byWZbLR6gPLp74%2F0tyqZ%2FBRO1TWk%2B4A6pM5pw8BibCU5wEewZdkmEVv0wbLXjVLmdLKxrZP0otxQMeZ2TALCTShLzMh6OLLnpTSFIvvIyZ6aKijQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c8a0f4db2-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6ff1faa7-697f-4a17-a018-42689e8374c7
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4508212335585529761
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame AB09
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-627e1b8e-775a-43fe-af62-9e3731293da8

43 B
319 B

143ms
142ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-627e1b8e-775a-43fe-af62-9e3731293da8
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7Rkv7E9a3gZ34dyfx33wgH0tJ1wG9Geml5c1NXVgfG7Cp8zTO44WfV9xRLwKXnlG1SC7CoEFPpLrIVCphSm%2FUqc2vwnRJdufDvLIA85Y%2F7yaPy9rn8mHe6eSsA%2B%2Fr%2FUCZsUDF32ou9mxUlw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654cfb854db2-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-627e1b8e-775a-43fe-af62-9e3731293da8
date: Thu, 08 Jul 2021 15:37:45 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame AB09
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP71008d68-e002-11eb-b832-02aba4491fc2
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71008d68-e002-11eb-b832-02aba4491fc2

43 B
313 B

142ms
142ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71008d68-e002-11eb-b832-02aba4491fc2
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uMXjLxJaEpU3tU70zLCorzBIluGXODO6QsHqVw5duTb7W0BllsmqHBhfSgKZaDWGpe5Et892CMT01PPtSO0ZAnFwKww4N%2FGDx2kd7UJyV36lGOjgmtaksFjt415Wy1dEYNOtwr08nVbrins%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654cfb904db2-FRA
content-length: 43

Redirect headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71008d68-e002-11eb-b832-02aba4491fc2
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame AB09
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d77f28d2-9f7a-4515-9db9-e6b86762ff75

43 B
466 B

154ms
154ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d77f28d2-9f7a-4515-9db9-e6b86762ff75
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hgzxALaEJHodZW28Le%2Ff1kAla6T0t5RV0lSGWVtcb4PTiQEDv4ZjJZ7cnL3LMt0Kmux0v6394YVuWx8bSSZD%2B%2FEjoKl59Eub7REXvWuQmUB%2FcvV9xVj92zjvZkPQbQ81HTclZicRbDyW20Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c59dd4db2-FRA
content-length: 43

Redirect headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2Bp7jASuR%2FE1lGoX0EkLeKwA6Eze7btk8eWOnhuDo430639oe0gMDTRmT2rhvyB9BXUZaziIgHozRLBdqrCxfeBYzHfF4KS2XiIysyVfi8HRjzoBlxhbZlrpkqrzJRL2YGMGNcYmGyOkH"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d77f28d2-9f7a-4515-9db9-e6b86762ff75
cf-ray: 66ba654b2e3b4db2-FRA
content-length: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 7257 2 KB
823 B 96ms
28ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 3DB2 43 B
551 B 132ms
32ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YOcbz; path=/; domain=.go.sonobi.com

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 5655
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

89ms
45ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1b8863a8d2fadc833b8819333b7ca97ec9fd9347f7b432fa74ccfe0e98451bb

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YOcbyYPCb8bfiFscKecUzQAA; CMPS=5175
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|241|39|45|57|88|90|111
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1795
Expires: Thu, 08 Jul 2021 15:37:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Connection: keep-alive
Set-Cookie: CMID=YOcbyYPCb8bfiFscKecUzQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:37:45 GMT CMPS=5175;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:37:45 GMT CMPRO=1108;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:37:45 GMT CMRUM3=6f60e71bc905a0&5a60e71bc905a0&e660e71bc92760&2d60e71bc905a0&3960e71bc905a0&5860e71bc905a0&f160e71bc905a0&2760e71bc90b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:37:45 GMT CMST=YOcbyWDnG8kA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 09 Jul 2021 15:37:45 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 08 Jul 2021 15:37:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Connection: keep-alive
Set-Cookie: CMID=YOcbyYPCb8bfiFscKecUzQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:37:45 GMT CMPS=5175;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:37:45 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame AA45 14 KB
5 KB 101ms
30ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=47376
expires: Fri, 09 Jul 2021 04:47:21 GMT
date: Thu, 08 Jul 2021 15:37:45 GMT
vary: Accept-Encoding

GET
H2 400 / Show response
ssc-cms.33across.com/ps/ Frame 401E 3 KB
3 KB 1476ms
206ms Document
text/html 67.202.110.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.21 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-110.static.steadfastdns.net
Software: /
Resource Hash: a250c006d6b747d0c6f489b530218db1547979de974f3c9b5ac51aef8c3ae735

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html;charset=utf-8
content-language: en
content-length: 2705
date: Thu, 08 Jul 2021 15:37:46 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5B8E
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4fe687e35f6f287097f2e23e

43 B
322 B

139ms
139ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4fe687e35f6f287097f2e23e
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BY1yy2rBwhT4by35hRpBrOGSQROTTMhg8RvxSCNSMhcL5cXqLAbMfpzV%2FhriKu%2BNXHGsZADX5yXZNtHzfikuUydvShPd6Z5tnxkwygeR5%2FAeFKTCZFiDwJB5dqe1AhUMAakrhLs2bjuUy%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c28d64db2-FRA
content-length: 43

Redirect headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4fe687e35f6f287097f2e23e
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5B8E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3065484692709509034

43 B
316 B

157ms
157ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3065484692709509034
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7AllmiZnv1jOp3qe6odGpSpjMdN26qOpnLKNB1R%2Bqs%2F%2F2m6xbk7LoksW05DRuWk05yo2IdkXaAKuoB2iWiqJ1AQVQlt0VvwS3hhcZvHm8INQ5slIaFZqQ%2BoOJbligjN7jHrkiec2dkxmsfM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c38f14db2-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0add5dca-5d94-4bd0-a8ca-cbfbb526c2e1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3065484692709509034
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5B8E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4508212335585529761

43 B
317 B

137ms
135ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4508212335585529761
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:46 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=O%2BZ1JGylRFEBpRu7HV%2Fnr1y1g8FeaUgQlAoDVrKODaMAqg0AXYAZl2SRAAyRckSUGx67ObC%2BYRaSvI3qgOtRfsHh2Wzamk2gGagAF3afoht0WUc%2F3Fs%2Fcw3PQ9w2tI0eBd0vPE350Jpiztc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654ddd984db2-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c90c5406-1fd8-426b-b1fe-857f0f3e8460
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4508212335585529761
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5B8E
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-edf4b8fd-fef5-46a2-a59d-db0f5ac4b3d3

43 B
343 B

133ms
132ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-edf4b8fd-fef5-46a2-a59d-db0f5ac4b3d3
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zDhxOtbstMXTvhYjZgz%2FWowlbLRqfrZZq0p2AMt%2FNCkb3u9ZqTZFTE3eq23RvE32jvCDWZ7RKqqb7HZLFeKF%2BVcJolDgAhSTYYu6RYYZYHgrI2Cs855o2Vo%2Fh4IMpn0Uivf2WqpL5NF1og8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654cfb874db2-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-edf4b8fd-fef5-46a2-a59d-db0f5ac4b3d3
date: Thu, 08 Jul 2021 15:37:45 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5B8E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3685742224727502008

43 B
319 B

150ms
150ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3685742224727502008
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=p2F0KfMLWnlenwQjHgj8EUxFLAPJ6pmBOUBrbW%2BQpb6UJ1Lfd8QlrygYF%2B7W3OYrTaku9knrnz6ZielhoDnCfIEplH%2FfJMkALm03XltGvhLIesAa4FRcyE%2BdT6hiOlIZTlz5Bte6ZHRYUMU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c59e64db2-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9c7648dd-8f76-467b-b954-097315f87683
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3685742224727502008
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5B8E
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP71052118-e002-11eb-8b79-069dedfdb540
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71052118-e002-11eb-8b79-069dedfdb540

43 B
313 B

151ms
150ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71052118-e002-11eb-8b79-069dedfdb540
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=A55PWklhypzp7NyJG5aXMGcG11Ft7r5UCNwnDh6P47UatoBztEIMNu0mFsIT8ZWIMhx4qeED7D32zwsVlwsU2rL3VeIRjrcJ4mR67wJMVwTSbmsukXuEU3mfJSZqTQmSCYo4He9ETnxGRCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654d0bb34db2-FRA
content-length: 43

Redirect headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71052118-e002-11eb-8b79-069dedfdb540
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5B8E
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=0aa27dfe-ef0f-4cbd-9eb0-4a27642b9267

43 B
317 B

154ms
154ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=0aa27dfe-ef0f-4cbd-9eb0-4a27642b9267
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ITADV6qFBIAhEGyFm5drGwy2ffoEKQ5iQZel8ABV0XxeBZCSnFclhKY66U%2F1yK3uGcQXpERF5D9Bt7VXF8TBdtQztsfNpAyZPaSUQ7kjhH5JHVWrSk2WY9JdFcBtA7oF%2BoCuFPQsN95xXPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c59e04db2-FRA
content-length: 43

Redirect headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=V46mtzLHaxkOdDmgXv%2BFkwiwcWeS7iKT9a1nZdSMGHW7Xdul2opVFzFP3pRLx1gY%2F7aqe8rID149uplYtE751AQJrysxxbefj4Qs3CHy34umEaayk1XtFzR0AdFIaYUYVU0I0kim1dVv"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=0aa27dfe-ef0f-4cbd-9eb0-4a27642b9267
cf-ray: 66ba654b2e3e4db2-FRA
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5B8E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-FS10D8tE2uElF_PG0vhfF1BZQfA1R4BY4iRW8jk-~A

43 B
321 B

158ms
158ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-FS10D8tE2uElF_PG0vhfF1BZQfA1R4BY4iRW8jk-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NnZMgYc%2BK%2BKvC4I4a6bm1PMtoDeKvxY7Y33k1OWTjhRl9S7JwMsJLK%2BP63M%2FXhxg3Kou45qh0%2BIUo8KRFh%2FYwpyWgIEzJM4kgeVqWj8XgDloKatIcLKRcMzRbc1TbEog0DM8hY1BjQbbsJs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c59da4db2-FRA
content-length: 43

Redirect headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-FS10D8tE2uElF_PG0vhfF1BZQfA1R4BY4iRW8jk-~A
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 5B8E 0
478 B 162ms
34ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame B52E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

111ms
43ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 53417ec988e367ec68eeedb23bd8e773abb0e38d47da0f028c6da3bf28635ee1

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=5175; CMID=YOcbyQMi9VH60mapgMUV4gAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|230|241|39|90|40|81|218
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1794
Expires: Thu, 08 Jul 2021 15:37:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Connection: keep-alive
Set-Cookie: CMID=YOcbyQMi9VH60mapgMUV4gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:37:45 GMT CMPS=5175;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:37:45 GMT CMPRO=1205;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:37:45 GMT CMRUM3=e660e71bc92760&2d60e71bc905a0&2760e71bc90b40&f160e71bc905a0&5160e71bc905a0&2860e71bc905a00&5a60e71bc905a0&da60e71bc92760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:37:45 GMT CMST=YOcbyWDnG8kA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 09 Jul 2021 15:37:45 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 08 Jul 2021 15:37:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Connection: keep-alive
Set-Cookie: CMID=YOcbyQMi9VH60mapgMUV4gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:37:45 GMT CMPS=5175;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:37:45 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 28A9 14 KB
5 KB 97ms
32ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=47376
expires: Fri, 09 Jul 2021 04:47:21 GMT
date: Thu, 08 Jul 2021 15:37:45 GMT
vary: Accept-Encoding

GET
H2 400 / Show response
ssc-cms.33across.com/ps/ Frame 2C24 2 KB
2 KB 1470ms
206ms Document
text/html 67.202.110.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.21 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-110.static.steadfastdns.net
Software: /
Resource Hash: 4b11c95118b3eb3f49d4fbe5a3bf9777846263f72602745e3be775c65e64829d

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html;charset=utf-8
content-language: en
content-length: 2273
date: Thu, 08 Jul 2021 15:37:46 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame D8EA 2 KB
823 B 86ms
29ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 98DC 43 B
551 B 121ms
32ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YOcbz; path=/; domain=.go.sonobi.com

GET
H2

200

setuid
sync.quantumdex.io/ Frame 53AC
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-FS10D8tE2uElF_PG0vhfF1BZQfA1R4BY4iRW8jk-~A

43 B
323 B

142ms
141ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-FS10D8tE2uElF_PG0vhfF1BZQfA1R4BY4iRW8jk-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5odNw3B%2BUf8z1JCQlDFFICO%2BGsJrs5miNT4G6BbQ0%2FPHZfoOGUtofSIn3%2BYT4QExXrcEO7LZrb5zbEKJGHWBQ%2ByjkiXQCnp3ZbQ36%2FUP7owQ5r%2Fs74ZM7e9QBZd5C4NUsEmaTid8gfDie8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c28da4db2-FRA
content-length: 43

Redirect headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-FS10D8tE2uElF_PG0vhfF1BZQfA1R4BY4iRW8jk-~A
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 53AC 0
474 B 155ms
32ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 53AC
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4fe687e35f6f287097f2e23e

43 B
323 B

134ms
133ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4fe687e35f6f287097f2e23e
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LSWxg2uBWoptuZcaN8C87JvI90F4dj78W4a%2FJ3McAxUpJyfXEUCnf%2Bc49U4s4qL4ExBwHpSnBHCDQR%2FZ6lB8S%2FnAp2%2FUZb%2FuBXWRxuGycaB9ZqCCWMhQjXuSmZhJfWMdb34SjNX8oupniRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c49234db2-FRA
content-length: 43

Redirect headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4fe687e35f6f287097f2e23e
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 53AC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6652613312709106452

43 B
347 B

145ms
145ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6652613312709106452
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EQbDSjEcm2mB7I0h38RA1VYZx9%2B2b%2F3%2F5QYIZjZLc%2BtVJG0tsVF9DOgwPNqwBinV2glIdfh0WRpzVr8SB0h33S4leQs4I%2F5OQgO%2BJTrnzTiQ9Er8sqMSYarYoyJdl%2FGr0DVn3b%2B55mfmyUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c8a154db2-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d985ff7e-79ef-4896-94d8-b0b15a2516e1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6652613312709106452
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 53AC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8687211221490158152

43 B
321 B

159ms
159ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8687211221490158152
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vI33Wj7M1bBbIwxmiu%2BooqgBCgIua69RHQq%2BVAgNk711E3%2BfqZVGT6xsKoZi2nnq2JBzYzLcjGOyN%2BGD3oJPFmx5gFaEKCYd3SU1JRVnY1dgRrF1k52umzStQE3g9YC2%2FgPYxfP%2FBOl51NE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654cdb144db2-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0defe0ad-c2c8-48c2-b153-9fd643ebf786
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8687211221490158152
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 53AC
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-d75b1d6a-2544-451e-9309-68b437ffc458

43 B
465 B

158ms
157ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-d75b1d6a-2544-451e-9309-68b437ffc458
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=e9Ml6NZy1a7ak3hO39y5lxY5N8TnN4oPXdtq1167yaBNA5bB2M5neD%2BybuGzXKGloIlv8fSv0Jj0Hb3l2TMcK5akB5E%2FkV5AXFxHOMZWXX6jyyb1u%2BI51k0QMWMjnfcPs25E2VkByUSmbNY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654cfb984db2-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-d75b1d6a-2544-451e-9309-68b437ffc458
date: Thu, 08 Jul 2021 15:37:45 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 53AC
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP71008d68-e002-11eb-b832-02aba4491fc2
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71008d68-e002-11eb-b832-02aba4491fc2

43 B
319 B

253ms
253ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71008d68-e002-11eb-b832-02aba4491fc2
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SHgSl5RL1s7%2BvO2wW%2B8Bt9wfBkEkVxOWeGYgCIMnLe0vsE4oOqnQJNu%2BRymkil70DcWXdRNspbtleVniCrv3klaOPAaYSSqgv0AEC3ozNalNwrx6hDqVHxrsMVLr8oYdhVu%2B%2BOuq6R54tn8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c8a1b4db2-FRA
content-length: 43

Redirect headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71008d68-e002-11eb-b832-02aba4491fc2
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 53AC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8687211221490158152

43 B
319 B

284ms
284ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8687211221490158152
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Y1Pdwhv8tmLhuqxXiVvQorWWj2bwqN5hagCNC7zO47PLKHAUNn9Bsih1%2FUkms1y9O%2Bl9xyxVe03CLE1IVeKN1UY5qsNGf3gMn%2FsPZnBL6R4gOwQXyREYq4NW0NpjnDYFoDpNn5pX0NN%2F8P4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c8a134db2-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: eb08b94a-964a-4fe5-b325-d919c82c8f5f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8687211221490158152
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 53AC
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=f07ec676-0269-4a10-9351-57893e2209d3

43 B
319 B

166ms
166ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=f07ec676-0269-4a10-9351-57893e2209d3
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fIU4xztn9LJUr%2FQAiYE1CN54gNEVqJcbZ0kVC96T3FSyoz4m%2BmWlzsw0AgTYyqKXSiIf0uLRVGcizDvlbKs7AQByTaeMDQtXtzPz%2BPC5sAGZOlOLq%2BJhZVJf2xMHowxqeIeDcXvA5AS15Go%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c59db4db2-FRA
content-length: 43

Redirect headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WJKXUYgTpi%2BeEggJXSY7LZ6XYGmM00OYw%2BZXhhZkTqwKhSF7e1hIul9T50hScH%2FWDffgHb14NtnWLMUUvbGC0CWNISQedJsqFySW%2BYv7jA264M9iTYet%2F0P48aAGAjQoaFEg0ay%2BGZp9"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=f07ec676-0269-4a10-9351-57893e2209d3
cf-ray: 66ba654b2e414db2-FRA
content-length: 0

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 4C1F 43 B
555 B 143ms
53ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YOcbz; path=/; domain=.go.sonobi.com

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame B4A6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

100ms
44ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f2201be2229d85eaab9119892f6106afd74c085240f34ea014d901366b614034

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=5175; CMID=YOcbydnYXpw-a5DohITfrwAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|39|45|40|176|81|188
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1653
Expires: Thu, 08 Jul 2021 15:37:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Connection: keep-alive
Set-Cookie: CMID=YOcbydnYXpw-a5DohITfrwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:37:45 GMT CMPS=5175;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:37:45 GMT CMPRO=1197;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:37:45 GMT CMST=YOcbyWDnG8kA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 09 Jul 2021 15:37:45 GMT CMRUM3=5160e71bc905a0&2760e71bc90b40&f160e71bc905a0&2860e71bc905a00&bc60e71bc905a00&2d60e71bc905a0&e660e71bc92760&b060e71bc905a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:37:45 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 08 Jul 2021 15:37:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Connection: keep-alive
Set-Cookie: CMID=YOcbydnYXpw-a5DohITfrwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:37:45 GMT CMPS=5175;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:37:45 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A858 14 KB
5 KB 105ms
47ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=47376
expires: Fri, 09 Jul 2021 04:47:21 GMT
date: Thu, 08 Jul 2021 15:37:45 GMT
vary: Accept-Encoding

