urlscan.io logo urlscan.io
SecurityTrails logo

celebwell.com Open in urlscan Pro
2606:4700::6812:b6f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://celebwell.com/
Effective URL: https://celebwell.com/
Submission: On December 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 57 IPs in 8 countries across 39 domains to perform 149 HTTP transactions. The main IP is 2606:4700::6812:b6f, located in United States and belongs to CLOUDFLARENET, US. The main domain is celebwell.com. The Cisco Umbrella rank of the primary domain is 282275.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 30th 2023. Valid for: a year.
This is the only time celebwell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.18.11.111 13335 (CLOUDFLAR...)
1 29 2606:4700::68... 13335 (CLOUDFLAR...)
1 65.9.61.60 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.233.132.210 14618 (AMAZON-AES)
1 54.155.18.159 16509 (AMAZON-02)
1 20.40.202.0 8075 (MICROSOFT...)
1 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:264... 16509 (AMAZON-02)
1 104.18.38.76 13335 (CLOUDFLAR...)
5 52.222.208.154 16509 (AMAZON-02)
1 2600:9000:20a... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 52.223.40.198 16509 (AMAZON-02)
1 52.1.43.208 14618 (AMAZON-AES)
1 2001:4860:480... 15169 (GOOGLE)
3 13.227.219.79 16509 (AMAZON-02)
2 18.239.69.72 16509 (AMAZON-02)
1 184.30.211.26 16625 (AKAMAI-AS)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.222.239.116 16509 (AMAZON-02)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 3.73.254.34 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 18.156.195.47 16509 (AMAZON-02)
1 2602:803:c003... 26667 (RUBICONPR...)
1 3 185.89.210.141 29990 (ASN-APPNEX)
2 5 172.64.151.101 13335 (CLOUDFLAR...)
1 18.239.18.66 16509 (AMAZON-02)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
2 18.239.83.45 16509 (AMAZON-02)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
1 34.120.253.250 396982 (GOOGLE-CL...)
1 34.98.64.218 396982 (GOOGLE-CL...)
7 34.98.72.95 396982 (GOOGLE-CL...)
14 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 162.19.138.120 16276 (OVH)
5 34.111.8.32 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 162.19.138.83 16276 (OVH)
3 4 172.217.18.2 15169 (GOOGLE)
1 2.18.96.187 16625 (AKAMAI-AS)
2 2 35.207.48.122 ()
1 35.157.253.10 ()
1 185.64.190.78 62713 (AS-PUBMATIC)
12 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.34 15169 (GOOGLE)
149 57
1    104.18.11.111 (None, )

ASN13335 (CLOUDFLARENET, US)
celebwell.com
29    2606:4700::6812:b6f (United States)

ASN13335 (CLOUDFLARENET, US)
celebwell.com
1    65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net
cdn.parsely.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
4    2606:4700::6813:d483 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lightboxcdn.com
1    3.233.132.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-132-210.compute-1.amazonaws.com
api.parsely.com
1    54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
p1.parsely.com
1    20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lightboxapi.azurewebsites.net
1    2600:9000:223f:ec00:d:2820:3bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
karma.mdpcdn.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2600:9000:2644:6600:19:bcbe:a700:21 (United States)

ASN16509 (AMAZON-02, US)
d30qdagvt44524.cloudfront.net
1    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
5    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:20ab:4400:11:e0c9:84c0:21 (United States)

ASN16509 (AMAZON-02, US)
d9jj3mjthpub.cloudfront.net
1    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    52.1.43.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-43-208.compute-1.amazonaws.com
id.sv.rkdms.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    13.227.219.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-79.ams54.r.cloudfront.net
config.aps.amazon-adsystem.com
2    18.239.69.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-72.ams58.r.cloudfront.net
launchpad-wrapper.privacymanager.io
1    184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
3    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    52.222.239.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-239-116.fra56.r.cloudfront.net
aax.amazon-adsystem.com
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    3.73.254.34 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-254-34.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    2602:803:c003:200::44 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
5    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
1    18.239.18.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-66.ams58.r.cloudfront.net
launchpad.privacymanager.io
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
2    18.239.83.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-45.ams58.r.cloudfront.net
geo.privacymanager.io
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
1    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.wknd.ai
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
7    34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
14    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com
1    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
7    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
5    34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com
api.bounceexchange.com
contextual-analytics.wunderkind.co
events.bouncex.net
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
4    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
cm.g.doubleclick.net
1    2.18.96.187 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-96-187.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    35.207.48.122 (None, )

ASN- ()
ssp.behave.com
1    35.157.253.10 (None, )

ASN- ()
x.bidswitch.net
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
12    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads4.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
30 celebwell.com
celebwell.com — Cisco Umbrella Rank: 282275
505 KB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
142 KB
12 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
594 KB
12 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
215 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
81 KB
8 bounceexchange.com
assets.bounceexchange.com — Cisco Umbrella Rank: 2050
api.bounceexchange.com — Cisco Umbrella Rank: 2223
192 KB
5 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
3 KB
5 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3016
launchpad.privacymanager.io — Cisco Umbrella Rank: 2702
geo.privacymanager.io — Cisco Umbrella Rank: 2070
31 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
100 KB
4 lightboxcdn.com
www.lightboxcdn.com — Cisco Umbrella Rank: 5638
147 KB
3 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 1871
357 B
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
7 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
785 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
3 KB
3 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
6 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
3 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3052
api.parsely.com — Cisco Umbrella Rank: 9261
p1.parsely.com — Cisco Umbrella Rank: 2300
25 KB
2 behave.com
ssp.behave.com
596 B
2 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 3029
785 B
2 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1196
x.bidswitch.net
509 B
2 cloudfront.net
d30qdagvt44524.cloudfront.net
d9jj3mjthpub.cloudfront.net
839 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
162 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2814
pixel.wp.com — Cisco Umbrella Rank: 2796
3 KB
1 wunderkind.co
contextual-analytics.wunderkind.co — Cisco Umbrella Rank: 3193
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
65 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
273 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2199
1 wknd.ai
tag.wknd.ai — Cisco Umbrella Rank: 3860
2 KB
1 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
646 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
13 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042
17 KB
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5557
229 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
420 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 983
349 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
12 KB
1 mdpcdn.com
karma.mdpcdn.com — Cisco Umbrella Rank: 93649
109 KB
1 azurewebsites.net
lightboxapi.azurewebsites.net — Cisco Umbrella Rank: 29736
951 B
149 39
Domain Requested by
30 celebwell.com 2 redirects celebwell.com
14 pagead2.googlesyndication.com securepubads.g.doubleclick.net
670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
12 s0.2mdn.net celebwell.com
s0.2mdn.net
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com
celebwell.com
7 assets.bounceexchange.com tag.wknd.ai
assets.bounceexchange.com
5 c.amazon-adsystem.com karma.mdpcdn.com
c.amazon-adsystem.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 www.lightboxcdn.com celebwell.com
www.lightboxcdn.com
3 events.bouncex.net
3 ib.adnxs.com 1 redirects karma.mdpcdn.com
googleads.g.doubleclick.net
3 cdn.id5-sync.com celebwell.com
3 config.aps.amazon-adsystem.com c.amazon-adsystem.com
3 securepubads.g.doubleclick.net karma.mdpcdn.com
securepubads.g.doubleclick.net
2 googleads4.g.doubleclick.net celebwell.com
2 ssp.behave.com 2 redirects
2 googleads.g.doubleclick.net 670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com
pagead2.googlesyndication.com
2 670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 gum.criteo.com 1 redirects static.criteo.net
2 geo.privacymanager.io launchpad.privacymanager.io
2 oajs.openx.net 1 redirects
2 c2shb.ssp.yahoo.com karma.mdpcdn.com
2 launchpad-wrapper.privacymanager.io celebwell.com
2 www.googletagmanager.com celebwell.com
2 www.google-analytics.com celebwell.com
www.google-analytics.com
1 image6.pubmatic.com ads.pubmatic.com
1 x.bidswitch.net
1 contextual-analytics.wunderkind.co assets.bounceexchange.com
1 ads.pubmatic.com assets.bounceexchange.com
1 id5-sync.com cdn.id5-sync.com
1 www.googletagservices.com 670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com
1 api.bounceexchange.com assets.bounceexchange.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 www.google.com tpc.googlesyndication.com
1 script.crazyegg.com celebwell.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 tag.wknd.ai celebwell.com
1 mug.criteo.com
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 htlb.casalemedia.com karma.mdpcdn.com
1 fastlane.rubiconproject.com karma.mdpcdn.com
1 hbopenbid.pubmatic.com karma.mdpcdn.com
1 grid.bidswitch.net karma.mdpcdn.com
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 secure.cdn.fastclick.net celebwell.com
1 region1.google-analytics.com www.googletagmanager.com
1 id.sv.rkdms.com js-sec.indexww.com
1 match.adsrvr.org js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
1 stats.g.doubleclick.net www.google-analytics.com
1 d9jj3mjthpub.cloudfront.net
1 js-sec.indexww.com karma.mdpcdn.com
1 d30qdagvt44524.cloudfront.net karma.mdpcdn.com
1 karma.mdpcdn.com celebwell.com
1 lightboxapi.azurewebsites.net www.lightboxcdn.com
1 pixel.wp.com celebwell.com
1 p1.parsely.com celebwell.com
1 api.parsely.com celebwell.com
1 stats.wp.com celebwell.com
1 cdn.parsely.com celebwell.com
149 62

This site contains links to these domains. Also see Links.