GET
H2 400 / Show response
ssc-cms.33across.com/ps/ Frame 78C6 2 KB
2 KB 1369ms
113ms Document
text/html 67.202.110.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.21 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-110.static.steadfastdns.net
Software: /
Resource Hash: 4b11c95118b3eb3f49d4fbe5a3bf9777846263f72602745e3be775c65e64829d

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html;charset=utf-8
content-language: en
content-length: 2273
date: Thu, 08 Jul 2021 15:37:46 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 1B03 2 KB
823 B 77ms
28ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9AF4
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6652613312709106452

43 B
322 B

268ms
268ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6652613312709106452
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=X1K7IJugMrXq2RsX6740NxhV8wMTC%2Fyf9W0fL8ElxIj4%2F%2BWLWAtmlgZ%2FkWlJJTmZUqHFSk6HtNqtYQDN0AgJDDEo9kbkbIA3uKbeGGDJBEr%2FbKIYLLMFGtM1EJIvsxvHpuRfwcHG7kf3FsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c8a1f4db2-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 86917a1b-3b2c-492f-b4fb-65eea5954078
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6652613312709106452
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9AF4
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-vAbYwXRE2uEWWDTI9ZredISrqgQt1Sdn024.0dE-~A

43 B
316 B

152ms
151ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-vAbYwXRE2uEWWDTI9ZredISrqgQt1Sdn024.0dE-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=I1AdqChO2QFMBFVosvt7GtXllpayfalLfNAiUg1IyFbAIWbVnPtjVihLhK29hN5AWcedPS1yS1LsiqMbPPs0Kx%2BNLA0fB99YRP040pwWrRebXC%2F9JmVFZB43lYgUUpLslbkVW%2FgwfqxEkII%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654ccaa54db2-FRA
content-length: 43

Redirect headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-vAbYwXRE2uEWWDTI9ZredISrqgQt1Sdn024.0dE-~A
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 9AF4 0
478 B 152ms
32ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9AF4
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4fe687e35f6f287097f2e23e

43 B
327 B

166ms
166ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4fe687e35f6f287097f2e23e
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8O8pXDm%2F%2BOlnD0XD2%2BUZAVnMMznsO3XXaxFSp%2FPZNpFNqdpy8vLUXkaOyZat9nrOlZFZOHC495cll1MPLn00a4t4elrknoTSK%2BQV8u%2BWpO%2BVR5V5HbWfWtmumSfBYAK7dHR%2BXIRtt9oE%2BqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c8a0d4db2-FRA
content-length: 43

Redirect headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4fe687e35f6f287097f2e23e
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9AF4
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6331878368950750854

43 B
464 B

138ms
138ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6331878368950750854
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UJfYoGslY7rwIgcf0P6dsVfs%2BZPAaaDqA0DM5hEIIMhe5CsFEpyt%2BEMiKdUeBVMjBmoBpVbWgu989h9k4eF5IQnE5r81NtBvo6%2BhGcVzniHUj5DpbRnuEcxuzFG5gqOaiwwIBNM6evbDyjw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654caa684db2-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b609a8aa-c921-4318-a89e-bd66422ff979
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6331878368950750854
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9AF4
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=6652613312709106452

43 B
322 B

136ms
135ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=6652613312709106452
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QSL5BRDABl1gdAurB0Wo1nvGt00EOjxcgTacmSwfjJypsWbLbxvHTV90xxQVA%2B4kcPX%2Bx3G5JoA0DIRPZ%2B%2F8Oham4Fs2xF1bHTSZJw9TxA%2FluooIxqMdAt%2FsXCbaTT2a%2BRuMrjMWGfFcCn0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c9a344db2-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 396b2a66-4d97-4a48-8992-cdd4ae1e9607
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=6652613312709106452
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9AF4
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-fbd8b648-cad2-4721-9710-6bb92b9cb6bf

43 B
469 B

278ms
277ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-fbd8b648-cad2-4721-9710-6bb92b9cb6bf
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:46 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1CvRnQ8ldkD4%2F%2BbZA0GGrpw2zP8RiYcIXwfqOMNQhPr7%2BXKH1KB9XLsMI6P3ZMCIwlwZ5CsT1x5X2rk2w4Pjr%2FSmzJGTolVw3a535d2kipxBXskxcweJYFrbZvM%2Bsy5IepHT8pZvh4knxWU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654cfba04db2-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-fbd8b648-cad2-4721-9710-6bb92b9cb6bf
date: Thu, 08 Jul 2021 15:37:45 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9AF4
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP71008d68-e002-11eb-b832-02aba4491fc2
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71008d68-e002-11eb-b832-02aba4491fc2

43 B
321 B

183ms
183ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71008d68-e002-11eb-b832-02aba4491fc2
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=F1hdBxJduv2R%2BFFv6%2FnsacwKELLs5A2F9MMtnqsFYD24ap8Z7HNDeC57pSahHm%2Bb2MmYxUcqiWK9OAlBTwHDIKzpA%2F8o3ALTda8hEz7g2zIqlXexkHZf4dVVl73frhl3AxNaIOY5XTFH%2B%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c8a0e4db2-FRA
content-length: 43

Redirect headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71008d68-e002-11eb-b832-02aba4491fc2
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9AF4
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=5e98a4cd-a7aa-403f-a9f1-45bccca91e2e

43 B
472 B

137ms
136ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=5e98a4cd-a7aa-403f-a9f1-45bccca91e2e
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wa7iJqKVMshMkvcSIRk3Z8iP0LLBh0ZMvVC9DabWdLF8EK%2FG8XPbU%2B%2FEpe3miv%2FnAaf9liBJM%2BDwBwDtkwby%2Bih%2BIDhAXUn9%2Fpa4oQulxCAL4S7CbtmrmLFO7lcdSxHC2NbfJhofzVpywo8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654be8174db2-FRA
content-length: 43

Redirect headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XXc%2FDas0Z%2F2K%2BxAjjkqLdpmJ928IHGNL0YY7mQPgHYbgZrbW%2Bdk6QqMAgwIQHEQkbZSCUrBflSeq6hI8T2YBS%2BKr09V9iUakETv5vcv6ZYRnQ2Uar0fuoVevevVnSCF8170XKwBx0Rx2"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=5e98a4cd-a7aa-403f-a9f1-45bccca91e2e
cf-ray: 66ba654b3e484db2-FRA
content-length: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame C5A1 2 KB
823 B 73ms
29ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 98DE 43 B
551 B 115ms
32ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YOcbz; path=/; domain=.go.sonobi.com

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 7510
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

115ms
41ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: edb74d79e9a515cd48eccaf21d1e1025d384a0e6378750218dcb51983ef93069

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=5175; CMID=YOcbyfldi3Qi3eGFyIIjjAAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|39|241|230|196|73|195|51
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1802
Expires: Thu, 08 Jul 2021 15:37:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Connection: keep-alive
Set-Cookie: CMID=YOcbyfldi3Qi3eGFyIIjjAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:37:45 GMT CMPS=5175;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:37:45 GMT CMPRO=1153;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:37:45 GMT CMRUM3=4960e71bc905a0&2760e71bc90b40&f160e71bc905a0&3360e71bc905a0&e660e71bc92760&2d60e71bc905a0&c360e71bc905a00&c460e71bc905a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:37:45 GMT CMST=YOcbyWDnG8kA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 09 Jul 2021 15:37:45 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 08 Jul 2021 15:37:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Connection: keep-alive
Set-Cookie: CMID=YOcbyfldi3Qi3eGFyIIjjAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:37:45 GMT CMPS=5175;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:37:45 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 92D5 14 KB
5 KB 96ms
50ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=47376
expires: Fri, 09 Jul 2021 04:47:21 GMT
date: Thu, 08 Jul 2021 15:37:45 GMT
vary: Accept-Encoding

GET
H2 400 / Show response
ssc-cms.33across.com/ps/ Frame 0F7E 2 KB
2 KB 1354ms
114ms Document
text/html 67.202.110.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.21 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-110.static.steadfastdns.net
Software: /
Resource Hash: 4b11c95118b3eb3f49d4fbe5a3bf9777846263f72602745e3be775c65e64829d

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html;charset=utf-8
content-language: en
content-length: 2273
date: Thu, 08 Jul 2021 15:37:46 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 0510 0
474 B 145ms
31ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0510
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=9dd498165297ed98564f13c6

43 B
328 B

265ms
265ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=9dd498165297ed98564f13c6
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Q%2FvAAMxzvzafk%2FFcIkOEkzk3X3dK3CJzALZHiXlNURNekFzbF%2B8LPDjI3eIWwq72k3pGeUgy8%2FIF%2BaYC8t%2FSb3BIxB%2F2%2FruZHuYH0Bn2bL0d0nAS5Zp5M6j7h64%2B4hnpj0lOpmS%2B2DZrle4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c8a124db2-FRA
content-length: 43

Redirect headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=9dd498165297ed98564f13c6
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0510
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6785658206170012938

43 B
316 B

132ms
132ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6785658206170012938
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yVdZGKdgiORgnYayrcTOTEq%2BVsL8VjpBj0rFuIncdrayCQXDrNbWIxqTUp7eLQItC7NwfH2tbRHX3dCZuIrYwSh2xv35IHIuSmDT6LaMm2J%2BgNjQ3bb3hwLkS8fL0QNjx5lm20id6zEIy9g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654ccac04db2-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e8466bd2-07c4-4c3e-baef-eeae8a9ddfc6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6785658206170012938
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0510
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=6331878368950750854

43 B
318 B

149ms
149ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=6331878368950750854
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kXDya2yn7kiZzlLFjqBSnjQuR1aftGi9C2SW9XZuYEu9x4ddUuZtw1P6phQXByKS2T45Yx2HwYih7u4XSnMI9NYZw6qnnU7XB%2FWTlFjIwiFEpMKj28bS5Dy4SKh%2F8fh0Qtfbc%2BU7k8imqws%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654caa584db2-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1d619d5c-e240-4f72-baa2-ad46dd5355d8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=6331878368950750854
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0510
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-1325278d-ba04-4a78-aa08-c3136cd357ff

43 B
318 B

148ms
147ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-1325278d-ba04-4a78-aa08-c3136cd357ff
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kvIe3QEFIoMyvIi93XXyTDj9IfoBPFWAI435ITUXyb3t%2FL18iD56KtQvhw6s87uTtNjL6ZvRmc4E3WTtGrCLTgJzRnT%2FQycCwIh25HBvQZfRorfEG0yt20Eybt1oLaX%2FG4J2vWFgIRxpaSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654cfba34db2-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-1325278d-ba04-4a78-aa08-c3136cd357ff
date: Thu, 08 Jul 2021 15:37:45 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0510
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6228369404489295200

43 B
317 B

244ms
244ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6228369404489295200
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=04k0LH9liXxfpMZU3kmRpQ7gYpJvwRzsbWeEmFsXFkZjolrpyAEv841KNZA6zPmnTHoc3eyMc2KUaxreVjMuhSQNDX5PpN4ON%2BCgXMFOEtoKNnbsxtUI9Zl%2BT71e7gm%2FvMW5c8VJHkqeKmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654ccab94db2-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 63dc8954-ab15-4407-b948-dbc2c96f1acd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6228369404489295200
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0510
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP71008d68-e002-11eb-b832-02aba4491fc2
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71008d68-e002-11eb-b832-02aba4491fc2

43 B
319 B

259ms
259ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71008d68-e002-11eb-b832-02aba4491fc2
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4fpVvWq6vQRR3co8LfGAh0Z7hZoszNZEvpABgZwdDs4PjERePEshqyBWNL9R4aPTwSAKvbtbjwT1RMZtIJB09og3%2F%2F7oNUb%2Fl5sgzZzA7Tg7HSJuCYSUHklWBFnGRvANWj4GhmPL7EVkYQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c8a194db2-FRA
content-length: 43

Redirect headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP71008d68-e002-11eb-b832-02aba4491fc2
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0510
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=cd46d5e5-ff00-4e3b-bfaf-db0ca4c6dc18

43 B
317 B

137ms
137ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=cd46d5e5-ff00-4e3b-bfaf-db0ca4c6dc18
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xTbuogT5UfpuMnjzEovKzSitMRN386lqz7xy1%2F6h3qfQ0mhwzIPYpf2%2BWHtPl%2BgeWGc6R3Wx8XF2WuqlQdhUzqZkQwxEFwBmnoIgQvYypuojXRUyu524voM1M0vigy6ZgShwuymZg4SmoO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654bf8614db2-FRA
content-length: 43

Redirect headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gbC9gX9PIijqGDDKowrvRER6LEmhSXG19JFARi0VNup54MGNZzI4%2FQILwIeZAfLLyIuAACvtTTZu1pUsj5wBfaqiy0Hwhf3xwHWl%2BC%2BzmETckjrULoHh1TsB46uXpy0xn%2BRz8O3q%2BIh7"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=cd46d5e5-ff00-4e3b-bfaf-db0ca4c6dc18
cf-ray: 66ba654b4e7c4db2-FRA
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0510
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-vAbYwXRE2uEWWDTI9ZredISrqgQt1Sdn024.0dE-~A

43 B
319 B

162ms
162ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-vAbYwXRE2uEWWDTI9ZredISrqgQt1Sdn024.0dE-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yeEKgdXywHUE59%2FniFN%2BtfWuzC%2B86TBDWDsnnEeErvpikl4mNo1%2FsiLRwK4qZ2N8zycI76oUeAx9A5dZRu1oWRm%2B8uf8LCQACXeNeH4793O5F1ONox7NhxhpjwOqcFTZjXTgo7rwVJpm0b0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654cdaef4db2-FRA
content-length: 43

Redirect headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-vAbYwXRE2uEWWDTI9ZredISrqgQt1Sdn024.0dE-~A
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 37DC 43 B
551 B 104ms
32ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YOcbz; path=/; domain=.go.sonobi.com

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame D7F2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

109ms
47ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b12be37b7d385b712da5a3971ab47e373cc65d7f23ee9a22eedb5c73b0ff7ae5

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=5175; CMID=YOcbyfldi3Qi3eGFyIIjjwAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|241|230|45|196|206|31|90
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1858
Expires: Thu, 08 Jul 2021 15:37:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Connection: keep-alive
Set-Cookie: CMID=YOcbyfldi3Qi3eGFyIIjjwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:37:45 GMT CMPS=5175;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:37:45 GMT CMPRO=1198;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:37:45 GMT CMST=YOcbyWDnG8kA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 09 Jul 2021 15:37:45 GMT CMRUM3=2760e71bc90b40&f160e71bc905a0&ce60e71bc905a0&c460e71bc905a0&2d60e71bc905a0&e660e71bc92760&1f60e71bc905a00&5a60e71bc905a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:37:45 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 08 Jul 2021 15:37:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Connection: keep-alive
Set-Cookie: CMID=YOcbyfldi3Qi3eGFyIIjjwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:37:45 GMT CMPS=5175;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:37:45 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 53B5 14 KB
5 KB 84ms
52ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=47376
expires: Fri, 09 Jul 2021 04:47:21 GMT
date: Thu, 08 Jul 2021 15:37:45 GMT
vary: Accept-Encoding

GET
H2 400 / Show response
ssc-cms.33across.com/ps/ Frame AFCC 3 KB
3 KB 1347ms
117ms Document
text/html 67.202.110.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.21 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-110.static.steadfastdns.net
Software: /
Resource Hash: a250c006d6b747d0c6f489b530218db1547979de974f3c9b5ac51aef8c3ae735

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html;charset=utf-8
content-language: en
content-length: 2705
date: Thu, 08 Jul 2021 15:37:46 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 72A2 2 KB
823 B 53ms
29ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK ab Show response
nym1-ib.adnxs-simple.com/ Frame 2051 16 KB
7 KB 124ms
123ms Script
application/javascript 68.67.179.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/ab?an_audit=0&referrer=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&e=wqT_3QKXLGwXFgAAAwDWAAUBCMi3nIcGEO3m2MG3st-UJBj_EQF4ASo2Cc78ag4QzJE_EbDHREqzeYw_GQAAAGC4HvU_IRESACkRJNAxAAAAQOF6pD8wmOuBCjihUEDlHkhlULWiyyVYztNrYABojaGtAXiRzwWAAQGKAQNVU0SSAQEG8JWYAcoHoAFaqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKniU7qAlpodHRwOi8vd3d3LmNlbGVienouY29tL21lbGFuaWUtYnJvd24tc3RlcHMtb3V0LXRvLWRpbm5lci13aXRoLWhlci1mcmllbmQtZ2FyeS1pbi1nbGVuZGFsZS_yAgwKBkhFSUdIVBICOTABD_D9BVdJRFRIEgM5NzDyAiEKBkxPQURFUhIXcmVuZGVyX3Bvc3RfYWRzX3YxLmh0bWzyAhcKCklGUkFNRV9LRVkSCTIzNDk0ODM3NfIC0A4KC1BSRV9TQ1JJUFRTEsAOPHNjcmlwdD4oZnVuY3Rpb24oKXsvKgoKIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuCiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMAoqLwp2YXIgaD10aGlzfHxzZWxmO2Z1bmN0aW9uIGsoYil7a1siICJdKGIpO3JldHVybiBifWtbIiAiXT0dmCR9O3ZhciBtPS9eIYDwSXM_OlwvXC8oXHd8LSkrXC5jZG5cLmFtcHByb2plY3RcLihuZXR8b3JnKShcP3xcL3wkKS87CmZ1bmN0aW9uIG4oKXt2YXIgYj1oBVcMYz1bXQUJJGQ9bnVsbDtkb3sBbhhhPWI7dHJ5BQwsZTtpZihlPSEhYSYmASQcIT1hLmxvY2EhNyAuaHJlZiliOnsBLZBrKGEuZm9vKTtlPSEwO2JyZWFrIGJ9Y2F0Y2gobCl7fWU9ITF9AV4IZz1lGRcAZwEWDGlmKGcJmQBmPl4AODtkPWEuZG9jdW1lbnQmJhkMKC5yZWZlcnJlcnx8AZckfWVsc2UgZj1kLA3LTGMucHVzaChuZXcgcChmfHwiIikpBdUkYj1hLnBhcmVudBmGAGIF__BAfX13aGlsZShiJiZhIT1iKTthPTA7Zm9yKGI9Yy5sZW5ndGgtMTthPD1iOysrYSljW2FdLmRlcHRoPWItYTthPWghKzkeAa41KjhhbmNlc3Rvck9yaWdpbnNuHAANawA9HXUAKQmGDDE7YjwRikw7KytiKWY9Y1tiXSxmLnVybHx8KAUILkIBOnYAFFtiLQoxXSEMGCxmLmg9ITAB4ykiAGgZqyHVFCwhMSk7ZiUWJQIEZD0yBAEgMDw9ZDstLWQpIbpEPWNbZF0sIWYmJm0udGVzdChnAY8gKSYmKGY9ZyksBQ4oJiYhZy5oKXthPWdJGwB9DV0AZBXmBCYmAcwBOwQ7MEFlAGQhWggmJmQFSAEbCCk7YwWtGHEoYSxmKTttNBRjLmc_Yy4FZQw6Yy5pAUAAfXE_NCBxKGIsYyl7dGhpcy5pQdUBCQhnPWMZIgBwHSIIdXJsESQUaD0hIWM7BS8FiCUKBH07FVkEcihJsIhiPW4oKSxjPWIuaW5kZXhPZigiPyIpO3NldFRpbWVvdXQoZm18DTFEZD12b2lkIDA9PT1kPy4wMTpkQTVEIShNYXRoLnJhbmRvbSgpPmQpCV8EYT1R-wwuY3VyQbQAU4W6EDthPShhGUoEYT9hA6A6YSkmJiI3NyI9PT1hLmdldEF0dHJpYnV0ZSgiZGF0YS1qYyIpP2E6ZG1OQC5xdWVyeVNlbGVjdG9yKCdbDSUAPQFEGF0nKTtkPSKFdFg6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY4kDCGNvbQ0ekC9nZW5fMjA0P2lkPWpjYSZqYz03NyZ2ZXJzaW9uPSIrKGEmJmFWmAAALQ0mkCIpfHwidW5rbm93biIpKyImc2FtcGxlPSIrZDthPXdpbmRvdzuBRI2WMGEubmF2aWdhdG9yKWUuDgBQLnVzZXJBZ2VudCxlPS9DaHJvbWUvSZ4gZSkmJiEvRWRnGREcPyEwOiExO2VhlhVRMC5zZW5kQmVhY29uPwodaR0YFChkKTooYS0VQF9pbWFnZV9yZXF1ZXN0c3x8XhoAED1bXSksAa453BxyZWF0ZUVsZYHlPCgiaW1nIiksZS5zcmM9ZCxaYACJ3xhlKSl9fSwwdQ5cMDw9Yz9iLnN1YnN0cmluZygwLGMpOmJ9KTsQLnJmbD1RxAgoKXttQ4BlbmNvZGVVUklDb21wb25lbnQocigpKX07fSkuY2FsbChhCBQpOwo8L3NFfmw-8gLJAgoKRVhUUkFfVEFHUxK6AjxkaXYgc3R5Ia0McG9zacEfZDogYWJzb2x1dGU7IGxlZnQ6IDBweDsgdG9wDQpkdmlzaWJpbGl0eTogaGlkZGVuOyI-PGltZyAB--J9AhRhd2JpZCYFBvCwX2I9QUtBbWYtQjR1bzhLS2dCd2p3RFRHSGhWcjIyaDFNc2RYVmF0dk5lblRlMFVUMmpqN2dKeks1VGZqVkVQM0xoVEY1ZGs4Z3NxTTNoU3pPUlIxRFQzTlBrVGNDSkZRNm9PNVEiIGJvcmRlcj0wIHdpZHRoPTEgaGVpZ2h0PTEgYWx0PSIiIHN0eWxlPSJkaXNwbGF5Om5vbmUiPjwvZGl2PvICmQEKDFBPU1RfU0NSEqIICIgBPClqNggBaX1QYWRzLmcuZG91YmxlY2xpY2submV0cYM8eGJmZV9iYWNrZmlsbC5qcwFlCUsAPg1TAD6dkiAge3IzcHgoJzIeLQkcJyk7fSkoKTs96lj-EQoQSE9TVF9QT1JUX1BBUkFNUxLpEZEZipQA8IFhZGZldGNoP2Fkaz0xNjEyNDI1NDgxJmFkc2FmZT1tZWRpdW0mY2xpZW50PWNhLXB1Yi0zMDc2ODkwMDEyNzQxNDY3JmZvcm1hdD05NzB4OTBfYXMmaXA9MmEwMTo0Zjg6MTkyOjU0MTQ6OiZvdXRwdXQ9aHRtbCZ1bnZpZXdlZF9wTZAgX3N0YXJ0PTEmoekBwf7OClbOChAmc3ViXw3QAGJB1vDtci01NTE0MzE2JmhsPWVuJmFjZWlkPU1Oc090QUIyRjdRQTdCbTBBUEFadEFBbUdyUUEtVlUwQVdaZk5BR05ZVFFCSDJJMEFUZGlOQUcwWkRRQkNtVTBBV2RsTkFGdlpUUUI1bVkwQVRSbk5BRi1aelFCc1djMEFlbG5OQUVFYURRQkNHZzBBUkZvTkFFa2FEUUJNV2cwQVRKb05BRTVhRFFCUEdnMEFVSm9OQUZWYURRQldHZzBBV0JvTkFGa2FEUUJaV2cwQVdab05BRm5hRFFCYUdnMEFXMW9OQUdBYURRQmgyZzBBWTlvTkFHZQFwAG8BMBhhZG9OQUdwARAYcW1nMEFiQgEQAHgBEAB4ASAAYwEg9NcGRkxjMEVCVTNOQkFWdjEyUUVxaEFjQ2tvUUhBc2NhWEFMRkcxd0NzQnhjQWdRZFhBSTEtWWdDb2ZtSUFydjVpQUlEUWFvQ0owS3FBaWhDcWdJLVE2b0NZMFdxQWdwZnFnTFBZYW9DZW1tcUFreHJxZ0xHY3FvQ3UzV3FBdjE0cWdKdGVhb0NrSHFxQW5tRnFnTG5pYW9DS0lxcUFsbUtxZ0pjaXFvQ0RZLXFBbWVQcWdMQ2xLb0NycGFxQWdPWnFnSzRtYW9DWVpxcUFvQ2JxZ0tCbTZvQ2dwdXFBcmFkcWdKRG9xb0N5YU9xQWxhbXFnS0RwcW9DMnFhcUFxYW5xZ0lOcUtvQ0ZLaXFBcUtvcWdKenFhb0NzNm1xQXVLcHFnSXRyS29DZksycUFoeXVxZ0llcnFvQ0txNnFBb211cWdKT3I2b0NsYS1xQWpxd3FnSmFzS29DZDdDcUFucXdxZ0pfc0tvQ2dyQ3FBb3F3cWdMWHNxb0NHck9xQWxXenFnS1N0S29DdTdTcUFpTzNxZ0lYdWFvQ09ycXFBczI3cWdMaXU2b0NjYjJxQW5POXFnS1l2YW9DcUwycUF0cTlxZ0psdjZvQ2dyLXFBbzZfcWdLMHY2b0MtNy1xQWl6QXFnSl93S29DdDhDcUFzX0FxZ0xnd0tvQ0I4S3FBZ19DcWdJbXdxb0NTY0txQXZMQ3FnTC13cW9DRGNPcUFndkVxZ0lXeEtvQ1ljU3FBcV9FcWdLMnhLb0NBc1dxQXVMRnFnTEt4cW9Dem5LNkFtUTNZUVFJczhVRnJNc2NEQV9MQ2cwMWxzQU9ncWI3RWdxby14SU5zZnNTOWNUN0V0UEsteEp3elBzU3Y5TDdFaHJVLXhLVTFmc1NoTmI3RXVfYy14SVA0UHNTemVEN0VsX2gteExSNGZzUzRlSDdFbWZpLXhJbDRfc1NNdVA3RWpUbC14SmI1ZnNTQ3ViN0VrWG0teEltNV9zU2xtWmtFX2RXYXhwWkFKSXBjcDNXTXcmZXhrPTIzNDk0ODM3NSZhd2JpZF9jPUFLQW1mLUFXNnBtdXJrTjA4M1l4RldBOHdlOTNxcE5IUXdnSndyQ25tclBTSFlERENFSzVrNzVRYWR6N0FLMGRwVjFrdF9HRXhSWVVoZWtQei1IeUh2SFJTTUtCOS03TVFTYWU1eXRHUVNfejROdjloemNrUW1EQy1keGxmbFh6dkM5OFB1M19xTTZDT3JuUFp6NTJDTllKUmMxQWlNN0ZFZyZhd2JpZF9kPUFLQW1mLUJXYnliNXB3Ny1Vc1FPWjZYUm1ScjA1RVNXUG00cFZxaTl2TzF0c0MzSzJYbHdldDlJMHdaaTFMRWpNd1VrMndnOWpEclhSLWFuUUNjNy1wVks3OFhFeVk2bnZUemNnd212a1lZb2RGbUJQNDYyRkdGYzNKeGt4cnpXb1FyMUZqTWtYWWtDb2ljX1d2Tzg4bXZGYVpvQXY2SkZPczFnUEJ4c0hLZG1JejMtTkRtMkhvcWkybzRfTm5rMkdEZnJ5YXlicjJmem9uRzJsajh0R01SWlhRaTJKSUktN0pDR2xSUmVSN3NEMmZiOUpRYnhLa2lXN0V3WHEtUzRkNGpfWFJvM1RwNFdORkxCaFJibTFaVnFyZ1YyODh1aE9sS2pSWnNidmhzWmJzSjlETUlJU2N3RG83WDZfTjF5R1hLRnFhWUJEdTREZWwxSlhYN3JybHVrTnBJT0FuSldqTGJGSS0tVlFZT1VpRUc3RGw1bkk4d3JZZjNkd1YxcXZQazhSWHZHd2k4NVh1MmxFLUh4UlBlWWw1eDV6TzVzUV8tVmN4MG1PQ29DRUt3cy1ES2xaZzlNLVR4VjJfSkp6djh1V1lKOVlhUm50ZkpnbUl2UGFnTm42ajlmbzZxa001X05IckFacGxqU0FScjk5ekdLWUJHZjNsYy1JcHlJUnh5QzNkb3E2TFRwU1p0YWVyNEFVSGJhNGx6MHhiT1IwbDk2Vnh2OGpzbzAtdU1DWU9iRlJXclFKZzhaUkJWVjRMS2ItQzg2VzB4cFZjRDhxaTViT1lfekFFRzdwZExKZjZLT3hJRElzczlyMHI5VEVGMFZZN2hET0FTakJHMWcwZV8xNDZmWFJVVUo5WnU4NVIxTzRIYWdLWkViUzBWc2twdzVFLWpBcjJaNUZoNEFFanRtTzczMjF3bXBxRVREbURWdlgzb3ZxQnRIJmNpZD1DQUFTQk9Sb2JyMCZhX2NpZD2AAwGIAwCQAwCYAxSgAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uWhgNEpUKOpsK8P1BUDdXd2pkeGFVV3FpNUlPWHV0NjJxUXZzS1BkcmFBbWIxN2ZkdE1GRkk4QTFfMW4zT0VEeHpkZnRLZE5nS2M4THRkYVRnTEZlVGQ3TXFlRFR5SzJ0QjRjNlZyUSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMyNjA1NzUxOTMxNzQxMDI1MTMzIgg3ODgyNzgyOSoEMzk0MToBMMADrALIAwDYA7eaVOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFDJhMDE6NGY4OjE5Mjo1NDE0OjoyqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBA6lFPBe-gQSCQAAAKCZmUlAEQAAAMDMzCJAiAUBmAUAoAWK2dGj_e-xhhGqBSRkZTMyZTM1OS03OGVkLTQ3ZjEtOTU5Ni1hNzNiNWY4OTE5OTDABQDJBQAAAAAAAPA_0gUJCQAFDDwAANgFAeAFAfAF2sMf-gUEAZcokAYAmAYAuAYBwQYJJCzwP9AG7o8B2gYWChAJEhkBmBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzI2OTQwODcyOTY0ugcPCAUoACAB7iy6BkAAyAeRzwXSBw0B3wUBAUYI2gcGAX4wGADgBwDqBwIIAPAHAA..&s=eb2981c2ce5a859c1c9560007ff1d6a34632c80a&pp=0.013904

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.90 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

aa1850297af666e23fe2d1fb059c82fe1a7f77350616272dff6759fd832f947c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Content-Encoding: gzip
X-Creative-ID: 78827829
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 725ab597-cfa3-4b81-ba83-15cca2b20563
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 9f83b79a-2791-4e12-9c12-6408fdfb5936
quantumsyndication.com/pixel/ Frame 2051 43 B
591 B 113ms
96ms Image
image/gif 2606:4700:3036::ac43:998d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quantumsyndication.com/pixel/9f83b79a-2791-4e12-9c12-6408fdfb5936
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:998d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HYZ%2Fs7a6QHmyiKApwqIJSHKDCSIyseZcUMP3%2FCtOg8twg3CF6nFclS7Ru6O1g50wMlgjIL4uliWFMiBj38HInZeQHW5Y3dt1%2BMMUeAVxtf%2Bt7IxNCXWJvuEtb%2BNgVcdsGmCR8CFrl%2FvdSFPz56c9UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654b7ef82bca-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame AA45 0
43 B 88ms
29ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57567797&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
content-length: 0