Domain
www.galvanizedbooks.com
galvanized.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-30 -
2024-01-29		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
lightboxcdn.com
Cloudflare Inc ECC CA-3		 2023-10-09 -
2024-10-08		 a year crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 02		 2023-10-31 -
2024-06-27		 8 months crt.sh
karma.mdpcdn.com
Amazon RSA 2048 M02		 2023-04-02 -
2024-04-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
rkdms.com
Amazon RSA 2048 M03		 2023-10-04 -
2024-11-01		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-17 -
2024-04-10		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
tag.wknd.ai
R3		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2023-11-20 -
2024-02-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.wunderkind.co
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 14 frames:

Primary Page: https://celebwell.com/
Frame ID: C36BB763172F297CFA90248990B84E7D
Requests: 99 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/7ff8b1cd-1d19-446f-83fc-08706559ea09/lightbox.js?mb=1703174750349&lv=1
Frame ID: E47FF10BE89111AE93C0FE2EF7C6316E
Requests: 2 HTTP requests in this frame

Frame: https://celebwell.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 78FDC8736EA67C39B9109BD790A5DA40
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=celebwell.com
Frame ID: 70C7E796C0A4EAB5C843660EA06BE745
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 36BBD7A86C619B0CDE6787229BBA73C0
Requests: 1 HTTP requests in this frame

Frame: https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 320C79E2342E468E3835881B8B990DB1
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 4347E25D4BABE58A0A1162FE9158AFDB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 09375AD3D4A1347BDEDAC3EE58DAD118
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A62B502C833639BA3C34141896DD8979
Requests: 2 HTTP requests in this frame

Frame: https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CD5F462DBD93B9598482DC88E797F1F4
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO2kZoFEKzPwqIFGKi4-PoBMAE&v=APEucNVPgQpFc_0iYMI2KXQ1we9wJD4sbaJLYy8RMsuM2py5Vzt-Yow_s738hHDZDuOq-N5zVZhiQxwUQPLoQhfVE-qt319lo-tsoii2z0UXMnZy_7DByWV8rylZbdIbHZ6eI-DJu3b2BitYo1AyPJfJJwt1c45Gd3ZRwKZ2DPQdnL60oUggVRbwE8WTCGinZaxI9os563ieWD3AMl35-iwbHNSjt2-8kQ
Frame ID: 6B4F5496B0B13D84C21F6978FF68C15E
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Frame ID: F32D2B00CC8E93A38C42D538A4CECE68
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 30EF30E93E7A195C2171F64277D8AD85
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
Frame ID: 7E8F2D5C7593AAE57C8BF6970E1CF848
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Celebwell: Health, Nutrition, Weight Loss & Recipes

Page URL History Show full URLs

  1. http://celebwell.com/ HTTP 301
    https://celebwell.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

149
Requests

95 %
HTTPS

38 %
IPv6

39
Domains

62
Subdomains

57
IPs

8
Countries

2467 kB
Transfer

6252 kB
Size

40
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://celebwell.com/ HTTP 301
    https://celebwell.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://celebwell.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://celebwell.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Request Chain 72
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fcelebwell.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fcelebwell.com%2F&rid=esp&cc=1
Request Chain 81
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=celebwell.com&sn=ChromeSyncframe&so=0&topUrl=celebwell.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=3zoPvnw1WUE2dTNNV1hrcG85VFJWVmw5b0p5amFtcjMyU2xLZ1pBUUl3ZEcyNVIrNDFVNGRwRzNsUWY4cUp2cVlLblBvLy9aSTJla24zZGdJVHFCNlRZY3MveDU5TUtXODBKdk5SL2Y1bC9wOStsbnVoL2kyTlMrUmltWWxkTkVuUGhyUFIwVTJxVHFUSkZ4eEVYbUlmZkwvZjFScFRkZkhUcGU3TWo3WldSSS90a0tNc2tWcWZkak10NEVQR25EOEw5RVJGRFp5Q1JKNS9raThOR2VQbldERjNrM1VtTEh0aVR5RExTNnh3THVoNERrSHRmdEJaR0NhaU0zTGU2ZmtUVXB1eVUrY0l1N3BScTJYckNBYlBreFdCQT09fA&cppv=2
Request Chain 113
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhQ4WwILGjPyba3PC8Lb3M&google_cver=1
Request Chain 114
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYRiYUTMRgYTlqIO07pnpQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhQ4WwILGjPyba3PC8Lb3M&google_cver=1
Request Chain 115
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENoWzfnogmMFQmZBp3QmpXg&google_cver=1
Request Chain 116
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2NzY0MjcwNzg2NTg5MTQxNA%3D%3D
Request Chain 122
  • https://ssp.behave.com/push_sync HTTP 302
  • https://ssp.behave.com/ul_cb/push_sync HTTP 302
  • https://x.bidswitch.net/sync?ssp=bouncex

149 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
celebwell.com/
Redirect Chain
  • http://celebwell.com/
  • https://celebwell.com/
187 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordPress VIP <https://wpvip.com>
Resource Hash
ee0c0842fce5cce6d8eda6c8a60af21f833158dd35a69098a7031cd787740c34

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=14400
cf-apo-via
origin,miss
cf-cache-status
MISS
cf-edge-cache
cache,platform=wordpress
cf-ray
83915e69790abb9e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 21 Dec 2023 16:05:50 GMT
expires
Thu, 21 Dec 2023 20:05:50 GMT
host-header
a9130478a60e5f9135f765b23f26593b
last-modified
Thu, 21 Dec 2023 16:05:50 GMT
link
<https://celebwell.com/wp-json/>; rel="https://api.w.org/"
server
cloudflare
vary
Accept-Encoding
x-cache
miss
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
hhn1 85 188 443

Redirect headers

CF-Cache-Status
MISS
CF-Ray
83915e683c053bc4-WAW
Cache-Control
public, max-age=14400
Connection
keep-alive
Content-Type
text/html
Date
Thu, 21 Dec 2023 16:05:49 GMT
Expires
Thu, 21 Dec 2023 20:05:49 GMT
Location
https://celebwell.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
cf-apo-via
origin,resnok
main-concat.css
celebwell.com/wp-content/themes/celebwell/css/ 		125 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-content/themes/celebwell/css/main-concat.css?ver=1703154934
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13ff3a4f4a015b6ed6b3c7d6036a8a72759e179b28b865de695636bbc43da180

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
x-rq
ams7 85 187 443
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 10:35:34 GMT
server
cloudflare
age
16730
etag
W/"658414f6-1f240"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83915e6d2e40bb9e-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Dec 2024 16:05:50 GMT
lato-v17-latin-ext_latin-700.woff2
celebwell.com/wp-content/themes/celebwell/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-content/themes/celebwell/fonts/lato-v17-latin-ext_latin-700.woff2
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f254eb93b015455a3c89aaf970631bc989fe2bd387f79e871b514992359651aa

Request headers

Referer
https://celebwell.com/
Origin
https://celebwell.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
cf-cache-status
HIT
age
1760107
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
24712
x-rq
ams7 85 187 443
last-modified
Wed, 07 Dec 2022 16:57:12 GMT
server
cloudflare
etag
"6390c5e8-6088"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83915e6d2e43bb9e-FRA
expires
Fri, 20 Dec 2024 16:05:50 GMT
lato-v17-latin-ext_latin-regular.woff2
celebwell.com/wp-content/themes/celebwell/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-content/themes/celebwell/fonts/lato-v17-latin-ext_latin-regular.woff2
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3cf4861c7d0c966f0ed6564f6aad6b28cbd3421a9ca4f60e2246848d249f196

Request headers

Referer
https://celebwell.com/
Origin
https://celebwell.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
cf-cache-status
HIT
age
2029320
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
25320
x-rq
ams7 85 188 443
last-modified
Tue, 28 Feb 2023 14:53:30 GMT
server
cloudflare
etag
"63fe156a-62e8"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83915e6d2e44bb9e-FRA
expires
Fri, 20 Dec 2024 16:05:50 GMT
gnp.css
celebwell.com/wp-content/client-mu-plugins/galvanized-network-plugin/build/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-content/client-mu-plugins/galvanized-network-plugin/build/css/gnp.css?ver=a782de1c14c493ab641d
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ee48dbf236caab6a025a981115ba3c09c3183ff93852cb38f35590599b8f0b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
x-rq
ams7 85 187 443
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 20:48:04 GMT
server
cloudflare
age
64911
etag
W/"65835304-20d9"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83915e6d2e42bb9e-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Dec 2024 16:05:50 GMT
cw-logo.svg
celebwell.com/wp-content/themes/celebwell/img/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/themes/celebwell/img/cw-logo.svg
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
285a3410b6c9daa6ec89ea2baf9c18290c37377fea84957c59211418a575717e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
x-rq
ams7 85 187 443
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Jul 2023 13:36:57 GMT
server
cloudflare
age
1847719
etag
W/"64aeac79-a39"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
83915e6d2e46bb9e-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Dec 2024 16:05:50 GMT
wp-polyfill-inert.min.js
celebwell.com/wp-includes/js/dist/vendor/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
x-rq
hhn1 85 187 443
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Dec 2023 23:23:59 GMT
server
cloudflare
age
590516
etag
W/"6571028f-1feb"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
83915e6dcaaa361e-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Dec 2024 16:05:50 GMT
regenerator-runtime.min.js
celebwell.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
x-rq
ams7 85 188 443
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 23:27:25 GMT
server
cloudflare
age
1847865
etag
W/"654ac7dd-19cf"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
83915e6dcaad361e-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Dec 2024 16:05:50 GMT
wp-polyfill.min.js
celebwell.com/wp-includes/js/dist/vendor/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
x-rq
ams7 85 187 443
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Dec 2023 23:23:59 GMT
server
cloudflare
age
69708
etag
W/"6571028f-3f12"
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
83915e6dcab0361e-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Dec 2024 16:05:50 GMT
hooks.min.js
celebwell.com/wp-includes/js/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
x-rq
hhn1 85 187 443
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 23:27:25 GMT
server
cloudflare
age
2585613
etag
W/"654ac7dd-1213"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
83915e6dcab4361e-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Dec 2024 16:05:50 GMT
i18n.min.js
celebwell.com/wp-includes/js/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
x-rq
hhn1 85 188 443
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Dec 2023 23:23:59 GMT
server
cloudflare
age
17618
etag
W/"6571028f-24e5"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
83915e6dcab6361e-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Dec 2024 16:05:50 GMT
loader.js
celebwell.com/wp-content/plugins/wp-parsely/build/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-content/plugins/wp-parsely/build/loader.js?ver=f5c2d06f6755fda3f6d4
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57298ae9c2168c3f86b4f4e67b9b6a222ce706ed3c8191f391c03d37760d253e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
x-rq
ams7 85 187 443
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 10:35:34 GMT
server
cloudflare
age
17618
etag
W/"658414f6-bf9"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
83915e6dcab8361e-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Dec 2024 16:05:50 GMT
p.js
cdn.parsely.com/keys/celebwell.com/ 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/celebwell.com/p.js?ver=3.12.0
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-60.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
2114347e3add7fb4a53d7e68ac895f0e08c63946c29e1f4c6359eb6632386ea4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Thu, 21 Dec 2023 04:43:06 GMT
content-encoding
gzip
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
last-modified
Mon, 27 Mar 2023 22:07:10 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
40964
etag
W/"6422138e-10295"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
nyBS__9WHHn0U2A3VFkcC56eCiFDNOvWZ0CzpzECYElbmfntAsZjdg==
expires
Fri, 22 Dec 2023 04:43:06 GMT
bundle.min.js
celebwell.com/wp-content/themes/celebwell/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-content/themes/celebwell/js/bundle.min.js?ver=1703154934
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed97b9643891f1052dfb85a4f54f9000a83560f0251d890f3faf458ecba4473d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
x-rq
hhn1 85 188 443
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 10:35:34 GMT
server
cloudflare
age
17618
etag
W/"658414f6-4e23"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
83915e6dcaba361e-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Dec 2024 16:05:50 GMT
e-202351.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202351.js
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Thu, 21 Dec 2023 16:05:50 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684464982353.1523
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Tue, 10 Dec 2024 14:24:55 GMT
lightbox.js
www.lightboxcdn.com/vendor/7ff8b1cd-1d19-446f-83fc-08706559ea09/ Frame E47F 		501 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/7ff8b1cd-1d19-446f-83fc-08706559ea09/lightbox.js?mb=1703174750349&lv=1
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dae865b863756e3617457d112675be3fffd832671e4729353ad909568dab29db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 15:57:31 GMT
server
cloudflare
age
499
cf-polished
origSize=510
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cf-ray
83915e6ebe19915e-FRA
truncated
/ 		72 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89856c49e35cf6ad2dc136c06577867b927986003088301825c26a3024da075c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2fdaa56f0e149ce7ad773f2da520291429cee9ef8b9e0d8ca08073d3c7223ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7bff2bee16591d47fe4fb207367c7cbe12b95fa066be434e632a2ef0614027c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
profile
api.parsely.com/v2/ 		237 B
670 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.parsely.com/v2/profile?apikey=celebwell.com&uuid=pid%3D1a37cfc6-535e-4afa-af86-81e08063eb85&url=https%3A%2F%2Fcelebwell.com%2F
Requested by
Host: celebwell.com
URL: https://celebwell.com/wp-content/plugins/wp-parsely/build/loader.js?ver=f5c2d06f6755fda3f6d4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.132.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-132-210.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0257ada135b20b5b030fd3e5bdef0766f432bdf0e0016c75bcf82e28f14d2472

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 21 Dec 2023 16:05:50 GMT
server
nginx
content-length
237
content-type
application/json
/
p1.parsely.com/plogger/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1703174750528&plid=5683798d-c664-4da0-80a9-f0c983351aae&idsite=celebwell.com&url=https%3A%2F%2Fcelebwell.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely%3Ametadata-detection%22%3A%7B%22version%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fcelebwell.com%2F%22%2C%22hash%22%3A-2012876171%7D%7D&sid=1&surl=https%3A%2F%2Fcelebwell.com%2F&sref=&sts=1703174750520&slts=0&title=Celebwell%3A+Health%2C+Nutrition%2C+Weight+Loss+%26+Recipes&date=Thu+Dec+21+2023+17%3A05%3A50+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=90c7cea6-9947-4f08-b33a-a88a68f478ce&u=pid%3D1a37cfc6-535e-4afa-af86-81e08063eb85
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 16:05:50 GMT
Cache-Control
no-cache
Last-Modified
Thursday, 21-Dec-2023 16:05:50 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
g.gif
pixel.wp.com/ 		50 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=196211166&post=0&tz=-5&srv=celebwell.com&hp=vip&j=1%3A12.8.1&host=celebwell.com&ref=&fcp=1629&rand=0.907507055729444
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 21 Dec 2023 16:05:50 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
main.js
celebwell.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 78FD
Redirect Chain
  • https://celebwell.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://celebwell.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H3
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56a06c441dfd00a2d9d717680b7a42204e2054dd98ad155d3f386acec69535e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
83915e6f6ce3361e-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 21 Dec 2023 16:05:50 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
cache-control
max-age=300, public
cf-ray
83915e6f0c65361e-FRA
alt-svc
h3=":443"; ma=86400
Shona.Manderson.Main_.png
celebwell.com/wp-content/uploads/sites/2/2023/12/ 		268 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/uploads/sites/2/2023/12/Shona.Manderson.Main_.png?strip=all&w=1100&h=507&crop=1&w=1100&crop=0,0,1100px,507px
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb9ad3e0fd12e6a32d2a62b8dbb2cb5a40b19605fd9674578345aef2311b3ada

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
x-rq
ams7 109 195 443
cf-cache-status
MISS
last-modified
Thu, 21 Dec 2023 15:15:19 GMT
server
cloudflare
etag
"a14b42f0a3aac848"
vary
Accept, Accept-Encoding
x-cache
HIT
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83915e6f1c74361e-FRA
alt-svc
h3=":443"; ma=86400
content-length
274076
expires
Fri, 20 Dec 2024 16:05:50 GMT
shutterstock_2263145381.jpg
celebwell.com/wp-content/uploads/sites/2/2023/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/uploads/sites/2/2023/12/shutterstock_2263145381.jpg?resize=272,152&quality=82&strip=all
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d9da0a5aa669531b4f9c4da35a729e9a71b07afd95a9878783855a5f31f83f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
x-rq
hhn1 109 30 443
cf-cache-status
MISS
last-modified
Thu, 21 Dec 2023 14:26:59 GMT
server
cloudflare
etag
"a2e2047ecf65f091"
vary
Accept, Accept-Encoding
x-cache
HIT
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83915e6f1c76361e-FRA
alt-svc
h3=":443"; ma=86400
content-length
4160
expires
Fri, 20 Dec 2024 16:05:50 GMT
shutterstock_2278966457.jpg
celebwell.com/wp-content/uploads/sites/2/2023/12/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/uploads/sites/2/2023/12/shutterstock_2278966457.jpg?resize=272,152&quality=82&strip=all
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6076bf46f7910c5bdd9507aec9d3102ee9f24612a1450d47209325789ba16ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
x-rq
hhn1 109 30 443
cf-cache-status
MISS
last-modified
Thu, 21 Dec 2023 14:26:59 GMT
server
cloudflare
etag
"6f088e01ffa8df2b"
vary
Accept, Accept-Encoding
x-cache
HIT
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83915e6f1c78361e-FRA
alt-svc
h3=":443"; ma=86400
content-length
6302
expires
Fri, 20 Dec 2024 16:05:50 GMT
Jenna.de_.Leo_.png
celebwell.com/wp-content/uploads/sites/2/2023/12/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/uploads/sites/2/2023/12/Jenna.de_.Leo_.png?resize=272,152&strip=all
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f6e290b2f8a065e2ecd98b5cf82d3d392146dbbd3c2e7e24f796a6048a80e90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
x-rq
ams7 109 195 443
cf-cache-status
MISS
last-modified
Thu, 21 Dec 2023 13:54:26 GMT
server
cloudflare
etag
"b61027f5afe4d4aa"
vary
Accept, Accept-Encoding
x-cache
HIT
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83915e6f1c79361e-FRA
alt-svc
h3=":443"; ma=86400
content-length
38678
expires
Fri, 20 Dec 2024 16:05:50 GMT
user.js
www.lightboxcdn.com/vendor/7ff8b1cd-1d19-446f-83fc-08706559ea09/ Frame E47F 		706 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/7ff8b1cd-1d19-446f-83fc-08706559ea09/user.js?cb=638386043473265561
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/7ff8b1cd-1d19-446f-83fc-08706559ea09/lightbox.js?mb=1703174750349&lv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
956a243efde51c11758094189afe270cdc8bb79440e57f27874eecd06aa6663f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 21 Dec 2023 16:05:50 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
cNo+EYpNVxQnPn9S9Hs7Nw==
age
167190
cf-polished
origSize=1196319
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 15 Jun 2022 07:45:19 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
e38415d4-501e-0077-76a2-329d71000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
83915e6f1eca915e-FRA
expires
Fri, 20 Dec 2024 16:05:50 GMT
GettyImages-1151534534.jpg
celebwell.com/wp-content/uploads/sites/2/2023/07/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/uploads/sites/2/2023/07/GettyImages-1151534534.jpg?resize=256,186&quality=82&strip=all
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5843a783f6e5ffc663367924473248e7c29356688f6639d879cac0c2c8aa383

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
cf-cache-status
HIT
age
245112
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
6462
x-rq
hhn1 109 142 443
last-modified
Sun, 26 Nov 2023 07:27:32 GMT
server
cloudflare
etag
"b52f24127b35e564"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83915e6fddb0361e-FRA
expires
Fri, 20 Dec 2024 16:05:50 GMT
GettyImages-1154827466.jpg
celebwell.com/wp-content/uploads/sites/2/2023/05/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/uploads/sites/2/2023/05/GettyImages-1154827466.jpg?resize=256,186&quality=82&strip=all
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1f3c3167043eb161d452ca961a7f7d70fbfc26aea86a0c48efca21743b59517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
cf-cache-status
HIT
age
245112
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
10952
x-rq
hhn1 109 30 443
last-modified
Mon, 18 Dec 2023 20:00:38 GMT
server
cloudflare
etag
"a2fbd0439646c3ef"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83915e6fddb5361e-FRA
expires
Fri, 20 Dec 2024 16:05:50 GMT
GettyImages-1456069617.jpg
celebwell.com/wp-content/uploads/sites/2/2023/05/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/uploads/sites/2/2023/05/GettyImages-1456069617.jpg?resize=256,186&quality=82&strip=all
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97f839599b0dfb937be8cc2aff8b5ddd367f5c9ee31abd1dd0550d0fd87944b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
cf-cache-status
HIT
age
245112
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
3794
x-rq
ams7 109 198 443
last-modified
Mon, 18 Dec 2023 17:50:07 GMT
server
cloudflare
etag
"01624c23e932d501"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83915e6fddb6361e-FRA
expires
Fri, 20 Dec 2024 16:05:50 GMT
GettyImages-1487331372.jpg
celebwell.com/wp-content/uploads/sites/2/2023/05/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/uploads/sites/2/2023/05/GettyImages-1487331372.jpg?resize=256,186&quality=82&strip=all
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2f8596def684155f65262ab0911f20d15431b83273e235dca89dd4df6464639

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
cf-cache-status
HIT
age
245112
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
12846
x-rq
ams7 109 200 443
last-modified
Mon, 18 Dec 2023 17:50:07 GMT
server
cloudflare
etag
"1947fbe4ed1b432d"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83915e6fddb9361e-FRA
expires
Fri, 20 Dec 2024 16:05:50 GMT
fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637908759194514824
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/7ff8b1cd-1d19-446f-83fc-08706559ea09/user.js?cb=638386043473265561
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 21 Dec 2023 16:05:50 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
q4B4xYJoZwx9ikt94o1nCA==
age
470508
cf-polished
origSize=6016
x-ms-meta-cbmodifiedtime
Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 10 Apr 2019 19:06:17 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
x-ms-request-id
5a20f55d-001e-0046-2759-14c6a6000000
cache-control
public, max-age=2678400
x-ms-version
2009-09-19
cf-ray
83915e7058c7915e-FRA
expires
Sun, 21 Jan 2024 16:05:50 GMT
z
lightboxapi.azurewebsites.net/z9gd/42151/celebwell.com/jsonp/ 		588 B
951 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lightboxapi.azurewebsites.net/z9gd/42151/celebwell.com/jsonp/z?cb=1703174750764&callback=jQuery17107529651041875962_1703174750751&_=1703174750765
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/7ff8b1cd-1d19-446f-83fc-08706559ea09/user.js?cb=638386043473265561
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4bb4dbb931e063a4120baaee4cfd2d84e60a0e611771f452c4a6c6264038f658