GET
H/1.1 200
OK if Show response
nym1-ib.adnxs-simple.com/ Frame 4242 8 KB
5 KB 148ms
147ms Document
text/html 68.67.179.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/if?an_audit=0&referrer=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&e=wqT_3QKXLGwXFgAAAwDWAAUBCMi3nIcGEO3m2MG3st-UJBj_EQF4ASo2Cc78ag4QzJE_EbDHREqzeYw_GQAAAGC4HvU_IRESACkRJNAxAAAAQOF6pD8wmOuBCjihUEDlHkhlULWiyyVYztNrYABojaGtAXiRzwWAAQGKAQNVU0SSAQEG8JWYAcoHoAFaqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKniU7qAlpodHRwOi8vd3d3LmNlbGVienouY29tL21lbGFuaWUtYnJvd24tc3RlcHMtb3V0LXRvLWRpbm5lci13aXRoLWhlci1mcmllbmQtZ2FyeS1pbi1nbGVuZGFsZS_yAgwKBkhFSUdIVBICOTABD_D9BVdJRFRIEgM5NzDyAiEKBkxPQURFUhIXcmVuZGVyX3Bvc3RfYWRzX3YxLmh0bWzyAhcKCklGUkFNRV9LRVkSCTIzNDk0ODM3NfIC0A4KC1BSRV9TQ1JJUFRTEsAOPHNjcmlwdD4oZnVuY3Rpb24oKXsvKgoKIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuCiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMAoqLwp2YXIgaD10aGlzfHxzZWxmO2Z1bmN0aW9uIGsoYil7a1siICJdKGIpO3JldHVybiBifWtbIiAiXT0dmCR9O3ZhciBtPS9eIYDwSXM_OlwvXC8oXHd8LSkrXC5jZG5cLmFtcHByb2plY3RcLihuZXR8b3JnKShcP3xcL3wkKS87CmZ1bmN0aW9uIG4oKXt2YXIgYj1oBVcMYz1bXQUJJGQ9bnVsbDtkb3sBbhhhPWI7dHJ5BQwsZTtpZihlPSEhYSYmASQcIT1hLmxvY2EhNyAuaHJlZiliOnsBLZBrKGEuZm9vKTtlPSEwO2JyZWFrIGJ9Y2F0Y2gobCl7fWU9ITF9AV4IZz1lGRcAZwEWDGlmKGcJmQBmPl4AODtkPWEuZG9jdW1lbnQmJhkMKC5yZWZlcnJlcnx8AZckfWVsc2UgZj1kLA3LTGMucHVzaChuZXcgcChmfHwiIikpBdUkYj1hLnBhcmVudBmGAGIF__BAfX13aGlsZShiJiZhIT1iKTthPTA7Zm9yKGI9Yy5sZW5ndGgtMTthPD1iOysrYSljW2FdLmRlcHRoPWItYTthPWghKzkeAa41KjhhbmNlc3Rvck9yaWdpbnNuHAANawA9HXUAKQmGDDE7YjwRikw7KytiKWY9Y1tiXSxmLnVybHx8KAUILkIBOnYAFFtiLQoxXSEMGCxmLmg9ITAB4ykiAGgZqyHVFCwhMSk7ZiUWJQIEZD0yBAEgMDw9ZDstLWQpIbpEPWNbZF0sIWYmJm0udGVzdChnAY8gKSYmKGY9ZyksBQ4oJiYhZy5oKXthPWdJGwB9DV0AZBXmBCYmAcwBOwQ7MEFlAGQhWggmJmQFSAEbCCk7YwWtGHEoYSxmKTttNBRjLmc_Yy4FZQw6Yy5pAUAAfXE_NCBxKGIsYyl7dGhpcy5pQdUBCQhnPWMZIgBwHSIIdXJsESQUaD0hIWM7BS8FiCUKBH07FVkEcihJsIhiPW4oKSxjPWIuaW5kZXhPZigiPyIpO3NldFRpbWVvdXQoZm18DTFEZD12b2lkIDA9PT1kPy4wMTpkQTVEIShNYXRoLnJhbmRvbSgpPmQpCV8EYT1R-wwuY3VyQbQAU4W6EDthPShhGUoEYT9hA6A6YSkmJiI3NyI9PT1hLmdldEF0dHJpYnV0ZSgiZGF0YS1qYyIpP2E6ZG1OQC5xdWVyeVNlbGVjdG9yKCdbDSUAPQFEGF0nKTtkPSKFdFg6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY4kDCGNvbQ0ekC9nZW5fMjA0P2lkPWpjYSZqYz03NyZ2ZXJzaW9uPSIrKGEmJmFWmAAALQ0mkCIpfHwidW5rbm93biIpKyImc2FtcGxlPSIrZDthPXdpbmRvdzuBRI2WMGEubmF2aWdhdG9yKWUuDgBQLnVzZXJBZ2VudCxlPS9DaHJvbWUvSZ4gZSkmJiEvRWRnGREcPyEwOiExO2VhlhVRMC5zZW5kQmVhY29uPwodaR0YFChkKTooYS0VQF9pbWFnZV9yZXF1ZXN0c3x8XhoAED1bXSksAa453BxyZWF0ZUVsZYHlPCgiaW1nIiksZS5zcmM9ZCxaYACJ3xhlKSl9fSwwdQ5cMDw9Yz9iLnN1YnN0cmluZygwLGMpOmJ9KTsQLnJmbD1RxAgoKXttQ4BlbmNvZGVVUklDb21wb25lbnQocigpKX07fSkuY2FsbChhCBQpOwo8L3NFfmw-8gLJAgoKRVhUUkFfVEFHUxK6AjxkaXYgc3R5Ia0McG9zacEfZDogYWJzb2x1dGU7IGxlZnQ6IDBweDsgdG9wDQpkdmlzaWJpbGl0eTogaGlkZGVuOyI-PGltZyAB--J9AhRhd2JpZCYFBvCwX2I9QUtBbWYtQjR1bzhLS2dCd2p3RFRHSGhWcjIyaDFNc2RYVmF0dk5lblRlMFVUMmpqN2dKeks1VGZqVkVQM0xoVEY1ZGs4Z3NxTTNoU3pPUlIxRFQzTlBrVGNDSkZRNm9PNVEiIGJvcmRlcj0wIHdpZHRoPTEgaGVpZ2h0PTEgYWx0PSIiIHN0eWxlPSJkaXNwbGF5Om5vbmUiPjwvZGl2PvICmQEKDFBPU1RfU0NSEqIICIgBPClqNggBaX1QYWRzLmcuZG91YmxlY2xpY2submV0cYM8eGJmZV9iYWNrZmlsbC5qcwFlCUsAPg1TAD6dkiAge3IzcHgoJzIeLQkcJyk7fSkoKTs96lj-EQoQSE9TVF9QT1JUX1BBUkFNUxLpEZEZipQA8IFhZGZldGNoP2Fkaz0xNjEyNDI1NDgxJmFkc2FmZT1tZWRpdW0mY2xpZW50PWNhLXB1Yi0zMDc2ODkwMDEyNzQxNDY3JmZvcm1hdD05NzB4OTBfYXMmaXA9MmEwMTo0Zjg6MTkyOjU0MTQ6OiZvdXRwdXQ9aHRtbCZ1bnZpZXdlZF9wTZAgX3N0YXJ0PTEmoekBwf7OClbOChAmc3ViXw3QAGJB1vDtci01NTE0MzE2JmhsPWVuJmFjZWlkPU1Oc090QUIyRjdRQTdCbTBBUEFadEFBbUdyUUEtVlUwQVdaZk5BR05ZVFFCSDJJMEFUZGlOQUcwWkRRQkNtVTBBV2RsTkFGdlpUUUI1bVkwQVRSbk5BRi1aelFCc1djMEFlbG5OQUVFYURRQkNHZzBBUkZvTkFFa2FEUUJNV2cwQVRKb05BRTVhRFFCUEdnMEFVSm9OQUZWYURRQldHZzBBV0JvTkFGa2FEUUJaV2cwQVdab05BRm5hRFFCYUdnMEFXMW9OQUdBYURRQmgyZzBBWTlvTkFHZQFwAG8BMBhhZG9OQUdwARAYcW1nMEFiQgEQAHgBEAB4ASAAYwEg9NcGRkxjMEVCVTNOQkFWdjEyUUVxaEFjQ2tvUUhBc2NhWEFMRkcxd0NzQnhjQWdRZFhBSTEtWWdDb2ZtSUFydjVpQUlEUWFvQ0owS3FBaWhDcWdJLVE2b0NZMFdxQWdwZnFnTFBZYW9DZW1tcUFreHJxZ0xHY3FvQ3UzV3FBdjE0cWdKdGVhb0NrSHFxQW5tRnFnTG5pYW9DS0lxcUFsbUtxZ0pjaXFvQ0RZLXFBbWVQcWdMQ2xLb0NycGFxQWdPWnFnSzRtYW9DWVpxcUFvQ2JxZ0tCbTZvQ2dwdXFBcmFkcWdKRG9xb0N5YU9xQWxhbXFnS0RwcW9DMnFhcUFxYW5xZ0lOcUtvQ0ZLaXFBcUtvcWdKenFhb0NzNm1xQXVLcHFnSXRyS29DZksycUFoeXVxZ0llcnFvQ0txNnFBb211cWdKT3I2b0NsYS1xQWpxd3FnSmFzS29DZDdDcUFucXdxZ0pfc0tvQ2dyQ3FBb3F3cWdMWHNxb0NHck9xQWxXenFnS1N0S29DdTdTcUFpTzNxZ0lYdWFvQ09ycXFBczI3cWdMaXU2b0NjYjJxQW5POXFnS1l2YW9DcUwycUF0cTlxZ0psdjZvQ2dyLXFBbzZfcWdLMHY2b0MtNy1xQWl6QXFnSl93S29DdDhDcUFzX0FxZ0xnd0tvQ0I4S3FBZ19DcWdJbXdxb0NTY0txQXZMQ3FnTC13cW9DRGNPcUFndkVxZ0lXeEtvQ1ljU3FBcV9FcWdLMnhLb0NBc1dxQXVMRnFnTEt4cW9Dem5LNkFtUTNZUVFJczhVRnJNc2NEQV9MQ2cwMWxzQU9ncWI3RWdxby14SU5zZnNTOWNUN0V0UEsteEp3elBzU3Y5TDdFaHJVLXhLVTFmc1NoTmI3RXVfYy14SVA0UHNTemVEN0VsX2gteExSNGZzUzRlSDdFbWZpLXhJbDRfc1NNdVA3RWpUbC14SmI1ZnNTQ3ViN0VrWG0teEltNV9zU2xtWmtFX2RXYXhwWkFKSXBjcDNXTXcmZXhrPTIzNDk0ODM3NSZhd2JpZF9jPUFLQW1mLUFXNnBtdXJrTjA4M1l4RldBOHdlOTNxcE5IUXdnSndyQ25tclBTSFlERENFSzVrNzVRYWR6N0FLMGRwVjFrdF9HRXhSWVVoZWtQei1IeUh2SFJTTUtCOS03TVFTYWU1eXRHUVNfejROdjloemNrUW1EQy1keGxmbFh6dkM5OFB1M19xTTZDT3JuUFp6NTJDTllKUmMxQWlNN0ZFZyZhd2JpZF9kPUFLQW1mLUJXYnliNXB3Ny1Vc1FPWjZYUm1ScjA1RVNXUG00cFZxaTl2TzF0c0MzSzJYbHdldDlJMHdaaTFMRWpNd1VrMndnOWpEclhSLWFuUUNjNy1wVks3OFhFeVk2bnZUemNnd212a1lZb2RGbUJQNDYyRkdGYzNKeGt4cnpXb1FyMUZqTWtYWWtDb2ljX1d2Tzg4bXZGYVpvQXY2SkZPczFnUEJ4c0hLZG1JejMtTkRtMkhvcWkybzRfTm5rMkdEZnJ5YXlicjJmem9uRzJsajh0R01SWlhRaTJKSUktN0pDR2xSUmVSN3NEMmZiOUpRYnhLa2lXN0V3WHEtUzRkNGpfWFJvM1RwNFdORkxCaFJibTFaVnFyZ1YyODh1aE9sS2pSWnNidmhzWmJzSjlETUlJU2N3RG83WDZfTjF5R1hLRnFhWUJEdTREZWwxSlhYN3JybHVrTnBJT0FuSldqTGJGSS0tVlFZT1VpRUc3RGw1bkk4d3JZZjNkd1YxcXZQazhSWHZHd2k4NVh1MmxFLUh4UlBlWWw1eDV6TzVzUV8tVmN4MG1PQ29DRUt3cy1ES2xaZzlNLVR4VjJfSkp6djh1V1lKOVlhUm50ZkpnbUl2UGFnTm42ajlmbzZxa001X05IckFacGxqU0FScjk5ekdLWUJHZjNsYy1JcHlJUnh5QzNkb3E2TFRwU1p0YWVyNEFVSGJhNGx6MHhiT1IwbDk2Vnh2OGpzbzAtdU1DWU9iRlJXclFKZzhaUkJWVjRMS2ItQzg2VzB4cFZjRDhxaTViT1lfekFFRzdwZExKZjZLT3hJRElzczlyMHI5VEVGMFZZN2hET0FTakJHMWcwZV8xNDZmWFJVVUo5WnU4NVIxTzRIYWdLWkViUzBWc2twdzVFLWpBcjJaNUZoNEFFanRtTzczMjF3bXBxRVREbURWdlgzb3ZxQnRIJmNpZD1DQUFTQk9Sb2JyMCZhX2NpZD2AAwGIAwCQAwCYAxSgAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uWhgNEpUKOpsK8P1BUDdXd2pkeGFVV3FpNUlPWHV0NjJxUXZzS1BkcmFBbWIxN2ZkdE1GRkk4QTFfMW4zT0VEeHpkZnRLZE5nS2M4THRkYVRnTEZlVGQ3TXFlRFR5SzJ0QjRjNlZyUSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMyNjA1NzUxOTMxNzQxMDI1MTMzIgg3ODgyNzgyOSoEMzk0MToBMMADrALIAwDYA7eaVOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFDJhMDE6NGY4OjE5Mjo1NDE0OjoyqAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA2gQCCAHgBADwBA6lFPBe-gQSCQAAAKCZmUlAEQAAAMDMzCJAiAUBmAUAoAWK2dGj_e-xhhGqBSRkZTMyZTM1OS03OGVkLTQ3ZjEtOTU5Ni1hNzNiNWY4OTE5OTDABQDJBQAAAAAAAPA_0gUJCQAFDDwAANgFAeAFAfAF2sMf-gUEAZcokAYAmAYAuAYBwQYJJCzwP9AG7o8B2gYWChAJEhkBmBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzI2OTQwODcyOTY0ugcPCAUoACAB7iy6BkAAyAeRzwXSBw0B3wUBAUYI2gcGAX4wGADgBwDqBwIIAPAHAA..&s=bc2cfbe3d9c02a0562880807efc724feffc896dc

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.90 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

098dbb4f0ccd1e14006e4d4cf3689b4f85753f80f1796ae7d6238c75ceb98b2a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: nym1-ib.adnxs-simple.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://assets.vlitag.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://assets.vlitag.com/

Response headers

Server: nginx/1.17.9
Date: Thu, 08 Jul 2021 15:37:45 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
X-Creative-ID: 78827829
AN-X-Request-Uuid: f126943d-b677-44c4-a789-69be23bed8a3
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
Content-Encoding: gzip

GET
H/1.1 200
OK rd_log Show response
nym1-ib.adnxs-simple.com/ Frame 2051 0
657 B 102ms
99ms Script
text/html 68.67.179.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&e=wqT_3QKsKmwsFQAAAwDWAAUBCMi3nIcGEO3m2MG3st-UJBj_EQF4ASo2Cc78ag4QzJE_EbDHREqzeYw_GQAAAGC4HvU_IRESACkRJNAxAAAAQOF6pD8wmOuBCjihUEDlHkhlULWiyyVYztNrYABojaGtAXiRzwWAAQGKAQNVU0SSAQEG8JWYAcoHoAFaqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKniU7qAlpodHRwOi8vd3d3LmNlbGVienouY29tL21lbGFuaWUtYnJvd24tc3RlcHMtb3V0LXRvLWRpbm5lci13aXRoLWhlci1mcmllbmQtZ2FyeS1pbi1nbGVuZGFsZS_yAgwKBkhFSUdIVBICOTABD_D9BVdJRFRIEgM5NzDyAiEKBkxPQURFUhIXcmVuZGVyX3Bvc3RfYWRzX3YxLmh0bWzyAhcKCklGUkFNRV9LRVkSCTIzNDk0ODM3NfIC0A4KC1BSRV9TQ1JJUFRTEsAOPHNjcmlwdD4oZnVuY3Rpb24oKXsvKgoKIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuCiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMAoqLwp2YXIgaD10aGlzfHxzZWxmO2Z1bmN0aW9uIGsoYil7a1siICJdKGIpO3JldHVybiBifWtbIiAiXT0dmCR9O3ZhciBtPS9eIYDwSXM_OlwvXC8oXHd8LSkrXC5jZG5cLmFtcHByb2plY3RcLihuZXR8b3JnKShcP3xcL3wkKS87CmZ1bmN0aW9uIG4oKXt2YXIgYj1oBVcMYz1bXQUJJGQ9bnVsbDtkb3sBbhhhPWI7dHJ5BQwsZTtpZihlPSEhYSYmASQcIT1hLmxvY2EhNyAuaHJlZiliOnsBLZBrKGEuZm9vKTtlPSEwO2JyZWFrIGJ9Y2F0Y2gobCl7fWU9ITF9AV4IZz1lGRcAZwEWDGlmKGcJmQBmPl4AODtkPWEuZG9jdW1lbnQmJhkMKC5yZWZlcnJlcnx8AZckfWVsc2UgZj1kLA3LTGMucHVzaChuZXcgcChmfHwiIikpBdUkYj1hLnBhcmVudBmGAGIF__BAfX13aGlsZShiJiZhIT1iKTthPTA7Zm9yKGI9Yy5sZW5ndGgtMTthPD1iOysrYSljW2FdLmRlcHRoPWItYTthPWghKzkeAa41KjhhbmNlc3Rvck9yaWdpbnNuHAANawA9HXUAKQmGDDE7YjwRikw7KytiKWY9Y1tiXSxmLnVybHx8KAUILkIBOnYAFFtiLQoxXSEMGCxmLmg9ITAB4ykiAGgZqyHVFCwhMSk7ZiUWJQIEZD0yBAEgMDw9ZDstLWQpIbpEPWNbZF0sIWYmJm0udGVzdChnAY8gKSYmKGY9ZyksBQ4oJiYhZy5oKXthPWdJGwB9DV0AZBXmBCYmAcwBOwQ7MEFlAGQhWggmJmQFSAEbCCk7YwWtGHEoYSxmKTttNBRjLmc_Yy4FZQw6Yy5pAUAAfXE_NCBxKGIsYyl7dGhpcy5pQdUBCQhnPWMZIgBwHSIIdXJsESQUaD0hIWM7BS8FiCUKBH07FVkEcihJsIhiPW4oKSxjPWIuaW5kZXhPZigiPyIpO3NldFRpbWVvdXQoZm18DTFEZD12b2lkIDA9PT1kPy4wMTpkQTVEIShNYXRoLnJhbmRvbSgpPmQpCV8EYT1R-wwuY3VyQbQAU4W6EDthPShhGUoEYT9hA6A6YSkmJiI3NyI9PT1hLmdldEF0dHJpYnV0ZSgiZGF0YS1qYyIpP2E6ZG1OQC5xdWVyeVNlbGVjdG9yKCdbDSUAPQFEGF0nKTtkPSKFdFg6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY4kDCGNvbQ0ekC9nZW5fMjA0P2lkPWpjYSZqYz03NyZ2ZXJzaW9uPSIrKGEmJmFWmAAALQ0mkCIpfHwidW5rbm93biIpKyImc2FtcGxlPSIrZDthPXdpbmRvdzuBRI2WMGEubmF2aWdhdG9yKWUuDgBQLnVzZXJBZ2VudCxlPS9DaHJvbWUvSZ4gZSkmJiEvRWRnGREcPyEwOiExO2VhlhVRMC5zZW5kQmVhY29uPwodaR0YFChkKTooYS0VQF9pbWFnZV9yZXF1ZXN0c3x8XhoAED1bXSksAa453BxyZWF0ZUVsZYHlPCgiaW1nIiksZS5zcmM9ZCxaYACJ3xhlKSl9fSwwdQ5cMDw9Yz9iLnN1YnN0cmluZygwLGMpOmJ9KTsQLnJmbD1RxAgoKXttQ4BlbmNvZGVVUklDb21wb25lbnQocigpKX07fSkuY2FsbChhCBQpOwo8L3NFfmw-8gLJAgoKRVhUUkFfVEFHUxK6AjxkaXYgc3R5Ia0McG9zacEfZDogYWJzb2x1dGU7IGxlZnQ6IDBweDsgdG9wDQpkdmlzaWJpbGl0eTogaGlkZGVuOyI-PGltZyAB--J9AhRhd2JpZCYFBvCwX2I9QUtBbWYtQjR1bzhLS2dCd2p3RFRHSGhWcjIyaDFNc2RYVmF0dk5lblRlMFVUMmpqN2dKeks1VGZqVkVQM0xoVEY1ZGs4Z3NxTTNoU3pPUlIxRFQzTlBrVGNDSkZRNm9PNVEiIGJvcmRlcj0wIHdpZHRoPTEgaGVpZ2h0PTEgYWx0PSIiIHN0eWxlPSJkaXNwbGF5Om5vbmUiPjwvZGl2PvICmQEKDFBPU1RfU0NSEqIICIgBPClqNggBaX1QYWRzLmcuZG91YmxlY2xpY2submV0cYM8eGJmZV9iYWNrZmlsbC5qcwFlCUsAPg1TAD6dkiAge3IzcHgoJzIeLQkcJyk7fSkoKTs96lj-EQoQSE9TVF9QT1JUX1BBUkFNUxLpEZEZipQA8IFhZGZldGNoP2Fkaz0xNjEyNDI1NDgxJmFkc2FmZT1tZWRpdW0mY2xpZW50PWNhLXB1Yi0zMDc2ODkwMDEyNzQxNDY3JmZvcm1hdD05NzB4OTBfYXMmaXA9MmEwMTo0Zjg6MTkyOjU0MTQ6OiZvdXRwdXQ9aHRtbCZ1bnZpZXdlZF9wTZAgX3N0YXJ0PTEmoekBwf7OClbOChAmc3ViXw3QAGJB1vDtci01NTE0MzE2JmhsPWVuJmFjZWlkPU1Oc090QUIyRjdRQTdCbTBBUEFadEFBbUdyUUEtVlUwQVdaZk5BR05ZVFFCSDJJMEFUZGlOQUcwWkRRQkNtVTBBV2RsTkFGdlpUUUI1bVkwQVRSbk5BRi1aelFCc1djMEFlbG5OQUVFYURRQkNHZzBBUkZvTkFFa2FEUUJNV2cwQVRKb05BRTVhRFFCUEdnMEFVSm9OQUZWYURRQldHZzBBV0JvTkFGa2FEUUJaV2cwQVdab05BRm5hRFFCYUdnMEFXMW9OQUdBYURRQmgyZzBBWTlvTkFHZQFwAG8BMBhhZG9OQUdwARAYcW1nMEFiQgEQAHgBEAB4ASAAYwEg9BwIRkxjMEVCVTNOQkFWdjEyUUVxaEFjQ2tvUUhBc2NhWEFMRkcxd0NzQnhjQWdRZFhBSTEtWWdDb2ZtSUFydjVpQUlEUWFvQ0owS3FBaWhDcWdJLVE2b0NZMFdxQWdwZnFnTFBZYW9DZW1tcUFreHJxZ0xHY3FvQ3UzV3FBdjE0cWdKdGVhb0NrSHFxQW5tRnFnTG5pYW9DS0lxcUFsbUtxZ0pjaXFvQ0RZLXFBbWVQcWdMQ2xLb0NycGFxQWdPWnFnSzRtYW9DWVpxcUFvQ2JxZ0tCbTZvQ2dwdXFBcmFkcWdKRG9xb0N5YU9xQWxhbXFnS0RwcW9DMnFhcUFxYW5xZ0lOcUtvQ0ZLaXFBcUtvcWdKenFhb0NzNm1xQXVLcHFnSXRyS29DZksycUFoeXVxZ0llcnFvQ0txNnFBb211cWdKT3I2b0NsYS1xQWpxd3FnSmFzS29DZDdDcUFucXdxZ0pfc0tvQ2dyQ3FBb3F3cWdMWHNxb0NHck9xQWxXenFnS1N0S29DdTdTcUFpTzNxZ0lYdWFvQ09ycXFBczI3cWdMaXU2b0NjYjJxQW5POXFnS1l2YW9DcUwycUF0cTlxZ0psdjZvQ2dyLXFBbzZfcWdLMHY2b0MtNy1xQWl6QXFnSl93S29DdDhDcUFzX0FxZ0xnd0tvQ0I4S3FBZ19DcWdJbXdxb0NTY0txQXZMQ3FnTC13cW9DRGNPcUFndkVxZ0lXeEtvQ1ljU3FBcV9FcWdLMnhLb0NBc1dxQXVMRnFnTEt4cW9Dem5LNkFtUTNZUVFJczhVRnJNc2NEQV9MQ2cwMWxzQU9ncWI3RWdxby14SU5zZnNTOWNUN0V0UEsteEp3elBzU3Y5TDdFaHJVLXhLVTFmc1NoTmI3RXVfYy14SVA0UHNTemVEN0VsX2gteExSNGZzUzRlSDdFbWZpLXhJbDRfc1NNdVA3RWpUbC14SmI1ZnNTQ3ViN0VrWG0teEltNV9zU2xtWmtFX2RXYXhwWkFKSXBjcDNXTXcmZXhrPTIzNDk0ODM3NSZhd2JpZF9jPUFLQW1mLUFXNnBtdXJrTjA4M1l4RldBOHdlOTNxcE5IUXdnSndyQ25tclBTSFlERENFSzVrNzVRYWR6N0FLMGRwVjFrdF9HRXhSWVVoZWtQei1IeUh2SFJTTUtCOS03TVFTYWU1eXRHUVNfejROdjloemNrUW1EQy1keGxmbFh6dkM5OFB1M19xTTZDT3JuUFp6NTJDTllKUmMxQWlNN0ZFZyZhd2JpZF9kPUFLQW1mLUJXYnliNXB3Ny1Vc1FPWjZYUm1ScjA1RVNXUG00cFZxaTl2TzF0c0MzSzJYbHdldDlJMHdaaTFMRWpNd1VrMndnOWpEclhSLWFuUUNjNy1wVks3OFhFeVk2bnZUemNnd212a1lZb2RGbUJQNDYyRkdGYzNKeGt4cnpXb1FyMUZqTWtYWWtDb2ljX1d2Tzg4bXZGYVpvQXY2SkZPczFnUEJ4c0hLZG1JejMtTkRtMkhvcWkybzRfTm5rMkdEZnJ5YXlicjJmem9uRzJsajh0R01SWlhRaTJKSUktN0pDR2xSUmVSN3NEMmZiOUpRYnhLa2lXN0V3WHEtUzRkNGpfWFJvM1RwNFdORkxCaFJibTFaVnFyZ1YyODh1aE9sS2pSWnNidmhzWmJzSjlETUlJU2N3RG83WDZfTjF5R1hLRnFhWUJEdTREZWwxSlhYN3JybHVrTnBJT0FuSldqTGJGSS0tVlFZT1VpRUc3RGw1bkk4d3JZZjNkd1YxcXZQazhSWHZHd2k4NVh1MmxFLUh4UlBlWWw1eDV6TzVzUV8tVmN4MG1PQ29DRUt3cy1ES2xaZzlNLVR4VjJfSkp6djh1V1lKOVlhUm50ZkpnbUl2UGFnTm42ajlmbzZxa001X05IckFacGxqU0FScjk5ekdLWUJHZjNsYy1JcHlJUnh5QzNkb3E2TFRwU1p0YWVyNEFVSGJhNGx6MHhiT1IwbDk2Vnh2OGpzbzAtdU1DWU9iRlJXclFKZzhaUkJWVjRMS2ItQzg2VzB4cFZjRDhxaTViT1lfekFFRzdwZExKZjZLT3hJRElzczlyMHI5VEVGMFZZN2hET0FTakJHMWcwZV8xNDZmWFJVVUo5WnU4NVIxTzRIYWdLWkViUzBWc2twdzVFLWpBcjJaNUZoNEFFanRtTzczMjF3bXBxRVREbURWdlgzb3ZxQnRIJmNpZD1DQUFTQk9Sb2JyMCZhX2NpZD2AAwGIAwCQAwCYAxSgAwGqAwDAA6wCyAMA2AO3mlTgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBBQyYTAxOjRmODoxOTI6NTQxNDo6MqgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANoEAggB4AQA8AS1ossl-gQSCQAAAKCZmUlAEQAAAMDMzCJAiAUBmAUAoAWK2dGj_e-xhhGqBSRkZTMyZTM1OS03OGVkLTQ3ZjEtOTU5Ni1hNzNiNWY4OTE5OTDABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXawx_6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AG7o8B2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMjY5NDA4NzI5NjS6Bw8IABAAGAAgADAAOLoGQADIB5HPBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHAA..&s=8d43f2784f9eb315a31673e02fec1fd2a8356817&bdref=http%3A%2F%2Fwww.celebzz.com%2F&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fwww.celebzz.com%2F,http%3A%2F%2Fassets.vlitag.com%2Fplugins%2Fsafeframe%2Fsrc%2Fhtml%2Fr.html&

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.90 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: 97779e06-a7e6-4af2-8ae1-1407b7a57e13
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 5655
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YOcbyYPCb8bfiFscKecUzQAABFQAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIdD1YvrFrNeI8segj-t-ZI&google_cver=1

43 B
315 B

34ms
33ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIdD1YvrFrNeI8segj-t-ZI&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:45 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIdD1YvrFrNeI8segj-t-ZI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 5655
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyYPCb8bfiFscKecUzQAABFQAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyYPCb8bfiFscKecUzQAABFQAAAAB&dcc=t

43 B
433 B

512ms
101ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyYPCb8bfiFscKecUzQAABFQAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:46 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:46 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyYPCb8bfiFscKecUzQAABFQAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 5655 70 B
265 B 39ms
37ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YOcbyYPCb8bfiFscKecUzQAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5655
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YOcbyYPCb8bfiFscKecUzQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1

43 B
1 KB

81ms
40ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:46 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5655
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871316021449048433

43 B
1 KB

50ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871316021449048433
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:48 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871316021449048433
Date: Thu, 08 Jul 2021 15:37:48 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5655
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YOcbzAACY0HZowBg
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YOcbzAACY0HZowBg&gdpr=1&_test=YOcbzAACY0HZowBg

43 B
1 KB

40ms
40ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YOcbzAACY0HZowBg&gdpr=1&_test=YOcbzAACY0HZowBg
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:48 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:48 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1625758668.136876,VS0,VE0
x-served-by: cache-fra19138-FRA
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YOcbzAACY0HZowBg&gdpr=1&_test=YOcbzAACY0HZowBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5655
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C6F0C174FF3B48C6B86D9C825495C1DD&gdpr=1

43 B
1 KB

43ms
43ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C6F0C174FF3B48C6B86D9C825495C1DD&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:48 GMT

Redirect headers

date: Thu, 08 Jul 2021 15:37:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C6F0C174FF3B48C6B86D9C825495C1DD&gdpr=1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Wed, 07 Jul 2021 15:37:48 GMT

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 5655 0
332 B 2382ms
42ms Image
text/plain 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:48 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 setuid
sync.quantumdex.io/ Frame 5655 43 B
325 B 148ms
147ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YOcbyYPCb8bfiFscKecUzQAABFQAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pKg0FKhD7Oi%2FiGYAKSD7TVeYU2ScBVUMKhr%2BVdRa5DzS%2B%2B1VStfbMJCibjKmNqXx%2BLaS%2BZ%2Fj7ba3FECjbonAF62YPyEuZthIwtkVjnCTEyke%2Boa6j4ru8hUSaFGk5dR5ydHaWZOrmbDWJCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c59e54db2-FRA
content-length: 43

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B52E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YOcbyQMi9VH60mapgMUV4gAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1

43 B
1 KB

119ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:46 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame B52E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YOcbyQMi9VH60mapgMUV4gAABLUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENvtPO5JpHTyKKxj9Pi3rT4&google_cver=1

43 B
315 B

66ms
33ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENvtPO5JpHTyKKxj9Pi3rT4&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:45 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENvtPO5JpHTyKKxj9Pi3rT4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame B52E
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyQMi9VH60mapgMUV4gAABLUAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyQMi9VH60mapgMUV4gAABLUAAAAB&dcc=t

43 B
433 B

511ms
101ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyQMi9VH60mapgMUV4gAABLUAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:47 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:46 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyQMi9VH60mapgMUV4gAABLUAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame B52E 70 B
265 B 39ms
36ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YOcbyQMi9VH60mapgMUV4gAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B52E
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D51C892475764A51BADBC7E710C96829&gdpr=1

43 B
1 KB

42ms
41ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D51C892475764A51BADBC7E710C96829&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:48 GMT

Redirect headers

date: Thu, 08 Jul 2021 15:37:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D51C892475764A51BADBC7E710C96829&gdpr=1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Wed, 07 Jul 2021 15:37:48 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B52E
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=MsttmDWZa84pyjqWPJ4ll2WdPp0pyW6dYpjDfZv5

43 B
1 KB

106ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=MsttmDWZa84pyjqWPJ4ll2WdPp0pyW6dYpjDfZv5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:46 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=MsttmDWZa84pyjqWPJ4ll2WdPp0pyW6dYpjDfZv5
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YOcbyQMi9VH60mapgMUV4gAA%261205
dpm.demdex.net/ Frame B52E 0
0 41ms
39ms Image
application/json 52.30.135.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YOcbyQMi9VH60mapgMUV4gAA%261205?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.135.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-135-179.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 setuid
sync.quantumdex.io/ Frame B52E 43 B
316 B 148ms
146ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YOcbyQMi9VH60mapgMUV4gAABLUAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RUIKEXQnbh3nFjo%2FZiPueh3Xt7Summ0yLE9zy3OhcllbaCkf4HPHDlfCICdvxdlp04BC%2FReXR5MxhHV8OypaAQMV2LsPutfBHKNxWovXuEC5kHlRAa9LbSsxbkFL5ePyQJjTXXHgtmjuaTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654c8a184db2-FRA
content-length: 43

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 0FA5
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
372 B

98ms
97ms

Document
text/html

54.204.142.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.142.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: f1467dff3c6fec51a3537ec2d6297803c59aada8a0ce9b1e1a40b8520ce3e23b

Request headers

:method: GET
:authority: um2.eqads.com
:scheme: https
:path: /um/cs&eq_cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssum-sec.casalemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: EQUser=UID=126c6ff4-cb53-42d1-bbb1-7a115ecda7f6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Thu, 08 Jul 2021 15:37:48 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Thu, 08 Jul 2021 15:37:48 GMT
pragma: no-cache

Redirect headers

date: Thu, 08 Jul 2021 15:37:47 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1
set-cookie: EQUser=UID=1f689ea4-61d7-4821-a1db-74d02a001803; Path=/; Domain=eqads.com; Expires=Fri, 08 Oct 2021 15:37:47 GMT; Secure; SameSite=None

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame B4A6
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbydnYXpw_a5DohITfrwAABK0AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbydnYXpw_a5DohITfrwAABK0AAAIB&dcc=t

43 B
433 B

509ms
101ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbydnYXpw_a5DohITfrwAABK0AAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:47 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:46 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbydnYXpw_a5DohITfrwAABK0AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame B4A6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YOcbydnYXpw_a5DohITfrwAABK0AAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECnRAQ76ZmRV3dNYbKjC2_I&google_cver=1

43 B
315 B

42ms
42ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECnRAQ76ZmRV3dNYbKjC2_I&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:45 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECnRAQ76ZmRV3dNYbKjC2_I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame B4A6 70 B
265 B 40ms
37ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YOcbydnYXpw-a5DohITfrwAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B4A6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YOcbydnYXpw-a5DohITfrwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1

43 B
1000 B

74ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:46 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 113
match.deepintent.com/usersync/ Frame B4A6 0
45 B 1308ms
97ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:46 GMT
content-length: 0
server: a

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B4A6
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=ehcpJH1FL3JhFn1wKERhIi0WdSZhEX8qLkWLYaBe

43 B
1 KB

70ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=ehcpJH1FL3JhFn1wKERhIi0WdSZhEX8qLkWLYaBe
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:46 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=ehcpJH1FL3JhFn1wKERhIi0WdSZhEX8qLkWLYaBe
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame B4A6 0
88 B 2407ms
100ms Image
text/plain 52.45.128.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2 200 setuid
sync.quantumdex.io/ Frame B4A6 43 B
337 B 252ms
251ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YOcbydnYXpw_a5DohITfrwAABK0AAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8ZFo7Tf5R297bPUDEZVV9zs0KIj4x944uIpJr7Knvt4cRs67LxfvxRmtU03PrH1jg2zJ9kfUeb9gAZtbyzeSuk85sUjFuu7HW3sNFz41orRFhK8j7nB%2F9mLmyzRQ2UGsZQdmJFlqkpCxifA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654caa474db2-FRA
content-length: 43

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 83C1
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
372 B

99ms
98ms

Document
text/html

54.204.142.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.142.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: f1467dff3c6fec51a3537ec2d6297803c59aada8a0ce9b1e1a40b8520ce3e23b

Request headers

:method: GET
:authority: um2.eqads.com
:scheme: https
:path: /um/cs&eq_cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssum-sec.casalemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: EQUser=UID=126c6ff4-cb53-42d1-bbb1-7a115ecda7f6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Thu, 08 Jul 2021 15:37:48 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Thu, 08 Jul 2021 15:37:48 GMT
pragma: no-cache

Redirect headers

date: Thu, 08 Jul 2021 15:37:47 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1
set-cookie: EQUser=UID=126c6ff4-cb53-42d1-bbb1-7a115ecda7f6; Path=/; Domain=eqads.com; Expires=Fri, 08 Oct 2021 15:37:47 GMT; Secure; SameSite=None

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7510
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YOcbyfldi3Qi3eGFyIIjjAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1

43 B
1000 B

35ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:46 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 7510 70 B
265 B 38ms
36ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YOcbyfldi3Qi3eGFyIIjjAAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 7510
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyfldi3Qi3eGFyIIjjAAABIEAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyfldi3Qi3eGFyIIjjAAABIEAAAIB&dcc=t

43 B
433 B

508ms
101ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyfldi3Qi3eGFyIIjjAAABIEAAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:47 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:46 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyfldi3Qi3eGFyIIjjAAABIEAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 7510
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YOcbyfldi3Qi3eGFyIIjjAAABIEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJORDWoeTZ-BGSgpsn-JRdc&google_cver=1

43 B
315 B

74ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJORDWoeTZ-BGSgpsn-JRdc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:45 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJORDWoeTZ-BGSgpsn-JRdc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7510
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
315 B

39ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:47 GMT

Redirect headers

date: Thu, 08 Jul 2021 15:37:47 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2 200 YOcbyfldi3Qi3eGFyIIjjAAABIEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7510 43 B
919 B 106ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YOcbyfldi3Qi3eGFyIIjjAAABIEAAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7510
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-9b726c6f-43f6-4ee6-b482-580c20590fce

43 B
1 KB

160ms
38ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-9b726c6f-43f6-4ee6-b482-580c20590fce
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:46 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-9b726c6f-43f6-4ee6-b482-580c20590fce
date: Thu, 08 Jul 2021 15:37:45 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 7510 43 B
147 B 2117ms
35ms Image
image/gif 3.120.242.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.242.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 setuid
sync.quantumdex.io/ Frame 7510 43 B
320 B 131ms
129ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YOcbyfldi3Qi3eGFyIIjjAAABIEAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QJ4484V5igNDJjPx0w7Z%2BP9T2P7XF2z%2BgOhweWskEcM7Ck6u2W0WJHRU0h9%2FdixTKHIJPzZ9oeDYj9TrFhB76ozANOX6OViqYO0Gf7eqV0%2BFjFKkWS6ihvTFGU69XeUzcDbZC2VdYRFfKh8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654ccab74db2-FRA
content-length: 43

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame D7F2 70 B
265 B 37ms
34ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YOcbyfldi3Qi3eGFyIIjjwAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame D7F2
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyfldi3Qi3eGFyIIjjwAABK4AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyfldi3Qi3eGFyIIjjwAABK4AAAAB&dcc=t

43 B
433 B

508ms
102ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyfldi3Qi3eGFyIIjjwAABK4AAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:47 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:46 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcbyfldi3Qi3eGFyIIjjwAABK4AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame D7F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YOcbyfldi3Qi3eGFyIIjjwAABK4AAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEITaAQkwwc0uTk6-CpsIE3s&google_cver=1

43 B
315 B

73ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEITaAQkwwc0uTk6-CpsIE3s&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:45 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEITaAQkwwc0uTk6-CpsIE3s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D7F2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YOcbyfldi3Qi3eGFyIIjjwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1

43 B
1000 B

75ms
38ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:46 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEl3qfwXczTI1tX6gBI6eeo&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D7F2
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
315 B

37ms
36ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:47 GMT

Redirect headers

date: Thu, 08 Jul 2021 15:37:47 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/55940/ Frame D7F2 0
234 B 97ms
93ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YOcbyfldi3Qi3eGFyIIjjwAABK4AAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame D7F2
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6790450661072851653&uid=Q6790450661072851653&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

42ms
42ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:47 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Thu, 08 Jul 2021 15:37:46 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D7F2
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2196076BC33242A7A8103E7F8BFBCBF8&gdpr=1

43 B
1 KB

35ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2196076BC33242A7A8103E7F8BFBCBF8&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:48 GMT

Redirect headers

date: Thu, 08 Jul 2021 15:37:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2196076BC33242A7A8103E7F8BFBCBF8&gdpr=1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Wed, 07 Jul 2021 15:37:48 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame D7F2 43 B
341 B 265ms
261ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YOcbyfldi3Qi3eGFyIIjjwAABK4AAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:46 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ENq58yPwsJZgu1MMwWi9b55ETASBLTRsV8u6HnxhXuEUo%2FnThJ7fQ2AjrX9U9TDLp%2B6Rl1vZslZBoymwuazdD41QmqV6l2FJYN73IlR5vK7rKC0GfP5R3KIj7ttK4%2Fdfv7yRxiUnxPH06Ko%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba654cfb814db2-FRA
content-length: 43