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/javascript
t.gif
www.lightboxcdn.com/z9g/ 		35 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lightboxcdn.com/z9g/t.gif?c=1703174750759&h=celebwell.com&e=p&u=42151
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 21 Dec 2023 16:05:50 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
2021229
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Tue, 26 Feb 2019 00:59:40 GMT
content-length
35
x-ms-lease-status
unlocked
cf-bgj
imgq:85,h2pri
last-modified
Tue, 26 Feb 2019 01:15:02 GMT
server
cloudflare
etag
0x8D69B87D5A1B25F
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
15847cc2-701e-0006-59c4-0bef48000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83915e7068d0915e-FRA
83915e69790abb9e
celebwell.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 78FD 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/cdn-cgi/challenge-platform/h/g/jsd/r/83915e69790abb9e
Requested by
Host: celebwell.com
URL: https://celebwell.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Dec 2023 16:05:50 GMT
content-encoding
br
server
cloudflare
cf-ray
83915e714fca361e-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
karma_revshare.celebwell.com.js
karma.mdpcdn.com/service/js-min/ 		348 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ec00:d:2820:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12c9b4c849eb03001a65d70185a686ec3e396a85c25bd33af382cb90987b996c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
T14Vy5xIU.2jbZXJ0H9ZONKYaBub3M7w
content-encoding
gzip
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
date
Thu, 21 Dec 2023 16:02:33 GMT
last-modified
Tue, 15 Aug 2023 21:34:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
199
etag
W/"2577d66ecaae39f699449ca1213bfa27"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=300
x-amz-cf-id
1TuHAr9-oQitituh30LVfwrmEbsQzE-QteFW2jZCYboKR3hSYsJsvQ==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 21 Dec 2023 15:22:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2607
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 21 Dec 2023 17:22:25 GMT
js
www.googletagmanager.com/gtag/ 		257 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-37X3P54THV
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0c3d4ec40b791da4127d1c957f31146b4f65d665d3eff7d118086fbbb7570ba1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89403
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Dec 2023 16:05:52 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87d3ca80017eba2cdc0bbacb29573912906303cae9d1ff5cfd3747d43b23ec5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29226
x-xss-protection
0
server
cafe
etag
498 / 19712 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 16:05:52 GMT
segments
d30qdagvt44524.cloudfront.net/production/ 		15 B
375 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d30qdagvt44524.cloudfront.net/production/segments?muid=cf090632-3b4d-4f49-b94c-3749de1fa7d3
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:6600:19:bcbe:a700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
727b3ff0c716fa8e38788e3dab83691b06edf37ca523b826f9ef67700021516b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
via
1.1 a2ce61e5ddc66736c9e2bfb6581fa2da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
x-amzn-trace-id
Root=1-65846260-36a6287f1cf9eb9622cc35a7;Sampled=0;lineage=abd734a0:0
x-amzn-requestid
281e73f5-48f9-47c3-94db-9836725201b6
x-cache
Miss from cloudfront
content-type
text/javascript
x-amz-apigw-id
QTRPGFeNIAMEObQ=
content-length
15
x-amz-cf-id
eVtnQDUhXmAy3z6MGNgsX32l3BGDTLgFpiZ9mjWAzGwwrW-pC9V9yQ==
184003-52190608802424.js
js-sec.indexww.com/ht/p/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d9d5eece457526daaa86628d0f7cdced3695a3c0ed22a8f0db5803313d0c68d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 15:56:25 GMT
server
cloudflare
age
343
etag
W/"da2c3b-8569-60d07244da343"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
83915e784b03aca7-TXL
expires
Thu, 21 Dec 2023 20:05:52 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 15:21:13 GMT
content-encoding
gzip
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront), 1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
2680
x-amz-server-side-encryption
AES256
etag
W/"d6937d02acbbf691a008906e9d0617e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
LtTAwhhUBlxzOlBerxEERSgVPanKwF3yuSIiE48ZGvDG0ZwSIPvZoA==
x.gif
d9jj3mjthpub.cloudfront.net/ 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9jj3mjthpub.cloudfront.net/x.gif?pulse=-1&v=l1.0.21&type=karma&globalTI_SID=cf090632-3b4d-4f49-b94c-3749de1fa7d3&request_id=f94c9b0a-7c6a-41c7-97e7-74c907130263&url=https%3A%2F%2Fcelebwell.com%2F&host=celebwell.com&ua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F120.0.6099.109%20safari%2F537.36&muuid_origin=celebwell.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:4400:11:e0c9:84c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:26:28 GMT
via
1.1 70d3812e62d49cd4dca6f1dcec98b050.cloudfront.net (CloudFront)
last-modified
Sun, 24 Feb 2019 04:40:26 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P3
age
20365
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
zb3NrqN_cSG0ptdOT_r3D__8RIQEP3BmNrtOgoOYLDbOkZW0bZnykg==
home.js
celebwell.com/wp-content/themes/celebwell/js/infinite-scroll/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-content/themes/celebwell/js/infinite-scroll/home.js?ver=1703071754
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
570d08c2ec68a767e92a75918a8132a8bee5d7b56932921ceaeef525c15bff35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
x-rq
ams7 85 187 443
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 20 Dec 2023 11:29:14 GMT
server
cloudflare
etag
W/"6582d00a-11bf"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
83915e781a56361e-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Dec 2024 16:05:52 GMT
collect
www.google-analytics.com/j/ 		3 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1645898558&t=pageview&_s=1&dl=https%3A%2F%2Fcelebwell.com%2F&ul=en-us&de=UTF-8&dt=Celebwell%3A%20Health%2C%20Nutrition%2C%20Weight%20Loss%20%26%20Recipes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABAAAAACAAI~&jid=1431254255&gjid=272555763&cid=1216795759.1703174752&tid=UA-201796943-1&_gid=905700640.1703174752&_slc=1&z=1227435969
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://celebwell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-201796943-1&cid=1216795759.1703174752&jid=1431254255&gjid=272555763&_gid=905700640.1703174752&_u=YGBAgUABAAAAAGAAI~&z=214420883
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 21 Dec 2023 16:05:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://celebwell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
identity
api.rlcdn.com/api/ 		44 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://celebwell.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/ 		63 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184003
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3077df8f2d3cb91f0e82697c26038d6e2dae495264d754a2f7a026e85f308277

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://celebwell.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 20 Jan 2024 16:05:52 GMT
/
id.sv.rkdms.com/identity/ 		72 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=MEREDITH&sv_domain=celebwell.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.43.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-43-208.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
6851edc0fca6eb99fa5fa083c37055fb96b62567bcd4730305e755e4cc0ab82a

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://celebwell.com
date
Thu, 21 Dec 2023 16:05:52 GMT
access-control-allow-credentials
true
server
awselb/2.0
content-length
72
vary
Accept-Encoding
content-type
application/json
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-37X3P54THV&gtm=45je3bt0v874925126&_p=1703174750344&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1216795759.1703174752&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703174752&sct=1&seg=0&dl=https%3A%2F%2Fcelebwell.com%2F&dt=Celebwell%3A%20Health%2C%20Nutrition%2C%20Weight%20Loss%20%26%20Recipes&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3360
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-37X3P54THV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://celebwell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3446
config.aps.amazon-adsystem.com/configs/ 		532 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3446
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-79.ams54.r.cloudfront.net
Software
CloudFront /
Resource Hash
2a3a3957a0a96ed6faa851b56f971854b104f5199998cba99aaa68624052d1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 15:09:44 GMT
via
1.1 2b298af2bb6f21ab0dee9e764d8bcb28.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS54-C1
age
3368
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
cTBVxXnFBLJij7Wv8-bKeIRLixNBYT3uVUY3Q2lGzpb_rUiF-T2drg==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Fcelebwell.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
8bc8bb2ef9a799f3719e64256b03f6e9e8ed60a1ba1d1337e03a1a23cd33ac03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 15:56:18 GMT
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
573
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://celebwell.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1392
x-amz-cf-id
x6vVAwUiP8v8ObFmUSoznu6lw56CfLepe-GeDeXbAZLMCHKMLkcCjw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
date
Thu, 21 Dec 2023 02:23:15 GMT
x-amz-cf-pop
FRA56-P3
age
49358
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
pS-zxcSMc47j9Okm6_26_K362ccxhendtPJ0vkvCtp2xQCCVVr1t6w==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:13:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
24747
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 20 Dec 2024 09:13:25 GMT
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/08378bf6-c29a-482b-88a2-bf3e3bcf4974/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/08378bf6-c29a-482b-88a2-bf3e3bcf4974/launchpad-liveramp.js
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-72.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a4feb5399d6f379f9290d45f4c6fb21a8e0546d3ff6da83d755c2d365f1369c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
vUMLDsY4tDuFcnsCEMCHCmcNKrXbJmif
content-encoding
gzip
via
1.1 2837e32f921e7e7517dd6f5461c37dfa.cloudfront.net (CloudFront)
date
Thu, 21 Dec 2023 08:21:24 GMT
x-amz-cf-pop
AMS58-P4
age
27869
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Wed, 06 Dec 2023 21:25:44 GMT
server
AmazonS3
etag
W/"6e53a9d35bd17b8c10bb6f148fd6dc23"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
tufCOmau4uY4D02jlexVaSezCNGla5ekVQWETvKjcJ-hn06bm_s2SA==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 21 Dec 2023 16:20:52 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
PZ8K52NGS77B5CM4
age
818
etag
W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
83915e7a1e5e90e8-FRA
x-amz-id-2
1kNc4rfbsoiqKZYCxjZkL5WeE7Iksm5gINRHfAd0K+3VixrDGVOpT7FynZOj8JP1WQMYGqm6zjU=
3446
config.aps.amazon-adsystem.com/configs/ 		532 B
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3446
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-79.ams54.r.cloudfront.net
Software
CloudFront /
Resource Hash
2a3a3957a0a96ed6faa851b56f971854b104f5199998cba99aaa68624052d1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 15:09:44 GMT
via
1.1 2b298af2bb6f21ab0dee9e764d8bcb28.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS54-C1
age
3368
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
2U0pDhzXMRDfCx347P07Kp4RMe9mbub_nmoejuyG5dOVdNb9P7k9Iw==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Fcelebwell.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
8bc8bb2ef9a799f3719e64256b03f6e9e8ed60a1ba1d1337e03a1a23cd33ac03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 15:56:18 GMT
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
573
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://celebwell.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1392
x-amz-cf-id
opajE4q0Z1flqSWOiCRuOhPlzGFcNbFBtP19fenQkZXurO2NEUKWMg==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3446&u=https%3A%2F%2Fcelebwell.com%2F&pid=GjFVVbbMubgsb&cb=0&ws=1600x1200&v=23.1211.1645&t=1250&slots=%5B%7B%22sd%22%3A%22div-gpt-leaderboard-flex-1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%223865%2Frevshare.celebwell.com%2Ftier1%2Ftaxonomy%2Fdiv-gpt-leaderboard-flex-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-leaderboard-fixed-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%223865%2Frevshare.celebwell.com%2Ftier2%2Ftaxonomy%2Fdiv-gpt-leaderboard-fixed-2%22%7D%5D&pj=%7B%22aps_privacy%22%3A%221--%22%2C%22si_pagegroup%22%3A%22homepage%22%2C%22adRefresh%22%3A0%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.239.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-239-116.fra56.r.cloudfront.net
Software
Server /
Resource Hash
159bd804f3a207ce59088ef63f186ba5b3d906d5245b7bfa882a6a6c3f6a9314
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P4
x-amz-rid
90BE2H2AMA9DV2PTAMTZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://celebwell.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
KHLmfIDTHLT5jJZWhD9dB9GbEwMBJlODJz4yh7OREkRqmdVJR_griw==
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Dec 2023 16:05:52 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 18:27:07 GMT
content-encoding
gzip
age
1287525
x-guploader-uploadid
ABPtcPrGkX9WdEfraM_2GOgvO4XFku4h6LV8hSZGRCBWDldVHkLv6s4LjI-J4Ekw5y2K4Y2B5aE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 05 Dec 2024 18:27:07 GMT
hbjson
grid.bidswitch.net/ 		23 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.254.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-254-34.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7f5ddaf0ad3216e94a3afed28fb76a0dfc709b5605935247dc60a1eeecdb093f