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4242 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-B4uo8KKgBwjwDTGHhVr22h1MsdXVatvNenTe0UT2jj7gJzK5TfjVEP3LhTF5dk8gsqM3hSzORR1DT3NPkTcCJFQ6oO5Q

Requested by

Host: nym1-ib.adnxs-simple.com
URL: https://nym1-ib.adnxs-simple.com/if?an_audit=0&referrer=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&e=wqT_3QKXLGwXFgAAAwDWAAUBCMi3nIcGEO3m2MG3st-UJBj_EQF4ASo2Cc78ag4QzJE_EbDHREqzeYw_GQAAAGC4HvU_IRESACkRJNAxAAAAQOF6pD8wmOuBCjihUEDlHkhlULWiyyVYztNrYABojaGtAXiRzwWAAQGKAQNVU0SSAQEG8JWYAcoHoAFaqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKniU7qAlpodHRwOi8vd3d3LmNlbGVienouY29tL21lbGFuaWUtYnJvd24tc3RlcHMtb3V0LXRvLWRpbm5lci13aXRoLWhlci1mcmllbmQtZ2FyeS1pbi1nbGVuZGFsZS_yAgwKBkhFSUdIVBICOTABD_D9BVdJRFRIEgM5NzDyAiEKBkxPQURFUhIXcmVuZGVyX3Bvc3RfYWRzX3YxLmh0bWzyAhcKCklGUkFNRV9LRVkSCTIzNDk0ODM3NfIC0A4KC1BSRV9TQ1JJUFRTEsAOPHNjcmlwdD4oZnVuY3Rpb24oKXsvKgoKIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuCiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMAoqLwp2YXIgaD10aGlzfHxzZWxmO2Z1bmN0aW9uIGsoYil7a1siICJdKGIpO3JldHVybiBifWtbIiAiXT0dmCR9O3ZhciBtPS9eIYDwSXM_OlwvXC8oXHd8LSkrXC5jZG5cLmFtcHByb2plY3RcLihuZXR8b3JnKShcP3xcL3wkKS87CmZ1bmN0aW9uIG4oKXt2YXIgYj1oBVcMYz1bXQUJJGQ9bnVsbDtkb3sBbhhhPWI7dHJ5BQwsZTtpZihlPSEhYSYmASQcIT1hLmxvY2EhNyAuaHJlZiliOnsBLZBrKGEuZm9vKTtlPSEwO2JyZWFrIGJ9Y2F0Y2gobCl7fWU9ITF9AV4IZz1lGRcAZwEWDGlmKGcJmQBmPl4AODtkPWEuZG9jdW1lbnQmJhkMKC5yZWZlcnJlcnx8AZckfWVsc2UgZj1kLA3LTGMucHVzaChuZXcgcChmfHwiIikpBdUkYj1hLnBhcmVudBmGAGIF__BAfX13aGlsZShiJiZhIT1iKTthPTA7Zm9yKGI9Yy5sZW5ndGgtMTthPD1iOysrYSljW2FdLmRlcHRoPWItYTthPWghKzkeAa41KjhhbmNlc3Rvck9yaWdpbnNuHAANawA9HXUAKQmGDDE7YjwRikw7KytiKWY9Y1tiXSxmLnVybHx8KAUILkIBOnYAFFtiLQoxXSEMGCxmLmg9ITAB4ykiAGgZqyHVFCwhMSk7ZiUWJQIEZD0yBAEgMDw9ZDstLWQpIbpEPWNbZF0sIWYmJm0udGVzdChnAY8gKSYmKGY9ZyksBQ4oJiYhZy5oKXthPWdJGwB9DV0AZBXmBCYmAcwBOwQ7MEFlAGQhWggmJmQFSAEbCCk7YwWtGHEoYSxmKTttNBRjLmc_Yy4FZQw6Yy5pAUAAfXE_NCBxKGIsYyl7dGhpcy5pQdUBCQhnPWMZIgBwHSIIdXJsESQUaD0hIWM7BS8FiCUKBH07FVkEcihJsIhiPW4oKSxjPWIuaW5kZXhPZigiPyIpO3NldFRpbWVvdXQoZm18DTFEZD12b2lkIDA9PT1kPy4wMTpkQTVEIShNYXRoLnJhbmRvbSgpPmQpCV8EYT1R-wwuY3VyQbQAU4W6EDthPShhGUoEYT9hA6A6YSkmJiI3NyI9PT1hLmdldEF0dHJpYnV0ZSgiZGF0YS1qYyIpP2E6ZG1OQC5xdWVyeVNlbGVjdG9yKCdbDSUAPQFEGF0nKTtkPSKFdFg6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY4kDCGNvbQ0ekC9nZW5fMjA0P2lkPWpjYSZqYz03NyZ2ZXJzaW9uPSIrKGEmJmFWmAAALQ0mkCIpfHwidW5rbm93biIpKyImc2FtcGxlPSIrZDthPXdpbmRvdzuBRI2WMGEubmF2aWdhdG9yKWUuDgBQLnVzZXJBZ2VudCxlPS9DaHJvbWUvSZ4gZSkmJiEvRWRnGREcPyEwOiExO2VhlhVRMC5zZW5kQmVhY29uPwodaR0YFChkKTooYS0VQF9pbWFnZV9yZXF1ZXN0c3x8XhoAED1bXSksAa453BxyZWF0ZUVsZYHlPCgiaW1nIiksZS5zcmM9ZCxaYACJ3xhlKSl9fSwwdQ5cMDw9Yz9iLnN1YnN0cmluZygwLGMpOmJ9KTsQLnJmbD1RxAgoKXttQ4BlbmNvZGVVUklDb21wb25lbnQocigpKX07fSkuY2FsbChhCBQpOwo8L3NFfmw-8gLJAgoKRVhUUkFfVEFHUxK6AjxkaXYgc3R5Ia0McG9zacEfZDogYWJzb2x1dGU7IGxlZnQ6IDBweDsgdG9wDQpkdmlzaWJpbGl0eTogaGlkZGVuOyI-PGltZyAB--J9AhRhd2JpZCYFBvCwX2I9QUtBbWYtQjR1bzhLS2dCd2p3RFRHSGhWcjIyaDFNc2RYVmF0dk5lblRlMFVUMmpqN2dKeks1VGZqVkVQM0xoVEY1ZGs4Z3NxTTNoU3pPUlIxRFQzTlBrVGNDSkZRNm9PNVEiIGJvcmRlcj0wIHdpZHRoPTEgaGVpZ2h0PTEgYWx0PSIiIHN0eWxlPSJkaXNwbGF5Om5vbmUiPjwvZGl2PvICmQEKDFBPU1RfU0NSEqIICIgBPClqNggBaX1QYWRzLmcuZG91YmxlY2xpY2submV0cYM8eGJmZV9iYWNrZmlsbC5qcwFlCUsAPg1TAD6dkiAge3IzcHgoJzIeLQkcJyk7fSkoKTs96lj-EQoQSE9TVF9QT1JUX1BBUkFNUxLpEZEZipQA8IFhZGZldGNoP2Fkaz0xNjEyNDI1NDgxJmFkc2FmZT1tZWRpdW0mY2xpZW50PWNhLXB1Yi0zMDc2ODkwMDEyNzQxNDY3JmZvcm1hdD05NzB4OTBfYXMmaXA9MmEwMTo0Zjg6MTkyOjU0MTQ6OiZvdXRwdXQ9aHRtbCZ1bnZpZXdlZF9wTZAgX3N0YXJ0PTEmoekBwf7OClbOChAmc3ViXw3QAGJB1vDtci01NTE0MzE2JmhsPWVuJmFjZWlkPU1Oc090QUIyRjdRQTdCbTBBUEFadEFBbUdyUUEtVlUwQVdaZk5BR05ZVFFCSDJJMEFUZGlOQUcwWkRRQkNtVTBBV2RsTkFGdlpUUUI1bVkwQVRSbk5BRi1aelFCc1djMEFlbG5OQUVFYURRQkNHZzBBUkZvTkFFa2FEUUJNV2cwQVRKb05BRTVhRFFCUEdnMEFVSm9OQUZWYURRQldHZzBBV0JvTkFGa2FEUUJaV2cwQVdab05BRm5hRFFCYUdnMEFXMW9OQUdBYURRQmgyZzBBWTlvTkFHZQFwAG8BMBhhZG9OQUdwARAYcW1nMEFiQgEQAHgBEAB4ASAAYwEg9NcGRkxjMEVCVTNOQkFWdjEyUUVxaEFjQ2tvUUhBc2NhWEFMRkcxd0NzQnhjQWdRZFhBSTEtWWdDb2ZtSUFydjVpQUlEUWFvQ0owS3FBaWhDcWdJLVE2b0NZMFdxQWdwZnFnTFBZYW9DZW1tcUFreHJxZ0xHY3FvQ3UzV3FBdjE0cWdKdGVhb0NrSHFxQW5tRnFnTG5pYW9DS0lxcUFsbUtxZ0pjaXFvQ0RZLXFBbWVQcWdMQ2xLb0NycGFxQWdPWnFnSzRtYW9DWVpxcUFvQ2JxZ0tCbTZvQ2dwdXFBcmFkcWdKRG9xb0N5YU9xQWxhbXFnS0RwcW9DMnFhcUFxYW5xZ0lOcUtvQ0ZLaXFBcUtvcWdKenFhb0NzNm1xQXVLcHFnSXRyS29DZksycUFoeXVxZ0llcnFvQ0txNnFBb211cWdKT3I2b0NsYS1xQWpxd3FnSmFzS29DZDdDcUFucXdxZ0pfc0tvQ2dyQ3FBb3F3cWdMWHNxb0NHck9xQWxXenFnS1N0S29DdTdTcUFpTzNxZ0lYdWFvQ09ycXFBczI3cWdMaXU2b0NjYjJxQW5POXFnS1l2YW9DcUwycUF0cTlxZ0psdjZvQ2dyLXFBbzZfcWdLMHY2b0MtNy1xQWl6QXFnSl93S29DdDhDcUFzX0FxZ0xnd0tvQ0I4S3FBZ19DcWdJbXdxb0NTY0txQXZMQ3FnTC13cW9DRGNPcUFndkVxZ0lXeEtvQ1ljU3FBcV9FcWdLMnhLb0NBc1dxQXVMRnFnTEt4cW9Dem5LNkFtUTNZUVFJczhVRnJNc2NEQV9MQ2cwMWxzQU9ncWI3RWdxby14SU5zZnNTOWNUN0V0UEsteEp3elBzU3Y5TDdFaHJVLXhLVTFmc1NoTmI3RXVfYy14SVA0UHNTemVEN0VsX2gteExSNGZzUzRlSDdFbWZpLXhJbDRfc1NNdVA3RWpUbC14SmI1ZnNTQ3ViN0VrWG0teEltNV9zU2xtWmtFX2RXYXhwWkFKSXBjcDNXTXcmZXhrPTIzNDk0ODM3NSZhd2JpZF9jPUFLQW1mLUFXNnBtdXJrTjA4M1l4RldBOHdlOTNxcE5IUXdnSndyQ25tclBTSFlERENFSzVrNzVRYWR6N0FLMGRwVjFrdF9HRXhSWVVoZWtQei1IeUh2SFJTTUtCOS03TVFTYWU1eXRHUVNfejROdjloemNrUW1EQy1keGxmbFh6dkM5OFB1M19xTTZDT3JuUFp6NTJDTllKUmMxQWlNN0ZFZyZhd2JpZF9kPUFLQW1mLUJXYnliNXB3Ny1Vc1FPWjZYUm1ScjA1RVNXUG00cFZxaTl2TzF0c0MzSzJYbHdldDlJMHdaaTFMRWpNd1VrMndnOWpEclhSLWFuUUNjNy1wVks3OFhFeVk2bnZUemNnd212a1lZb2RGbUJQNDYyRkdGYzNKeGt4cnpXb1FyMUZqTWtYWWtDb2ljX1d2Tzg4bXZGYVpvQXY2SkZPczFnUEJ4c0hLZG1JejMtTkRtMkhvcWkybzRfTm5rMkdEZnJ5YXlicjJmem9uRzJsajh0R01SWlhRaTJKSUktN0pDR2xSUmVSN3NEMmZiOUpRYnhLa2lXN0V3WHEtUzRkNGpfWFJvM1RwNFdORkxCaFJibTFaVnFyZ1YyODh1aE9sS2pSWnNidmhzWmJzSjlETUlJU2N3RG83WDZfTjF5R1hLRnFhWUJEdTREZWwxSlhYN3JybHVrTnBJT0FuSldqTGJGSS0tVlFZT1VpRUc3RGw1bkk4d3JZZjNkd1YxcXZQazhSWHZHd2k4NVh1MmxFLUh4UlBlWWw1eDV6TzVzUV8tVmN4MG1PQ29DRUt3cy1ES2xaZzlNLVR4VjJfSkp6djh1V1lKOVlhUm50ZkpnbUl2UGFnTm42ajlmbzZxa001X05IckFacGxqU0FScjk5ekdLWUJHZjNsYy1JcHlJUnh5QzNkb3E2TFRwU1p0YWVyNEFVSGJhNGx6MHhiT1IwbDk2Vnh2OGpzbzAtdU1DWU9iRlJXclFKZzhaUkJWVjRMS2ItQzg2VzB4cFZjRDhxaTViT1lfekFFRzdwZExKZjZLT3hJRElzczlyMHI5VEVGMFZZN2hET0FTakJHMWcwZV8xNDZmWFJVVUo5WnU4NVIxTzRIYWdLWkViUzBWc2twdzVFLWpBcjJaNUZoNEFFanRtTzczMjF3bXBxRVREbURWdlgzb3ZxQnRIJmNpZD1DQUFTQk9Sb2JyMCZhX2NpZD2AAwGIAwCQAwCYAxSgAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uWhgNEpUKOpsK8P1BUDdXd2pkeGFVV3FpNUlPWHV0NjJxUXZzS1BkcmFBbWIxN2ZkdE1GRkk4QTFfMW4zT0VEeHpkZnRLZE5nS2M4THRkYVRnTEZlVGQ3TXFlRFR5SzJ0QjRjNlZyUSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMyNjA1NzUxOTMxNzQxMDI1MTMzIgg3ODgyNzgyOSoEMzk0MToBMMADrALIAwDYA7eaVOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFDJhMDE6NGY4OjE5Mjo1NDE0OjoyqAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA2gQCCAHgBADwBA6lFPBe-gQSCQAAAKCZmUlAEQAAAMDMzCJAiAUBmAUAoAWK2dGj_e-xhhGqBSRkZTMyZTM1OS03OGVkLTQ3ZjEtOTU5Ni1hNzNiNWY4OTE5OTDABQDJBQAAAAAAAPA_0gUJCQAFDDwAANgFAeAFAfAF2sMf-gUEAZcokAYAmAYAuAYBwQYJJCzwP9AG7o8B2gYWChAJEhkBmBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzI2OTQwODcyOTY0ugcPCAUoACAB7iy6BkAAyAeRzwXSBw0B3wUBAUYI2gcGAX4wGADgBwDqBwIIAPAHAA..&s=bc2cfbe3d9c02a0562880807efc724feffc896dc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nym1-ib.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame 4242 12 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

452eaaa600a5a36fea4cf8b7fb349686e36106876a2a74efcff1291476f9c6b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nym1-ib.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:53:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2684
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5200
x-xss-protection: 0
server: cafe
etag: 15790645717563401284
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 08 Jul 2021 15:53:01 GMT