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 21 Dec 2023 16:05:52 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://celebwell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
translator
hbopenbid.pubmatic.com/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://celebwell.com
date
Thu, 21 Dec 2023 16:05:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96901a017a7ae786e2e89dd5c10043&pos=celebwell_leadrbrd_flex_tier1_728x90&cmd=bid&secure=1
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
f5b937bf6e98350aab8d49c0856ea0f369ba6d1098fadb0c2bc5ea883e177c10

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://celebwell.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96901a017a7ae786e2e89dd5c10043&pos=celebwell_leadrbrd_fixed_tier2_728x90&cmd=bid&secure=1
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
f663063341655ffd4a7351a336e4df2edd687a911a4d8d796d5cd32e47903b41

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://celebwell.com
access-control-allow-credentials
true
content-length
80
fastlane.json
fastlane.rubiconproject.com/a/api/ 		439 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7499&site_id=426724&zone_id=2441058%3B2441054&size_id=2&alt_size_ids=57%3B&rf=https%3A%2F%2Fcelebwell.com%2F&tg_i.pbadslot=3865%2Frevshare.celebwell.com%2Ftier1%2Ftaxonomy%2Fdiv-gpt-leaderboard-flex-1%3B3865%2Frevshare.celebwell.com%2Ftier2%2Ftaxonomy%2Fdiv-gpt-leaderboard-fixed-2&tk_flint=pbjs_lite_v6.23.0&x_source.tid=0922d2d4-7e81-4b81-82b6-68c24eb6250d%3B54f1eca7-4264-4e67-be7c-61791fc3e37b&l_pb_bid_id=144dfe238658726%3B15f1c7507293fb6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=3865%2Frevshare.celebwell.com%2Ftier1%2Ftaxonomy%2Fdiv-gpt-leaderboard-flex-1%3B3865%2Frevshare.celebwell.com%2Ftier2%2Ftaxonomy%2Fdiv-gpt-leaderboard-fixed-2&slots=2&rand=0.4668920852989644
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5a04c480fa780416b1837c5ebc92976d32097695a4647412686e2839991350d1

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://celebwell.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
439
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		254 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
fe587df682e0706aa92b541da6ed2afeea9801514fea8ad1c9297b6af5d77449
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:52 GMT
an-x-request-uuid
ae445a8d-8719-471a-a655-e344976fc766
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://celebwell.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
254
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		36 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=688248&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2219446dd99c4adb%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcelebwell.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2220b333cb2aa79f5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22688248%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22688248%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%223865%2Frevshare.celebwell.com%2Ftier1%2Ftaxonomy%2Fdiv-gpt-leaderboard-flex-1%22%7D%7D%2C%7B%22id%22%3A%22216a3aff3ac92c1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22688246%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%223865%2Frevshare.celebwell.com%2Ftier2%2Ftaxonomy%2Fdiv-gpt-leaderboard-fixed-2%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cb5996dc23e7c57e0415a9f0cf168d41a20adb4c427626102b58caffb8825e8

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUhgc9IdRWyxn33ZjZpf7H9eYylpnZWhNubOIxxWIS8sgi6znaFBEYfjTHIKkzewaw4Y3yiIokrDcj04GFc9LNQ8M1XZQN7dtKGHUuOIxiO6dghSvJhYmjb9LPRIgFA5SV6TmqdY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://celebwell.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83915e7b1f9c6a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/08378bf6-c29a-482b-88a2-bf3e3bcf4974/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/08378bf6-c29a-482b-88a2-bf3e3bcf4974/launchpad-liveramp.js
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-72.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a4feb5399d6f379f9290d45f4c6fb21a8e0546d3ff6da83d755c2d365f1369c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
vUMLDsY4tDuFcnsCEMCHCmcNKrXbJmif
content-encoding
gzip
via
1.1 2837e32f921e7e7517dd6f5461c37dfa.cloudfront.net (CloudFront)
date
Thu, 21 Dec 2023 08:21:24 GMT
x-amz-cf-pop
AMS58-P4
age
27869
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Wed, 06 Dec 2023 21:25:44 GMT
server
AmazonS3
etag
W/"6e53a9d35bd17b8c10bb6f148fd6dc23"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
sYEXLDcWFzqANf0oP1W0m5WB47PFNns4Ym5IbQR_Y4_TnKFvVYHvJg==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
PZ8K52NGS77B5CM4
age
818
etag
W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
83915e7abf7790e8-FRA
x-amz-id-2
1kNc4rfbsoiqKZYCxjZkL5WeE7Iksm5gINRHfAd0K+3VixrDGVOpT7FynZOj8JP1WQMYGqm6zjU=
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		126 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/08378bf6-c29a-482b-88a2-bf3e3bcf4974/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-66.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10ca218fc957f3b1b7f8f0a0f6bab1c8b384ed7d6edda052614bf8cc9c14eac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
OYXhO0yAI32wYHLbaFkvb4YycLXHk8gH
content-encoding
br
via
1.1 9c7ba0aaf8652834e3f6b51b901da726.cloudfront.net (CloudFront)
date
Thu, 21 Dec 2023 15:11:59 GMT
last-modified
Tue, 12 Dec 2023 13:01:22 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P6
age
3234
x-amz-server-side-encryption
AES256
etag
W/"6f5acc886b373331d622309f643f2f89"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
kCkSCjCy3P2rUnCC5fRMDKzANvwI80O6jZ4Balkk75E-KUzPORzC6g==
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fcelebwell.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fcelebwell.com%2F&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fcelebwell.com%2F&rid=esp&cc=1
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e4a8f8adbbaa2897642d7f356a38665cecbda417fe5fbba48ad3bfbbd23f0f88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-uKLs9xDVeU7H+4l9MdakXY4svfE"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://celebwell.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 21 Dec 2023 16:05:52 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://celebwell.com
location
/esp?url=https%3A%2F%2Fcelebwell.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-45.ams58.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://celebwell.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 21 Dec 2023 16:05:52 GMT
via
1.1 1396f0307ab4835adf6e4163507d4c8a.cloudfront.net (CloudFront), 1.1 c42cd753c9927a74eed5ac8cd899bf30.cloudfront.net (CloudFront)
x-amz-apigw-id
QTRPKHf3DoEEQhQ=
x-amz-cf-id
oiVhfX9ZMnRfqSpmS6MCnk_zc-Or-zJ8Z2Sj694g9RGCVcLh760BzQ==
x-amz-cf-pop
AMS54-C1 AMS58-P5
x-amzn-requestid
f3c981fa-2bbe-4af9-833e-6178fa985336
x-cache
Miss from cloudfront
/
geo.privacymanager.io/ 		28 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-45.ams58.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept
application/json
Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Dec 2023 02:00:24 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront), 1.1 c42cd753c9927a74eed5ac8cd899bf30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, AMS58-P5
age
50728
x-amzn-requestid
cad127a4-5ee1-432f-a471-b1c2472ca6d2
x-amzn-trace-id
Root=1-65839c38-1e1aebab4f547ffb50e7cb10;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
QRVY0GAsDoEEjOA=
content-length
28
x-amz-cf-id
Ccs7AAYMhz2nL4XQz47AINDMIEA4fpIpCGh0fBgx-1iBmtfpJH-X4A==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
syncframe
gum.criteo.com/ Frame 70C7 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=celebwell.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://celebwell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 16:05:51 GMT
server
Kestrel
server-processing-duration-in-ticks
426541
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
GettyImages-1489056584.jpg
celebwell.com/wp-content/uploads/sites/2/2023/06/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/uploads/sites/2/2023/06/GettyImages-1489056584.jpg?resize=256,186&quality=82&strip=all
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e609dcc5358b4fe411a64e42d82a1893cb79a043f8fc695431feb42d0cb28bf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
x-rq
hhn1 109 88 443
cf-cache-status
MISS
last-modified
Tue, 19 Dec 2023 15:22:09 GMT
server
cloudflare
etag
"553be110a69cd33b"
vary
Accept, Accept-Encoding
x-cache
HIT
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83915e7c18ba361e-FRA
alt-svc
h3=":443"; ma=86400
content-length
5668
expires
Fri, 20 Dec 2024 16:05:52 GMT
GettyImages-1384962370.jpg
celebwell.com/wp-content/uploads/sites/2/2023/05/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/uploads/sites/2/2023/05/GettyImages-1384962370.jpg?resize=256,186&quality=82&strip=all
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
377d69bf7362ad1d6d09cb5abab82bc7e7bbe9e743a34d3cefbe19bc4885b874

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
cf-cache-status
HIT
age
245113
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
4222
x-rq
hhn1 109 139 443
last-modified
Tue, 12 Dec 2023 18:16:12 GMT
server
cloudflare
etag
"a9589753c501f171"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83915e7c18bc361e-FRA
expires
Fri, 20 Dec 2024 16:05:52 GMT
GettyImages-1244806266.jpg
celebwell.com/wp-content/uploads/sites/2/2023/05/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/uploads/sites/2/2023/05/GettyImages-1244806266.jpg?resize=256,186&quality=82&strip=all
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a5a94f596f295bd2137a982b38169f86b8557cf5c7986d344f1d4aa6f656d4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
cf-cache-status
HIT
age
245113
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
8046
x-rq
ams7 109 30 443
last-modified
Wed, 22 Nov 2023 07:02:02 GMT
server
cloudflare
etag
"0f2676ba90e642f9"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83915e7c18bf361e-FRA
expires
Fri, 20 Dec 2024 16:05:52 GMT
GettyImages-1357592018.jpg
celebwell.com/wp-content/uploads/sites/2/2023/05/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/uploads/sites/2/2023/05/GettyImages-1357592018.jpg?resize=256,186&quality=82&strip=all
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea77d4b986c11d48da7d516ee3b298228dbed79875628189d9f000eb976c8ad5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
cf-cache-status
HIT
age
245113
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
5788
x-rq
ams7 109 32 443
last-modified
Mon, 18 Dec 2023 20:00:39 GMT
server
cloudflare
etag
"f68c534b9edf87d0"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83915e7c18c2361e-FRA
expires
Fri, 20 Dec 2024 16:05:52 GMT
gtm.js
www.googletagmanager.com/ 		207 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TZW8S3J
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2820df6852dc5e4da53ed27ce5714777707c507956b66c47244b57d474b21308
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76206
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Dec 2023 16:05:52 GMT
sid
mug.criteo.com/ Frame 70C7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=celebwell.com&sn=ChromeSyncframe&so=0&topUrl=celebwell.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=3zoPvnw1WUE2dTNNV1hrcG85VFJWVmw5b0p5amFtcjMyU2xLZ1pBUUl3ZEcyNVIrNDFVNGRwRzNsUWY4cUp2cVlLblBvLy9aSTJla24zZGdJVHFCNlRZY3MveDU5TUtXODBKdk5SL2Y1bC9wOStsbnVoL2kyTlMrUmltWW...
425 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3zoPvnw1WUE2dTNNV1hrcG85VFJWVmw5b0p5amFtcjMyU2xLZ1pBUUl3ZEcyNVIrNDFVNGRwRzNsUWY4cUp2cVlLblBvLy9aSTJla24zZGdJVHFCNlRZY3MveDU5TUtXODBKdk5SL2Y1bC9wOStsbnVoL2kyTlMrUmltWWxkTkVuUGhyUFIwVTJxVHFUSkZ4eEVYbUlmZkwvZjFScFRkZkhUcGU3TWo3WldSSS90a0tNc2tWcWZkak10NEVQR25EOEw5RVJGRFp5Q1JKNS9raThOR2VQbldERjNrM1VtTEh0aVR5RExTNnh3THVoNERrSHRmdEJaR0NhaU0zTGU2ZmtUVXB1eVUrY0l1N3BScTJYckNBYlBreFdCQT09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
40ff67a8f231a9b3a3cb07eeb1bfa4841f492aa351b55a2260c043b29bfd8bcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2644799
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=3zoPvnw1WUE2dTNNV1hrcG85VFJWVmw5b0p5amFtcjMyU2xLZ1pBUUl3ZEcyNVIrNDFVNGRwRzNsUWY4cUp2cVlLblBvLy9aSTJla24zZGdJVHFCNlRZY3MveDU5TUtXODBKdk5SL2Y1bC9wOStsbnVoL2kyTlMrUmltWWxkTkVuUGhyUFIwVTJxVHFUSkZ4eEVYbUlmZkwvZjFScFRkZkhUcGU3TWo3WldSSS90a0tNc2tWcWZkak10NEVQR25EOEw5RVJGRFp5Q1JKNS9raThOR2VQbldERjNrM1VtTEh0aVR5RExTNnh3THVoNERrSHRmdEJaR0NhaU0zTGU2ZmtUVXB1eVUrY0l1N3BScTJYckNBYlBreFdCQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
303941
content-length
0
expires
0
i.js
tag.wknd.ai/6217/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.wknd.ai/6217/i.js
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ed78fb7e93fe7fef4bc6a97421f5d97485ce4a7ecd341417f2066bfa20671f03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 15:37:24 GMT
content-encoding
gzip
via
1.1 google
age
1708
x-envoy-upstream-service-time
0
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1786
server
istio-envoy
etag
0d7b71b82acc1e
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect
pd
google-bidout-d.openx.net/w/1.0/ Frame 36BB 		199 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://celebwell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Thu, 21 Dec 2023 16:05:53 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
runtime_8b30b4890203fd4144c54b9ffd765f5e.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_8b30b4890203fd4144c54b9ffd765f5e.br.js
Requested by
Host: tag.wknd.ai
URL: https://tag.wknd.ai/6217/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c4fad867557fa65e1a778e915c0b4ed0cd1bbb4443452c8943e5cec6504311e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 19:52:50 GMT
content-encoding
br
age
1368783
x-guploader-uploadid
ABPtcPrRJGAl4jZY8HSoEqDkbgDvgQ9Z_M7B-4dXtig0fubXh3SNwymUrApyvOj-JMXmJY_pdYs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1317
last-modified
Mon, 04 Dec 2023 15:20:19 GMT
server
UploadServer
etag
"dbc90523c425a5d782995c1a39051881"
x-goog-generation
1701703219846953
x-goog-hash
crc32c=Xs/EYg==, md5=28kFI8QlpdeCmVwaOQUYgQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
1317
accept-ranges
bytes
content-type
text/javascript
3446
config.aps.amazon-adsystem.com/configs/ 		532 B
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3446
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-79.ams54.r.cloudfront.net
Software
CloudFront /
Resource Hash
2a3a3957a0a96ed6faa851b56f971854b104f5199998cba99aaa68624052d1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 15:09:44 GMT
via
1.1 2b298af2bb6f21ab0dee9e764d8bcb28.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS54-C1
age
3368
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
WvIVp2pR9CFvWb8ImMWMoOwtq8Q4LlP-4eyEOyhry0WYUifx732H0w==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Fcelebwell.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
8bc8bb2ef9a799f3719e64256b03f6e9e8ed60a1ba1d1337e03a1a23cd33ac03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 15:56:18 GMT
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
573
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://celebwell.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1392
x-amz-cf-id
pxw0K_55_fjBbnToQqoQObpFwRcPL91IzR-0F7UX-Do9Y4lXDvW_rA==
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4239129592596165&correlator=1651254686208487&eid=44809527%2C31080079%2C31080125%2C31079527&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=3865%2Crevshare.celebwell.com%2Ctier1%2Ctaxonomy%2Chomepage%2Ctier2&enc_prev_ius=0%2F1%2F2%2F3%2F4%2C0%2F1%2F5%2F3%2F4%2C0%2F1%2F2%2F3%2F4%2C0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%2C1x1%2C1x1&ifi=1&sfv=1-0-40&ists=3&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703174752995&lmt=1703174750&adxs=436%2C436%2C0%2C0&adys=301%2C1278%2C3644%2C3644&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcelebwell.com%2F&vis=1&psz=728x0%7C1024x1%7C1600x3643%7C1600x3643&msz=728x0%7C994x0%7C1600x0%7C1600x0&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=1216795759.1703174752&ga_sid=1703174753&ga_hid=1645898558&ga_fc=true&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGISRgenIMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lVR0o1YUVoUWFqWlJVU3RXTVUxdFFUUXhiMjVzVVQwOUluMD0Yu5WB6cgxSAA.&dlt=1703174750242&idt=2083&ppid=cf090632-3b4d-4f49-b94c-3749de1fa7d3&prev_scp=slot%3Dleaderboard-flex-1%26refreshType%3Dhard%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26bz%3D000%26bzr%3D0%7Cslot%3Dleaderboard-fixed-2%26refreshType%3Dhard%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26bz%3D000%26bzr%3D0%7Cslot%3Dinterstitial%26refreshType%3Dhard%7Cslot%3Dwallpaper%26refreshType%3Dhard&cust_params=path%3D%26id%3Dhome-celebwell.com%26type%3Dtaxonomy%26channel%3Dhomepage%26pv%3D1%26otabc%3D0%26amznbid%3D0%26amznp%3D0%26muid%3Dcf090632-3b4d-4f49-b94c-3749de1fa7d3%26mrid%3Df94c9b0a-7c6a-41c7-97e7-74c907130263%26dockedleaderboard%3Dfalse%26dockedrail%3Dfalse&adks=246799813%2C1948583048%2C3443121628%2C462458658&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9009ab1961f92fe644f2d0ae066dd5b4302d0b1226c6bf40d2bba4a7561a3366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:53 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10573
x-xss-protection
0
google-lineitem-id
-1,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://celebwell.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc2fd9559bb88b89bf7c28bf94666ffc8d93c856137ffc999f465d2bec2a6536
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12186
x-xss-protection
0
container.html
670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 320C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://celebwell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 16:05:53 GMT
expires
Fri, 20 Dec 2024 16:05:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
6691.js
script.crazyegg.com/pages/scripts/0031/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0031/6691.js?473104
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:53 GMT
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:25:27 GMT
server
cloudflare
age
74426
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
83915e7f18e81c8b-FRA
content-length
0
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
PZ8K52NGS77B5CM4
age
819
etag
W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
83915e7e7c0990e8-FRA
x-amz-id-2
1kNc4rfbsoiqKZYCxjZkL5WeE7Iksm5gINRHfAd0K+3VixrDGVOpT7FynZOj8JP1WQMYGqm6zjU=
main-v2_8aebf97cc6bdaca1cfc56940afdbc7d5.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		452 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_8aebf97cc6bdaca1cfc56940afdbc7d5.br.js
Requested by
Host: tag.wknd.ai
URL: https://tag.wknd.ai/6217/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
828011e932c7f65177e00c50ef88564628178b9d3190845404b02e3132a14c90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 20:29:15 GMT
content-encoding
br
age
675398
x-guploader-uploadid
ABPtcPqZKkDLycZlBYoDwX7m5CixbWaNqvXD7Y8VWwBYoh-YVeIUg4tV59351qZekMZt1GQ0iQ4eOnBM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103229
last-modified
Wed, 13 Dec 2023 20:29:02 GMT
server
UploadServer
etag
"2404e3009bfbe89e5d2c7f7b24179df7"
x-goog-generation
1702499342060242
x-goog-hash
crc32c=kCJJLw==, md5=JATjAJv76J5dLH97JBed9w==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
103229
accept-ranges
bytes
content-type
text/javascript
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Dec 2023 16:05:53 GMT
onsite-v2_5631bf90701659009118a89f964ae570.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_5631bf90701659009118a89f964ae570.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_8aebf97cc6bdaca1cfc56940afdbc7d5.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
eddc11d8be0ae5311acc08d5f2ebe7ff9426384f6408ecbb56abbd7fb5e03743