GET
H/1.1 200
OK it
nym1-ib.adnxs-simple.com/ Frame 4242 0
657 B 102ms
102ms Image
text/html 68.67.179.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.90 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nym1-ib.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: 80b84d01-7b4a-4aa5-87ed-b071e8b21e1d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs-simple.com/v/s/212/ Frame 4242 85 KB
29 KB 40ms
40ms Script
application/x-javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs-simple.com/v/s/212/trk.js
Requested by: Host: nym1-ib.adnxs-simple.com
URL: https://nym1-ib.adnxs-simple.com/if?an_audit=0&referrer=http%3A%2F%2Fwww.celebzz.com%2Fmelanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale%2F&e=wqT_3QKXLGwXFgAAAwDWAAUBCMi3nIcGEO3m2MG3st-UJBj_EQF4ASo2Cc78ag4QzJE_EbDHREqzeYw_GQAAAGC4HvU_IRESACkRJNAxAAAAQOF6pD8wmOuBCjihUEDlHkhlULWiyyVYztNrYABojaGtAXiRzwWAAQGKAQNVU0SSAQEG8JWYAcoHoAFaqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKniU7qAlpodHRwOi8vd3d3LmNlbGVienouY29tL21lbGFuaWUtYnJvd24tc3RlcHMtb3V0LXRvLWRpbm5lci13aXRoLWhlci1mcmllbmQtZ2FyeS1pbi1nbGVuZGFsZS_yAgwKBkhFSUdIVBICOTABD_D9BVdJRFRIEgM5NzDyAiEKBkxPQURFUhIXcmVuZGVyX3Bvc3RfYWRzX3YxLmh0bWzyAhcKCklGUkFNRV9LRVkSCTIzNDk0ODM3NfIC0A4KC1BSRV9TQ1JJUFRTEsAOPHNjcmlwdD4oZnVuY3Rpb24oKXsvKgoKIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuCiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMAoqLwp2YXIgaD10aGlzfHxzZWxmO2Z1bmN0aW9uIGsoYil7a1siICJdKGIpO3JldHVybiBifWtbIiAiXT0dmCR9O3ZhciBtPS9eIYDwSXM_OlwvXC8oXHd8LSkrXC5jZG5cLmFtcHByb2plY3RcLihuZXR8b3JnKShcP3xcL3wkKS87CmZ1bmN0aW9uIG4oKXt2YXIgYj1oBVcMYz1bXQUJJGQ9bnVsbDtkb3sBbhhhPWI7dHJ5BQwsZTtpZihlPSEhYSYmASQcIT1hLmxvY2EhNyAuaHJlZiliOnsBLZBrKGEuZm9vKTtlPSEwO2JyZWFrIGJ9Y2F0Y2gobCl7fWU9ITF9AV4IZz1lGRcAZwEWDGlmKGcJmQBmPl4AODtkPWEuZG9jdW1lbnQmJhkMKC5yZWZlcnJlcnx8AZckfWVsc2UgZj1kLA3LTGMucHVzaChuZXcgcChmfHwiIikpBdUkYj1hLnBhcmVudBmGAGIF__BAfX13aGlsZShiJiZhIT1iKTthPTA7Zm9yKGI9Yy5sZW5ndGgtMTthPD1iOysrYSljW2FdLmRlcHRoPWItYTthPWghKzkeAa41KjhhbmNlc3Rvck9yaWdpbnNuHAANawA9HXUAKQmGDDE7YjwRikw7KytiKWY9Y1tiXSxmLnVybHx8KAUILkIBOnYAFFtiLQoxXSEMGCxmLmg9ITAB4ykiAGgZqyHVFCwhMSk7ZiUWJQIEZD0yBAEgMDw9ZDstLWQpIbpEPWNbZF0sIWYmJm0udGVzdChnAY8gKSYmKGY9ZyksBQ4oJiYhZy5oKXthPWdJGwB9DV0AZBXmBCYmAcwBOwQ7MEFlAGQhWggmJmQFSAEbCCk7YwWtGHEoYSxmKTttNBRjLmc_Yy4FZQw6Yy5pAUAAfXE_NCBxKGIsYyl7dGhpcy5pQdUBCQhnPWMZIgBwHSIIdXJsESQUaD0hIWM7BS8FiCUKBH07FVkEcihJsIhiPW4oKSxjPWIuaW5kZXhPZigiPyIpO3NldFRpbWVvdXQoZm18DTFEZD12b2lkIDA9PT1kPy4wMTpkQTVEIShNYXRoLnJhbmRvbSgpPmQpCV8EYT1R-wwuY3VyQbQAU4W6EDthPShhGUoEYT9hA6A6YSkmJiI3NyI9PT1hLmdldEF0dHJpYnV0ZSgiZGF0YS1qYyIpP2E6ZG1OQC5xdWVyeVNlbGVjdG9yKCdbDSUAPQFEGF0nKTtkPSKFdFg6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY4kDCGNvbQ0ekC9nZW5fMjA0P2lkPWpjYSZqYz03NyZ2ZXJzaW9uPSIrKGEmJmFWmAAALQ0mkCIpfHwidW5rbm93biIpKyImc2FtcGxlPSIrZDthPXdpbmRvdzuBRI2WMGEubmF2aWdhdG9yKWUuDgBQLnVzZXJBZ2VudCxlPS9DaHJvbWUvSZ4gZSkmJiEvRWRnGREcPyEwOiExO2VhlhVRMC5zZW5kQmVhY29uPwodaR0YFChkKTooYS0VQF9pbWFnZV9yZXF1ZXN0c3x8XhoAED1bXSksAa453BxyZWF0ZUVsZYHlPCgiaW1nIiksZS5zcmM9ZCxaYACJ3xhlKSl9fSwwdQ5cMDw9Yz9iLnN1YnN0cmluZygwLGMpOmJ9KTsQLnJmbD1RxAgoKXttQ4BlbmNvZGVVUklDb21wb25lbnQocigpKX07fSkuY2FsbChhCBQpOwo8L3NFfmw-8gLJAgoKRVhUUkFfVEFHUxK6AjxkaXYgc3R5Ia0McG9zacEfZDogYWJzb2x1dGU7IGxlZnQ6IDBweDsgdG9wDQpkdmlzaWJpbGl0eTogaGlkZGVuOyI-PGltZyAB--J9AhRhd2JpZCYFBvCwX2I9QUtBbWYtQjR1bzhLS2dCd2p3RFRHSGhWcjIyaDFNc2RYVmF0dk5lblRlMFVUMmpqN2dKeks1VGZqVkVQM0xoVEY1ZGs4Z3NxTTNoU3pPUlIxRFQzTlBrVGNDSkZRNm9PNVEiIGJvcmRlcj0wIHdpZHRoPTEgaGVpZ2h0PTEgYWx0PSIiIHN0eWxlPSJkaXNwbGF5Om5vbmUiPjwvZGl2PvICmQEKDFBPU1RfU0NSEqIICIgBPClqNggBaX1QYWRzLmcuZG91YmxlY2xpY2submV0cYM8eGJmZV9iYWNrZmlsbC5qcwFlCUsAPg1TAD6dkiAge3IzcHgoJzIeLQkcJyk7fSkoKTs96lj-EQoQSE9TVF9QT1JUX1BBUkFNUxLpEZEZipQA8IFhZGZldGNoP2Fkaz0xNjEyNDI1NDgxJmFkc2FmZT1tZWRpdW0mY2xpZW50PWNhLXB1Yi0zMDc2ODkwMDEyNzQxNDY3JmZvcm1hdD05NzB4OTBfYXMmaXA9MmEwMTo0Zjg6MTkyOjU0MTQ6OiZvdXRwdXQ9aHRtbCZ1bnZpZXdlZF9wTZAgX3N0YXJ0PTEmoekBwf7OClbOChAmc3ViXw3QAGJB1vDtci01NTE0MzE2JmhsPWVuJmFjZWlkPU1Oc090QUIyRjdRQTdCbTBBUEFadEFBbUdyUUEtVlUwQVdaZk5BR05ZVFFCSDJJMEFUZGlOQUcwWkRRQkNtVTBBV2RsTkFGdlpUUUI1bVkwQVRSbk5BRi1aelFCc1djMEFlbG5OQUVFYURRQkNHZzBBUkZvTkFFa2FEUUJNV2cwQVRKb05BRTVhRFFCUEdnMEFVSm9OQUZWYURRQldHZzBBV0JvTkFGa2FEUUJaV2cwQVdab05BRm5hRFFCYUdnMEFXMW9OQUdBYURRQmgyZzBBWTlvTkFHZQFwAG8BMBhhZG9OQUdwARAYcW1nMEFiQgEQAHgBEAB4ASAAYwEg9NcGRkxjMEVCVTNOQkFWdjEyUUVxaEFjQ2tvUUhBc2NhWEFMRkcxd0NzQnhjQWdRZFhBSTEtWWdDb2ZtSUFydjVpQUlEUWFvQ0owS3FBaWhDcWdJLVE2b0NZMFdxQWdwZnFnTFBZYW9DZW1tcUFreHJxZ0xHY3FvQ3UzV3FBdjE0cWdKdGVhb0NrSHFxQW5tRnFnTG5pYW9DS0lxcUFsbUtxZ0pjaXFvQ0RZLXFBbWVQcWdMQ2xLb0NycGFxQWdPWnFnSzRtYW9DWVpxcUFvQ2JxZ0tCbTZvQ2dwdXFBcmFkcWdKRG9xb0N5YU9xQWxhbXFnS0RwcW9DMnFhcUFxYW5xZ0lOcUtvQ0ZLaXFBcUtvcWdKenFhb0NzNm1xQXVLcHFnSXRyS29DZksycUFoeXVxZ0llcnFvQ0txNnFBb211cWdKT3I2b0NsYS1xQWpxd3FnSmFzS29DZDdDcUFucXdxZ0pfc0tvQ2dyQ3FBb3F3cWdMWHNxb0NHck9xQWxXenFnS1N0S29DdTdTcUFpTzNxZ0lYdWFvQ09ycXFBczI3cWdMaXU2b0NjYjJxQW5POXFnS1l2YW9DcUwycUF0cTlxZ0psdjZvQ2dyLXFBbzZfcWdLMHY2b0MtNy1xQWl6QXFnSl93S29DdDhDcUFzX0FxZ0xnd0tvQ0I4S3FBZ19DcWdJbXdxb0NTY0txQXZMQ3FnTC13cW9DRGNPcUFndkVxZ0lXeEtvQ1ljU3FBcV9FcWdLMnhLb0NBc1dxQXVMRnFnTEt4cW9Dem5LNkFtUTNZUVFJczhVRnJNc2NEQV9MQ2cwMWxzQU9ncWI3RWdxby14SU5zZnNTOWNUN0V0UEsteEp3elBzU3Y5TDdFaHJVLXhLVTFmc1NoTmI3RXVfYy14SVA0UHNTemVEN0VsX2gteExSNGZzUzRlSDdFbWZpLXhJbDRfc1NNdVA3RWpUbC14SmI1ZnNTQ3ViN0VrWG0teEltNV9zU2xtWmtFX2RXYXhwWkFKSXBjcDNXTXcmZXhrPTIzNDk0ODM3NSZhd2JpZF9jPUFLQW1mLUFXNnBtdXJrTjA4M1l4RldBOHdlOTNxcE5IUXdnSndyQ25tclBTSFlERENFSzVrNzVRYWR6N0FLMGRwVjFrdF9HRXhSWVVoZWtQei1IeUh2SFJTTUtCOS03TVFTYWU1eXRHUVNfejROdjloemNrUW1EQy1keGxmbFh6dkM5OFB1M19xTTZDT3JuUFp6NTJDTllKUmMxQWlNN0ZFZyZhd2JpZF9kPUFLQW1mLUJXYnliNXB3Ny1Vc1FPWjZYUm1ScjA1RVNXUG00cFZxaTl2TzF0c0MzSzJYbHdldDlJMHdaaTFMRWpNd1VrMndnOWpEclhSLWFuUUNjNy1wVks3OFhFeVk2bnZUemNnd212a1lZb2RGbUJQNDYyRkdGYzNKeGt4cnpXb1FyMUZqTWtYWWtDb2ljX1d2Tzg4bXZGYVpvQXY2SkZPczFnUEJ4c0hLZG1JejMtTkRtMkhvcWkybzRfTm5rMkdEZnJ5YXlicjJmem9uRzJsajh0R01SWlhRaTJKSUktN0pDR2xSUmVSN3NEMmZiOUpRYnhLa2lXN0V3WHEtUzRkNGpfWFJvM1RwNFdORkxCaFJibTFaVnFyZ1YyODh1aE9sS2pSWnNidmhzWmJzSjlETUlJU2N3RG83WDZfTjF5R1hLRnFhWUJEdTREZWwxSlhYN3JybHVrTnBJT0FuSldqTGJGSS0tVlFZT1VpRUc3RGw1bkk4d3JZZjNkd1YxcXZQazhSWHZHd2k4NVh1MmxFLUh4UlBlWWw1eDV6TzVzUV8tVmN4MG1PQ29DRUt3cy1ES2xaZzlNLVR4VjJfSkp6djh1V1lKOVlhUm50ZkpnbUl2UGFnTm42ajlmbzZxa001X05IckFacGxqU0FScjk5ekdLWUJHZjNsYy1JcHlJUnh5QzNkb3E2TFRwU1p0YWVyNEFVSGJhNGx6MHhiT1IwbDk2Vnh2OGpzbzAtdU1DWU9iRlJXclFKZzhaUkJWVjRMS2ItQzg2VzB4cFZjRDhxaTViT1lfekFFRzdwZExKZjZLT3hJRElzczlyMHI5VEVGMFZZN2hET0FTakJHMWcwZV8xNDZmWFJVVUo5WnU4NVIxTzRIYWdLWkViUzBWc2twdzVFLWpBcjJaNUZoNEFFanRtTzczMjF3bXBxRVREbURWdlgzb3ZxQnRIJmNpZD1DQUFTQk9Sb2JyMCZhX2NpZD2AAwGIAwCQAwCYAxSgAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uWhgNEpUKOpsK8P1BUDdXd2pkeGFVV3FpNUlPWHV0NjJxUXZzS1BkcmFBbWIxN2ZkdE1GRkk4QTFfMW4zT0VEeHpkZnRLZE5nS2M4THRkYVRnTEZlVGQ3TXFlRFR5SzJ0QjRjNlZyUSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMyNjA1NzUxOTMxNzQxMDI1MTMzIgg3ODgyNzgyOSoEMzk0MToBMMADrALIAwDYA7eaVOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFDJhMDE6NGY4OjE5Mjo1NDE0OjoyqAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA2gQCCAHgBADwBA6lFPBe-gQSCQAAAKCZmUlAEQAAAMDMzCJAiAUBmAUAoAWK2dGj_e-xhhGqBSRkZTMyZTM1OS03OGVkLTQ3ZjEtOTU5Ni1hNzNiNWY4OTE5OTDABQDJBQAAAAAAAPA_0gUJCQAFDDwAANgFAeAFAfAF2sMf-gUEAZcokAYAmAYAuAYBwQYJJCzwP9AG7o8B2gYWChAJEhkBmBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzI2OTQwODcyOTY0ugcPCAUoACAB7iy6BkAAyAeRzwXSBw0B3wUBAUYI2gcGAX4wGADgBwDqBwIIAPAHAA..&s=bc2cfbe3d9c02a0562880807efc724feffc896dc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1e7d37655cb5bde289f377edc0d853e0850c0f7ee432d92caf2702b2f3d7b1de

Request headers

Referer: https://nym1-ib.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:37:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Jun 2021 07:29:39 GMT
Server: AkamaiNetStorage
ETag: "6d91472bc3da5214e6fbe83dbe89394e:1624433379.808788"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29216
Expires: Fri, 08 Jul 2022 15:37:45 GMT

GET
H3-29 200 render_post_ads_v1.html Show response
googleads.g.doubleclick.net/pagead/ Frame E0CB 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/render_post_ads_v1.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nym1-ib.adnxs-simple.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlHs2g6Q4kfuInTjU61AfWnZE-WQy9Sdz76k3-NNRxKVVcHdSRbFOeD0tjDt2I
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://nym1-ib.adnxs-simple.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 07 Jul 2021 19:48:13 GMT
expires: Thu, 08 Jul 2021 19:48:13 GMT
content-type: text/html; charset=UTF-8
etag: 12223946614886178233
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4980
x-xss-protection: 0
age: 71372
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4242 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea666b0953da9928fad569dd20e99bc4900935a2ba63f82246e4d0c4012e1970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nym1-ib.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625657948508962"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27726
x-xss-protection: 0
expires: Thu, 08 Jul 2021 15:37:45 GMT

POST
H3-29 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame E0CB 68 KB
25 KB 55ms
55ms XHR
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7fdb4419c1fe2d672a655357825c3b27ffc89500caa9aae2b8749f9eb497ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25745
x-xss-protection: 0

GET
H3-29 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame E0CB 22 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8676
x-xss-protection: 0
server: cafe
etag: 11618055936852703379
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 15:12:03 GMT

GET
H3-29 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame E0CB 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5dc880eea643173ab8ba638d79fa8b32addce71dc238ed069b1033cebeb97bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1274
x-xss-protection: 0
server: cafe
etag: 10919514149387036968
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 15:35:26 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E0CB 123 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:37:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625657928851490"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37883
x-xss-protection: 0
expires: Thu, 08 Jul 2021 15:37:45 GMT

GET
H3-29 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame E0CB 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f924eb76b06a7fe3dd80d5e2b8f985f46553cde627eee1c6d6572cf56ff14cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7056
x-xss-protection: 0
server: cafe
etag: 17711125642725212121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 15:34:49 GMT

GET
H3-29 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame E0CB 34 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/one_click_handler_one_afma.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e16eb6d5a9c95192e441cfdb3a486ce4275bc9c7811ba2857eaebe9f949b0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13275
x-xss-protection: 0
server: cafe
etag: 11803730363769708749
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 07:36:47 GMT

GET
H3-29 200 11134173197611013203
tpc.googlesyndication.com/simgad/ Frame E0CB 52 KB
52 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11134173197611013203?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm0c6L8BwGi-bRVbO2zEQZ0JWlrMw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6519bf5f34c7350ecc7ee3621e42d7026fc7df7a4d2d22550310ed189c507d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 19:05:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Jun 2021 03:01:12 GMT
server: sffe
age: 160326
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53684
x-xss-protection: 0
expires: Wed, 06 Jul 2022 19:05:39 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame E0CB 0
17 B 42ms
42ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCLh6yBvnYOGZPJqzzLUP-qCVwA7K6YH3Yd3exZv6DbPVg9TtCxABIOaX1iVglQKgAaSlr8UDyAECqQLnbiMVeEeBPqgDAcgDyQSqBI8CT9Doxjl6bil-XbfIu8xk0U-IHSpBwecX2EdnlVWjbYu7XLGfwyCGApJGqD6pwwcXG4cxkrUCAXotfTb9hrw0FMRy8QcWzFT7edW-MDVSQOYYUMiuxgQdiQaKJC2za6nQckRB2IX6WBVOXnDmRCfKmvGByH8l9tZjliJn-Nl5lZ_X0boAAajOD_m0oUJefAGCb2ekU6GqF9Y0CRbDki1FL1TfNw9XV37HBSnxLqNvKOUdvUEQvGOeLK_MzBcRCgSlMnCoUj_aiCg-h--l2-Bjf5Vj4VCf_piTih_gIdb7arkLPDd6u8urcMICVLM3RU2tJl_yTcOdUkh46RfOkeD-hSX0saImdGDyD1nVpA_MxMAEhLK0rmSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHxNrQOqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAdIIBwiAYRABGADyCA5iaWRkZXItNTUxNDMxNoAKBMgLAdAVAZgWAYAXAbIXBgoECAASAA&sigh=_CCEFhLxiYc&pr=10:0.01738&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 08 Jul 2021 15:37:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H/1.1 200
OK vevent
nym1-ib.adnxs-simple.com/ Frame 4242 0
688 B 96ms
95ms Ping
text/html 68.67.179.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/212/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.90 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nym1-ib.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:45 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: 7d9d6799-2a57-4f0a-8655-a47b7af2a7c5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://nym1-ib.adnxs-simple.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 983E 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlEdc5Rh3AHyvchx0KCoUvx7CKFN-R0gYR1PdmXK0CwrMWXkIdF3enauyIEr6o
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 08 Jul 2021 15:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E0CB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a09dc565353596a2bec548bc93c0d7746486f5fc9eb2bd25f04c1d56c26d770

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 983E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlEdc5Rh3AHyvchx0KCoUvx7CKFN-R0gYR1PdmXK0CwrMWXkIdF3enauyIEr6o
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 08 Jul 2021 15:37:46 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 08-Jul-2021 16:37:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Jul 2021 15:37:46 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 08 Jul 2021 15:37:46 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js Show response
pagead2.googlesyndication.com/bg/ Frame 032E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c971ec4829376335946d1beaa191f2c64a48e8954b422dea372c2d9029177b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 07:16:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 202855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5747
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 07:16:51 GMT

POST
H/1.1 200
OK vevent
nym1-ib.adnxs-simple.com/ Frame 4242 0
688 B 94ms
93ms Ping
text/html 68.67.179.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/212/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.90 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nym1-ib.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:47 GMT
X-Proxy-Origin: 139.28.219.108; 139.28.219.108; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: 53cf042b-9b60-4318-9179-db3046e5cb3b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://nym1-ib.adnxs-simple.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E0CB 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvFSc56TtUQC0wZbpKyHzCooI3FY1ZyecoNoStHceZwBav433RJtin9lFbQd7mY1VOmCBScgbqXIaUiOpLWcUgBvYQto1ieNTFFGo3jJXu9LXsq3wUihkwusQ&sig=Cg0ArKJSzMkLvMQsuW7JEAE&cid=CAASFeRofkmdIgbRBb0gS7ZUqQdB7H8www&id=lidar2&mcvt=1001&p=0,0,90,970&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210707&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1612425481&exk=234948375&rs=5&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1625758665784&dlt=6&rpt=219&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:37:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame 0FA5 43 B
1 KB 35ms
34ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=126c6ff4-cb53-42d1-bbb1-7a115ecda7f6&expiration=1633707468
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:48 GMT