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:43:27 GMT
content-encoding
br
age
1444946
x-guploader-uploadid
ABPtcPq4H2Y2ES3ysQab0w356yLs5BBgzwMN3a6qnoQROc6WxrmeY99rD0G6eeRa48YYLHlDt9gl_HcyFg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4962
last-modified
Mon, 04 Dec 2023 15:20:09 GMT
server
UploadServer
etag
"801d41813e7b11c4986b4ca00307283b"
x-goog-generation
1701703209164802
x-goog-hash
crc32c=+KL22A==, md5=gB1BgT57EcSYa0ygAwcoOw==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
4962
accept-ranges
bytes
content-type
text/javascript
ads-v2_e3f1d1c3f9f9c2b5c76066899fe4138c.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		174 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_e3f1d1c3f9f9c2b5c76066899fe4138c.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_8aebf97cc6bdaca1cfc56940afdbc7d5.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
addcff8eac7c0cf9144538731f468e014eee56682aac2d4daf55d9a20f043c8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 20:28:58 GMT
content-encoding
br
age
675415
x-guploader-uploadid
ABPtcPrwt6YVOlA0evf0ToC_WhbWwoJrK1noj9ofYooRZbSZKDjGsR6vCp8Fvw6ubd32g3GIXdYMihxdoA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
last-modified
Wed, 13 Dec 2023 20:28:47 GMT
server
UploadServer
etag
"032b00c5c1cda25de40698a3521e7c17"
x-goog-generation
1702499327286069
x-goog-hash
crc32c=Zjz3jg==, md5=AysAxcHNol3kBpijUh58Fw==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
38915
accept-ranges
bytes
content-type
text/javascript
jquery-3.5.1.min.js
assets.bounceexchange.com/assets/bounce/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_8aebf97cc6bdaca1cfc56940afdbc7d5.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:43:16 GMT
content-encoding
br
age
1444957
x-guploader-uploadid
ABPtcPo-ARLNJ2Bn5DfdFRuhM5EXFQ9fSam_Z--DNVfsysHLpabGCE39SmFXCKPkBWWPHZkC2g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31574
last-modified
Mon, 04 Dec 2023 15:19:33 GMT
server
UploadServer
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary
Accept-Encoding
x-goog-generation
1701703173399258
x-goog-hash
crc32c=W9o9Ng==, md5=3F5/GMjTasHT1HU6h8mNCg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
89476
accept-ranges
none
content-type
text/javascript; charset=UTF-8
local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame 4347 		2 KB
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_8aebf97cc6bdaca1cfc56940afdbc7d5.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer
https://celebwell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
age
63795
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
br
content-length
938
content-type
text/html; charset=UTF-8
date
Wed, 20 Dec 2023 22:22:38 GMT
etag
W/"fc893948c3efc689b5b19d8a77958e23"
last-modified
Wed, 13 Dec 2023 20:28:30 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1702499310379960
x-goog-hash
crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2408
x-guploader-uploadid
ABPtcPoKNyS5xbDZHDoTHzdRHAxvjFMRf71XBWA6sogR16q65l4SSYMFWnwmwi_feIxmWyUdS-tzoUMTbA
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0937 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://celebwell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
10499
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 13:10:54 GMT
expires
Fri, 20 Dec 2024 13:10:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A62B 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5a0d7aae25cf8be546d99bf59a70da80992f434d4e5b709a89340261b0eefadc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TXQmlegyV5VuUdp84LJPFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://celebwell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-TXQmlegyV5VuUdp84LJPFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 16:05:53 GMT
expires
Thu, 21 Dec 2023 16:05:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
container.html
670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CD5F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://celebwell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 16:05:53 GMT
expires
Fri, 20 Dec 2024 16:05:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
8efb6d1832f5dd1de8b187593e01641edb97291039830b8a2772bcbf5880d162
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://celebwell.com
date
Thu, 21 Dec 2023 16:05:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
init1.js
api.bounceexchange.com/bounce/ 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=384&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHYAGAZiIBZCBWUqgNk2AC8QoBae4zAdwFMARjlTA+AfVQATKPQBMRTACc+OEABs4aDAS7EAHvlnFuymH0XLFUbAEM1a1AgDmYuIrVQAFsGAAHHACkpACCAbIAYmHhSHxqgvz2AHRIIAC2UZgAbqjCwGIpIADWqHxQAYQAQmGyar7VQaGyst5+gbK0jdQRYV3RsfGxaslpPd1NYQDC1Yr1IfXjhAAi2CBFJWWV1ZJSs43tpAAcpIT4R+0HAJy0hKTU+PNTTdmSu0RklDR0hLKkpMTlywKxXEoBAYjUNkUTlKMDsOD4mAEvig3D4figAG0ALqYXzAPArVK+Bw2ZDiGAQpzWTKeGxQIA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_8aebf97cc6bdaca1cfc56940afdbc7d5.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3344e6760ed96d120710d44c5cd858693c0151c78955f27b481d880d2693a7e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:53 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 21 Dec 2023 16:05:53 GMT
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
20
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6B4F 		624 B
826 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COO2kZoFEKzPwqIFGKi4-PoBMAE&v=APEucNVPgQpFc_0iYMI2KXQ1we9wJD4sbaJLYy8RMsuM2py5Vzt-Yow_s738hHDZDuOq-N5zVZhiQxwUQPLoQhfVE-qt319lo-tsoii2z0UXMnZy_7DByWV8rylZbdIbHZ6eI-DJu3b2BitYo1AyPJfJJwt1c45Gd3ZRwKZ2DPQdnL60oUggVRbwE8WTCGinZaxI9os563ieWD3AMl35-iwbHNSjt2-8kQ
Requested by
Host: 670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com
URL: https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 16:05:53 GMT
expires
Thu, 21 Dec 2023 16:05:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame CD5F 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com
URL: https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 16:05:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD5F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CwAyWKI_Sji1CISPiv_2r_7qQNuBzbZ3iZMyR_AC9FL2YEqqbUzi2HoBliYkNdrisFVl0svb5usa7ya2yahVPRii1j3WOYiv5vy-t9USd54KG5QlY
Requested by
Host: 670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com
URL: https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CD5F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com
URL: https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
10512
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 13:10:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CD5F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com
URL: https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
24743
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 09:13:30 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CD5F 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com
URL: https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 16:05:53 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 0937 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:18:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
20859
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 10:18:14 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A62B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=4239129592596165&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
v3
id5-sync.com/gm/ 		403 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
623aa63bf6f127299fcd04b563d4184da1f0bee38f9a55684dcca8ea1374e9a6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://celebwell.com
date
Thu, 21 Dec 2023 16:05:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
generate_204
tpc.googlesyndication.com/ Frame 0937 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?GE5pZQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 6B4F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhQ4WwILGjPyba3PC8Lb3M&google_cver=1
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhQ4WwILGjPyba3PC8Lb3M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO2kZoFEKzPwqIFGKi4-PoBMAE&v=APEucNVPgQpFc_0iYMI2KXQ1we9wJD4sbaJLYy8RMsuM2py5Vzt-Yow_s738hHDZDuOq-N5zVZhiQxwUQPLoQhfVE-qt319lo-tsoii2z0UXMnZy_7DByWV8rylZbdIbHZ6eI-DJu3b2BitYo1AyPJfJJwt1c45Gd3ZRwKZ2DPQdnL60oUggVRbwE8WTCGinZaxI9os563ieWD3AMl35-iwbHNSjt2-8kQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVQzDd22UTGeQb12K8C8cUX665k%2BG5jqYIlLPuudlX9BDsg9k5PmRubHkisw1mPLjegvqMHWaqlVWV3r9cZQTP10JdxgSWQDsQV4nxXu0S3wcEMnsZNywpQBAs9%2FRvWQHn9iwfust2738A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83915e83bdca6a74-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhQ4WwILGjPyba3PC8Lb3M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6B4F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYRiYUTMRgYTlqIO07pnpQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhQ4WwILGjPyba3PC8Lb3M&google_cver=1
43 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhQ4WwILGjPyba3PC8Lb3M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO2kZoFEKzPwqIFGKi4-PoBMAE&v=APEucNVPgQpFc_0iYMI2KXQ1we9wJD4sbaJLYy8RMsuM2py5Vzt-Yow_s738hHDZDuOq-N5zVZhiQxwUQPLoQhfVE-qt319lo-tsoii2z0UXMnZy_7DByWV8rylZbdIbHZ6eI-DJu3b2BitYo1AyPJfJJwt1c45Gd3ZRwKZ2DPQdnL60oUggVRbwE8WTCGinZaxI9os563ieWD3AMl35-iwbHNSjt2-8kQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8xrCGS1Gh%2BCUpmN4NOX7fEDcuHbDwDG3P%2FyOqZJjJL%2Bv4ZazO%2BpKh9Q18noWd71g9nJxUtp3VZax9JlzV%2F298aX55x5JXoJG9oEo3EfN1zfd%2Bc%2FNZT%2BJaR5t2onYw%2BTk09fc0nm%2BhdpZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83915e840eaf6a74-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIhQ4WwILGjPyba3PC8Lb3M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6B4F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENoWzfnogmMFQmZBp3QmpXg&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENoWzfnogmMFQmZBp3QmpXg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO2kZoFEKzPwqIFGKi4-PoBMAE&v=APEucNVPgQpFc_0iYMI2KXQ1we9wJD4sbaJLYy8RMsuM2py5Vzt-Yow_s738hHDZDuOq-N5zVZhiQxwUQPLoQhfVE-qt319lo-tsoii2z0UXMnZy_7DByWV8rylZbdIbHZ6eI-DJu3b2BitYo1AyPJfJJwt1c45Gd3ZRwKZ2DPQdnL60oUggVRbwE8WTCGinZaxI9os563ieWD3AMl35-iwbHNSjt2-8kQ
Protocol
H2
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:53 GMT
an-x-request-uuid
f6441a48-453f-4470-aa0c-5aab95db7f44
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.104; 80.255.7.104; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENoWzfnogmMFQmZBp3QmpXg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6B4F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2NzY0MjcwNzg2NTg5MTQxNA%3D%3D
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2NzY0MjcwNzg2NTg5MTQxNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO2kZoFEKzPwqIFGKi4-PoBMAE&v=APEucNVPgQpFc_0iYMI2KXQ1we9wJD4sbaJLYy8RMsuM2py5Vzt-Yow_s738hHDZDuOq-N5zVZhiQxwUQPLoQhfVE-qt319lo-tsoii2z0UXMnZy_7DByWV8rylZbdIbHZ6eI-DJu3b2BitYo1AyPJfJJwt1c45Gd3ZRwKZ2DPQdnL60oUggVRbwE8WTCGinZaxI9os563ieWD3AMl35-iwbHNSjt2-8kQ
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:53 GMT
an-x-request-uuid
45cac5df-7459-4499-8630-5e2fc80104f5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2NzY0MjcwNzg2NTg5MTQxNA%3D%3D
x-proxy-origin
80.255.7.104; 80.255.7.104; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F32D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_e3f1d1c3f9f9c2b5c76066899fe4138c.br.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://celebwell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=144889
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 21 Dec 2023 16:05:53 GMT
expires
Sat, 23 Dec 2023 08:20:42 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
contextual
contextual-analytics.wunderkind.co/api/ 		926 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://contextual-analytics.wunderkind.co/api/contextual?url=https%3A%2F%2Fcelebwell.com%2F&website_id=6217
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
f5a0bb4386dc8332a4566e30dc7a70ef6441c783c3e1fcf357f3d243a30f7282