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame 83C1 43 B
1 KB 39ms
39ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=126c6ff4-cb53-42d1-bbb1-7a115ecda7f6&expiration=1633707468
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:37:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:37:48 GMT

Verdicts & Comments Add Verdict or Comment

234 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 19:35:59	Name: test_cookie Value: CheckForPermission
www.celebzz.com/	1970-01-20 04:21:34	Name: _pubcid Value: 8b637860-c597-42cc-abe6-0e8da579e534
www.celebzz.com/	1970-01-19 19:36:05	Name: __vliIPL Value: {"value":["2a01:4f8:192:5414::2"],"expiredAt":1625765861728}
.celebzz.com/	1970-01-20 04:57:34	Name: __gads Value: ID=6eba76b6284f49ec-2233b14476c800fb:T=1625758661:RT=1625758661:S=ALNI_MZWr8Yv6aeBtxxexRH2JLZVz-HQfw
www.celebzz.com/	1970-01-20 04:21:34	Name: HstCns2352469 Value: 1
.celebzz.com/	1970-01-20 13:07:10	Name: _ga Value: GA1.2.1475286884.1625758661
www.celebzz.com/	1970-01-20 04:21:34	Name: HstCnv2352469 Value: 1
.celebzz.com/	1970-01-19 19:35:58	Name: _gat Value: 1
www.celebzz.com/	1970-01-20 04:21:34	Name: HstPn2352469 Value: 1
www.celebzz.com/	1970-01-20 04:21:34	Name: HstPt2352469 Value: 1
.mahimeta.com/	1970-01-19 19:36:00	Name: __cf_bm Value: c4c77909bbcc46e5449b60243d4e89afcfd01a8c-1625758661-1800-AaKy0l8BMChisQtkcZRsDYoLrUpIxS4MzNJEmsCQN9hD/egrBy5dYpiXecft9mwYXvVAIDITcn5ti2u9JdqxSxs=
www.celebzz.com/	1970-01-19 19:35:59	Name: pageImpression Value: 1
www.celebzz.com/	1970-01-20 04:21:34	Name: HstCmu2352469 Value: 1625758661638
.celebzz.com/	1970-01-19 19:37:25	Name: _gid Value: GA1.2.1863006764.1625758661
www.celebzz.com/	1970-01-20 04:21:34	Name: HstCla2352469 Value: 1625758661638
www.celebzz.com/	1970-01-20 04:21:34	Name: HstCfa2352469 Value: 1625758661638

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://www.celebzz.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: http://mahimeta.com/networks/vast_tag.js?cache=1625758661(Line 329) Message: Referrer: www.celebzz.com
console-api	log	URL: http://mahimeta.com/networks/vast_tag.js?cache=1625758661(Line 136) Message: 0
console-api	log	URL: https://mahimeta.com/networks/frame_ref.php(Line 26) Message: Referrer: www.celebzz.com/melanie-brown-steps-out-to-dinner-with-her-friend-gary-in-glendale/
console-api	log	URL: http://tag.vlitag.com/v1/1625726623/54e09c31ad7d306ae43be19b235e354f.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: http://tag.vlitag.com/v1/1625726623/54e09c31ad7d306ae43be19b235e354f.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439) Message: TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.impactify.io
ads.pubmatic.com
ads.us.e-planning.net
adserve.mahimeta.com
adservice.google.com
adservice.google.de
ajax.cloudflare.com
ajax.googleapis.com
ap.lijit.com
assets.vlitag.com
bidder.criteo.com
btlr.sharethrough.com
c.sharethis.mgr.consensu.org
c1.adform.net
cdn.adnxs-simple.com
cdn.contentspread.net
cdn.jsdelivr.net
cdn2.lockerdomecdn.com
celebs.gallery
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
dsum-sec.casalemedia.com
dvr.impactify.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hal9000.redintelligence.net
hal90002.redintelligence.net
hal900025.redintelligence.net
hosupshunk.com
ib.adnxs-simple.com
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
l.sharethis.com
lockerdome.com
mahimeta.com
match.adsrvr.org
match.deepintent.com
maxcdn.bootstrapcdn.com
ms.quantumdex.io
nep.advangelists.com
nym1-ib.adnxs-simple.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
px.owneriq.net
quantumsyndication.com
rtb.adentifi.com
s.amazon-adsystem.com
s10.histats.com
s4.histats.com
securepubads.g.doubleclick.net
services.vlitag.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
stats.vlitag.com
sync-tm.everesttech.net
sync.go.sonobi.com
sync.quantumdex.io
tag.vlitag.com
tags.mathtag.com
tg1.aniview.com
tpc.googlesyndication.com
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
useast.quantumdex.io
w.sharethis.com
waust.at
web.facebook.com
web.hb.ad.cpe.dotomi.com
whos.amung.us
www.celebzz.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.111.242.53
104.154.142.214
136.144.59.88
138.201.84.245
142.250.181.226
142.250.184.194
144.76.238.55
151.101.14.49
151.139.242.29
159.253.128.188
169.197.150.8
178.162.133.149
178.250.0.165
184.30.20.207
185.184.8.65
185.29.133.52
185.33.220.244
185.33.221.53
185.64.190.78
192.99.0.58
193.0.160.129
2.18.232.130
2.18.233.180
2.18.234.21
216.52.2.30
2600:9000:20eb:e400:3:c04e:c780:93a1
2600:9000:21f3:6400:c:a9b7:ddc0:93a1
2606:4700:20::681a:34e
2606:4700:20::681a:eee
2606:4700:20::681a:fee
2606:4700:20::ac43:4597
2606:4700:20::ac43:4739
2606:4700:3031::ac43:c8b2
2606:4700:3032::ac43:d513
2606:4700:3036::ac43:998d
2606:4700::6810:a823
2606:4700::6812:acf
2606:4700::6812:e13
2a00:1288:110:c305::8000
2a00:1450:4001:800::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::200a
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:400c:c08::9b
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00:2ab::2c79
2a02:fa8:8806:16::1460
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::485
3.120.242.149
3.126.56.137
35.171.130.4
37.157.3.28
37.48.65.153
46.105.201.240
46.4.10.47
5.178.65.246
51.178.20.139
51.195.131.226
51.75.147.170
51.89.9.253
52.28.254.214
52.29.0.64
52.29.213.60
52.30.135.179
52.45.128.104
52.94.232.32
54.204.142.198
67.202.110.21
67.202.94.93
68.67.179.90
76.223.111.131
91.228.74.226
002c7038bcab10a8b618a655984729abe996fc39f412ae07df5a37641985a3c4
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
032b19d131b735f2ffb20bed03574dc1a05b3413cdc9f9ab0a9efd5bfb2353dd
0446457ca648e3281c36ac2428533b91ed017fc27a568cfc0b5fa6bd2d335782
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
088236b792355b4c310c126abfb78bea090b331ab1008766b9808a1c5a610560
0914701ad443e5f9b78f0895e4078e63d3c29764d39fa5770eb62e9937039344
098dbb4f0ccd1e14006e4d4cf3689b4f85753f80f1796ae7d6238c75ceb98b2a
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140
134f166c1a9db6ecf96496d588dfc365d5cfb8e1e65468599540df7cc31a60cc
15768fbc776d23248d701ec52af72cbbafb1edde6865c4528eb10025aac7f355
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185ec6209504453558c6ca11546382553fd756df793146e7b648ed88a3bc1e09
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e7d37655cb5bde289f377edc0d853e0850c0f7ee432d92caf2702b2f3d7b1de
1f1ec090d95eb926a34a7c859713b9aefaac58f741c38f7f31130296e4688c44
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2661ef602de22f915ee03967ecc437feed5d07f8297884dbe43fe85ea9aa7e91
27350434bc6316cf661b799d1dd89ca27672bb5862fd1fca66cf6616cd38d2f2
27afccdb7198eef318c703504ceef913a46f44f00b734a88cb2f3c02c4d38701
28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253
2a0193c2735ae8702ec837a4f1298c1fe6b384b3e7a1c80db21c87c73a6db5c4
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e16eb6d5a9c95192e441cfdb3a486ce4275bc9c7811ba2857eaebe9f949b0d8
2f8ca415bb87ce967f974efd9862e2fadf44c7bb939abffe54c768856ccc23a6
353af19fb5dc719ef8c08db5eed3ab35d0fa2cce91a417a7303209cf20b5755a
36a5f17ae509df64e4429c2c9260ddd7434473d7b5427e6f797d71b0558eff2a
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda
3f321551026a4b9cfe6c04a5cf27a46b4d676bf868a33df8975fd9685d0cf79a
41346e6cc0183243d649cd4a14c2e55c64822f9c526cb78763532611bdf208e4
42de001995e87984e667fe12f86ffc287a31f9f47d12403c55daa7846072e315
452eaaa600a5a36fea4cf8b7fb349686e36106876a2a74efcff1291476f9c6b7
4618fd944b60db0ec6ecf5aef73181ebf9fb4022596af42f729a69f646bf012e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b11c95118b3eb3f49d4fbe5a3bf9777846263f72602745e3be775c65e64829d
4d8790a1b64661b91867073f252f9f06fc5a6bbee6a6d7c1949d2a8f573ae99e
4f4ed318db35c5f69af7305536516e10419a8a2ce9459ff38149fad2a5602c1c
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5303d3dd47ea0e46cdb18dd3074284010e48d10ad64ccc042732374059c1cf0f
53417ec988e367ec68eeedb23bd8e773abb0e38d47da0f028c6da3bf28635ee1
53711afd86ecc21dff5318d62d32ff928991f77181a845d3ec99b2fd2b844c0a
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c26a6237909d2b6ea9ce62f59a02af51bd25af788fa940371341e6d9b9a92c
58869f44d637b47ec364672d4275b69f7d38b117ab33e0ce6c84d739e192202e
598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd
5a24ea7bc62ed1297e6ee429972594715a642353ae70ae060c6851fae6b08ae1
5cb0002d3437280a632e9d1c4e8cab3d325369f209a379dbd5e7cba1a6bb92a0
5cce2306a2b7a641280a0e61d53b3cd645edb91d9389edaa2ba961a29337cfc0
5f2bb94940413e0bfcb3354195eba35e2101005ca0195fc53489a065892f5cf3
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6183659cb22d77ae18c90d5799e76c5c2f96f06868c29dc39925ffcb29144109
631a14305b79d9763d09570f3fdad0478484b27b0cf61f5196b3b954b8bc0db0
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
647f43cd0cfdbafe354249e2c9831cc97c843fe0e44a726febdfb956bd1d25c5
6519bf5f34c7350ecc7ee3621e42d7026fc7df7a4d2d22550310ed189c507d43
66531754f37720a31ccdf6ada0be85ca12ca076cfa10648ca3336b1fe2cbb7ba
69e10d1e8491820cc1e05ead1fd62f8048a63e9450f7b54b626eda195e7899e5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6eddbd3e3c79d1e82e9b51ac236a9555f958312adbae806f2f873260afaae3bb
6efdaac3e400114ed280c3fbc1560d180b3ad063a5b8e942d1c189fb8599c92e
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
77dc4e5bc1c42cd2a6f390b77286de6df5f0ead908357a4c0df4c2de59f60716
78daecc5bdee5fce53c24de665504fb159649124c5fecf1a4f05f8f19cf03610
7ef094c6e01e887d9e844323dbafd3c445c5462fe8e2b3241abade6493321bab
80a0bd3b32710ca6dd574142f88dc3c5fc556364677e289f554e516500c6dddf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83aa3ecb7b747db5d4b18b939eaf48357bf34fc839b041de1173ed1c3b6bef36
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
85d76f2a01b0cf98c4938262a4740b2c36ec66b3a5adf6cd6fb816e44a38549f
8a09dc565353596a2bec548bc93c0d7746486f5fc9eb2bd25f04c1d56c26d770
8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6
8beef6704960cc2225b7ea9d96ba8724862fc453ac4ea2f8a63e8dbee51ebeb9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e09a10fbbcb590fefc81d2ccd10bbd4a300ae576863ef13bdef7e64db919383
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
92cc1bccf53cf6d8724ecb81535a1e013846d1d3cbd27349beb9c21c92d690cd
9348b017fadafe5f39845f4119774abcb5a47c1337590a05ff878aa4222e29b8
9601e1acbb8556de070ae1e0b64ab8c5f026981a574e5f14e6c22f9a536901b4
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
9b0e90031be582284c8de54cd2025277e48978d2a11ede156916ffeb86d82b7c
9ec8ba4d619a1d4d95d6a496985bb1225642efbf15204ee61d32f5ce226d80ac
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a24bf435f35ac214cad692735eb2f8a9235101f45c115b1ef1265cc275cf3c50
a250c006d6b747d0c6f489b530218db1547979de974f3c9b5ac51aef8c3ae735
a258fa2108c7a4579876f75154378f19e3ee8af7753499bad8bfb18b56cb6dfc
a2e83d463c96dd7168b0a4f9b8484f3e780e2f09bf18c8672b510d94fd624d62
a32a0979a6df38c40b78464d687786e7a1b031ce6035ff8db38c3e09fca76a2b
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a47fbbfec5b3f871b929fb2e437576268a1858385fe8cb52b121b8d6e7e23b9c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6249f68a343ae0e1222b111b665e867524261aa0fadcb24fb5761dacd67f27f
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa1850297af666e23fe2d1fb059c82fe1a7f77350616272dff6759fd832f947c
aac59866087fa855619da8881d3e9e18c9d4b263a917033d54f2e0daae6ba143
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ace3eab41425ddbab51b21f62b12c3e73f7f481499b86e5aa518cf51461fb442
adde6bf4af70bdf43fb3a175f9a763903f4abb329a37d5a2ecc293a6b8256e74
aedf443654dc81c3d47487a64d2a9e9e39b1ecde3595814b658be0f159335a22
b12be37b7d385b712da5a3971ab47e373cc65d7f23ee9a22eedb5c73b0ff7ae5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b8863a8d2fadc833b8819333b7ca97ec9fd9347f7b432fa74ccfe0e98451bb
b2b917bb783aefa376b929952e1d312ce2dca9b444ca7e9e00aadd96ee87a94c
b2f4d057d1878d9f21ea9ece93f685424eda71fe31f2f1e431881fd470802d40
b63d3a021bc40338676b7587fc61214da3ab273779ffa0a97b1a94921f655734
b75803202c57c3b9dddebf77203203bb340d2d007e8c3dbb7781866f337e44f7
b7a66c0cb964ac30903ab4db3f91847f5ce265c9f5aaed47c00d8154a9eab121
b7fdb4419c1fe2d672a655357825c3b27ffc89500caa9aae2b8749f9eb497ecd
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
b87351929a01e63e0a858044ade68bd2117f1b83d10b41e52c3ebde2b9b68544
b98b47a282eb415846fd2d98effe2eb604c9462c0670858b988f6aebbe35f0a3
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
baf13cf4d7e93dfda61adf7d25fef65fb50076834e244d2f4aa1f93371258482
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
be01b23a6ab9ef9dbe693126fe64fcca0b073cbb6fd60f9ceb3a8a5355218855
c03337c533f0262395baad10ca8f438f4711916e0e3136ce10ebc94cbb2021f3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c239706ac91ab82f62386459b84e33159cab9be74b3de6149cc86c1c5e9b44e9
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c4fc2c7ff564a1d17ae55020d3c8e5ad64fa3389101d1700f91b3d9683e74117
c5dc880eea643173ab8ba638d79fa8b32addce71dc238ed069b1033cebeb97bc
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c785cab5bb9f425d18932b129f531ec6c9ab1dc79f5106e8ed883606f42e1172
c7bcbdc228e908f62aded415c1d653a51120a39596a57eee46a352c88dac52bc
c971ec4829376335946d1beaa191f2c64a48e8954b422dea372c2d9029177b9b
cc509eb00731e251705ecd5f85d545f2d10db63bc03e715d949f30a49f9b8691
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf53475933a3501e640b0ddee2ee40938cc086ec446be3362964feed16dc7412
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d4fec1e4b91d6489adf3868159e607bcfc0ae733414d2992330346c4da9ea3f9
ddfa11b105202603c2ae73f6cd3b7b2248f7deec238bcbf0f8bc98df13f34bf1
df29a177ab199f9590887e0a5e803306bf9af1bf68a274118968a99cd58dfef0
e143dde7f7d21d4e0f6e4716640cb627a2399893163a165820db381330358984
e185fc9d1ca30cfce22382c0659138d12b8287a8a7ee2f76f6664e2bc005a9bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50ee18363e5cbeeee6971e87db129273eaa73c212e8cb76a69c59a1b07eb8aa
e58ad0cdda0f2c0b14cbb8d59a233e419322aa64ce399a1a96d3a58beb86b74c
e7f937942475665b3fb41633d9df5bcec1423c5424b43000b34120dfcef6d42e
e886f8e30f47a959f2f3bfc2de5eb4a112624916f87a438a747eab36691bc643
ea666b0953da9928fad569dd20e99bc4900935a2ba63f82246e4d0c4012e1970
edb74d79e9a515cd48eccaf21d1e1025d384a0e6378750218dcb51983ef93069
edefddb5552b8049c93a08a46ffcecf569edd61e065ac9c8b74b73c86136bc66
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b92945f599cd606acb1d5bf60b30d1f6a6b4cee0ff6cb8ea0a29e6903a8cae
f1467dff3c6fec51a3537ec2d6297803c59aada8a0ce9b1e1a40b8520ce3e23b
f2201be2229d85eaab9119892f6106afd74c085240f34ea014d901366b614034
f8284365ba340253ee9c71cfb5efcc37f10a23e8b8b5dd134ec7bbab05073845
f924eb76b06a7fe3dd80d5e2b8f985f46553cde627eee1c6d6572cf56ff14cdd
fcb3152f4faab396c084afee41f3c5daefea1a0cd3619a2e7c1d706efb4a5f67

www.celebzz.com Open in urlscan Pro 2606:4700:3031::ac43:c8b2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

346 Requests

76 %HTTPS

42 %IPv6

66 Domains

92 Subdomains

74 IPs

9 Countries

2310 kBTransfer

5405 kBSize

16 Cookies

7 Outgoing links

Page URL History

Redirected requests

346 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.celebzz.com Open in urlscan Pro
2606:4700:3031::ac43:c8b2 Public Scan

Screenshot
Live screenshot

Full Image

346
Requests

76 %
HTTPS

42 %
IPv6

66
Domains

92
Subdomains

74
IPs

9
Countries

2310 kB
Transfer

5405 kB
Size

16
Cookies

346 HTTP transactions
4 data transactions