Request headers

Accept
*/*
Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://celebwell.com
date
Thu, 21 Dec 2023 16:05:53 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
926
content-type
application/json
creatives-base-styles.a53944a2.min.css
assets.bounceexchange.com/tag/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/tag/css/creatives-base-styles.a53944a2.min.css
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_8aebf97cc6bdaca1cfc56940afdbc7d5.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
286a9eb90b3236f3c77e9cd147b524d542d53ba83973de175c45be3eb1147805

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 00:18:23 GMT
content-encoding
gzip
age
661650
x-guploader-uploadid
ABPtcPq0cdNCbeXDX7lGpQ3ZAxjSlenccB4BoPJhJXWQ9Q1zF2scK0T64ICi-2DvzZFuFfZbSsYeiLfB2Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6053
last-modified
Tue, 13 Dec 2022 17:12:22 GMT
server
UploadServer
etag
"54f61bdcbfb6f81427c8a6803f48b02f"
vary
Accept-Encoding
x-goog-generation
1670951542233151
x-goog-hash
crc32c=lLRhfg==, md5=VPYb3L+2+BQnyKaAP0iwLw==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
6053
accept-ranges
bytes
content-type
text/css
visit
events.bouncex.net/track.gif/ 		42 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLpJHRZGVWYAThLGaRK2AGUUADMUJBAneld3VQAyUAgYJAQ65D6kHC7wKGgKPh40U3QEWCRSHDTISFNhalbjGno6Hbp4hEsbASPSRnjs-dpRnug+sAJSWEgQAkxdHEli5lvxh6eLzemAAnl8dL9uuN4vBINlgI0QCgbJYwDhKC4lC4ACJ-GCXAgREAIdGYmjUXggXjk+TbaibOQADlckmZm0ZJVaLjk9EkNOooXpoGp9NpkhczDk4vULlaqnoqnlngF5LqwEgNLkxnFkulsrkIXJKAImuMrBV9NIplN5JWaw2W2u10Ox1O5AuV02e1FFuoKA21Fp5sF1GApmApr5vpFga15JjhvpSBtPsDvvi6sjEqlLhlrUT1AgCa1AFooyG0PFk6KtfQC1lTcHyaRMzXtdm9fn0ygsrMQGhMAHaRjtPTvsxZXW2yPycAI22m5bW7H27rc-qMdjNwX5yuZzjNx14Mg5thoDZMkJkDh0pkckfEKgMGfgMgIO9wTIZMUyhVSg+T2fGALBQSA6gIJAshwFR+CEKRfmPJ8sBgXgEFAQ5IBBUwSVQsAIjhUwOhhMA4RyJBoDSf1LkwV8kEgBBeBwX4MAIaBLlgbAkBBS5UJwbEAFEOhYtiCA4yAuJ4hA5D4-iAFUhIQVj2M4kFMB7Ek4kglBQQUpT3leTBkMknA5I6LICF435ThsHoECpHBVGocU8XsnUczzDwFSVDpUPQuzGNaZkXFZOR2U5VweUkDpZgwUAEAEVyOkQABHWAsEOezfnicJkNeHISJ7Uwvg7dcuVZIicuwFBTBAWj30wHBIHQOQfLQkBDhwXgktEpAOusjpT1wRCgA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:53 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pageview
events.bouncex.net/track.gif/ 		42 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1NAxhOhAEbzPoB0DA9gLb0AZKEiwEiBskK4BUEKhghWLQpmIB2AEKaAIiPDQ4SPrwDWcQjABeETFQAsATgNjjkkADtenmAxBYeAQkFPT0TCzsnDwCwqJGEqYWEAD6srwp6AqQmABmAYQQrgkmvOZwaQCewHakwOiExeKl5alWtpgAjFQADAAcQnz8wJLDmD2DAiO4DLnjk8MohMDzQyNgwCsT-LwAJnYTHKxWuBAwu5gAbFSdGkKwJ+ddGj2ktw4aAKykl5+Xv5chPtYEwnt8+qQNJ0IVRPn0nN8NKRPp0msYnqjCgBHZAQTygi6ohjoOCefAwfgQGQgMa3V7vL6Q3qDEl43AgYAwKAQVBWHyYdlgUhAoxMTC7ISEXhoMVHISGMmYaQ8oA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:53 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
7
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
sync
x.bidswitch.net/
Redirect Chain
  • https://ssp.behave.com/push_sync
  • https://ssp.behave.com/ul_cb/push_sync
  • https://x.bidswitch.net/sync?ssp=bouncex
43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=bouncex
Protocol
H2
Server
35.157.253.10 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?ssp=bouncex
date
Thu, 21 Dec 2023 16:05:54 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cmp
events.bouncex.net/track.gif/ 		42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/cmp?wklz=MYewdgzgpmAuBcsCWBbKBlWBDFAHAvAIwDsADAMwkAsxArOebQBwBkokMCAFlhAMLhocfGBABSAEylgeFihAATKPlIsA7lABGEJLChIF+AGwSSLAG5IdyQyQrU65I7SPOjLJZeD7D9JuWJCfwlmAE56YkZCFlwsAHMoSyg1AyIWaABHAFcYb1SJNgAbJE5kNAhsPCIySmIaCIlQopK4LFwkcygAJx1wfGw48g9EpG98BXSQLK6xjU0WeM58LOguoA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:53 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD5F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1052062562146&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD5F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1052062562146&version=m202309260101&ct=76&x=1&cor=18068237563565220000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame CD5F 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVCEtrqaRWAybe76qyhp1xKJCND7819vpFRp4oY0OWTkaVl_EPd4Yrne2MDVsvctNW0XCGggmBCys-sOu6P-cy8W4X5sL3idebEpk8OUPiTUUPKIy3k8t_77k_fbjnyjNZFAz8rrVS9PAQZvDu0qbiewchcvIitDZu2Mf-DnhhKfga_pE&dbm_d=AKAmf-BGwxa7-MsOhpK_sMeLKLI1DHSdrLz1YHycHpbp2fOde5DIET_MVSPfCl40klcNIPjmESK3o65iSVeUDjw_Vul8tPgb2mVefa3OPZnFI94eelI5yuM6HiQYqC6tQ9Da64oP_-VAdK_qIidhvKq_CguobvRT4I1eTUEeWBLXViCpLspPiaZIjzpXOEJQH_Jl57c8_Y-zf_4nvlVk0kBjl_nPzRf88JDTcaAaYPvs8xybK8qVKrzWUYh3TedJjKCXDBvh8HxKKA3gUyQPrPkMcqf1K52P-HZWwKt5jcMHeHmulDrEQvLN7NoaoWe19HIZJ56rRbgBen_QlfGvUlTJ7eYNlswH33PrPPwY0ckoVKc5TuXhhkTFxib42LKUCDWPo7NHxOL4RnNBf4DEpNLOHBcM43_oOVNQj32FBqcfnQRmbbxXpCLJOdWWvaCMHB5jhymv2HBKFGUcdkkbBfLa5JiVa2NPDNUmk59SkXtXI1NvmE9KXdPxRhXfqfG2QU8ILH7cqVe2x6M2dq0Oj1OWIteRsH_7ymY29wsfBCkSyHW0ovtA3tyyi6JQQ9GIv_ItGpzywI3rIFxLYx8lmXp8KOHlgiVliSzZaKXVFjYBURTirwJqFHM1hyKykoDbJ93dVIuR0rY54ASl4aEak2YBH_7Ib3L6Z8R2GmnQqIrOIbEEphQTkZbmIE90n6z5ASuT2hECmYMiK1T6mzdTMouIlvsZEZmnlNNDssSNORMlF8yUhVig1qGa61AXAypWRyg3muIbXFRjkOov18LlZFSzEGQPXOo3nj17JkCwTjuDO65W2Hl2_yCFvWprpJ9llKAmR106iWIVPhUZN89APWmUHqnZ6ToMKvzBpiUA7qNMlsxrsffUeGlhMnAGnf7g0PtAVWJ2TYMgbmiB3tLBbYIA-qsduolHjSHnorgRJLCN-FuiNA67hzuEVXMoC_05MCq_HBZ1rCF5JWXKWjAEz9cMTPmsBXTLPp391SL9Ee0kVjlaZVLjgH4j53XIh-YaHNLVBxgdeouNdxB1R8FOrTHlq3vtSym0XLYhHIVwIwdmgygg1nOU353k2rK7NYabbGAKc0nfkrDTDKzGvMZ2ENvAzNBsBaXAItMjCWAs1xGK8y--0DDO7CZ5qjBFZ1JJ07QHuzCxZxXJOh6TtmMzPqxmJRc-foA0YHmj_GaR9FHxR_N08OBCtdQ0reegOX3-d57RbqzE7zE6dGGzF7k2siQdPFRDjK6SZVkaU0XaSOrKC9xNgCDclBSnoVPzWatOTgl7i6RxUjQEe9LSMP4-Lyzkq4U_YOB-HqS-TCqE5awitCXj7e98uvpD4o2kkTrnbJ2Ah2bBVg9QWGaScrHvu45Y9tbLGzM3nvGc4t8kx-PKHjGj17x1MiWMYT0UtkvFkiyXwM-Ry72YaL1lB8YwCpKzC0AgfY9Vm-YaBgpgu_MgcXSpnwWl4AiNft851kAIm3LGl6DJ5n0D8uEgACRfJM2el6lHKWtA9G9-TRZHhIhch6lB3EDorJjKpKbbJZIXeLIQInYTa2FvNl6qZUsNd7jeIJROToUxn1tICuLQNk9wZt_wDLHxqylYWvY0tFiDNc3OcxXfcv7Uh_HBXzzEdC4kyFUY-zvbvwIb44IVHJkJXzeAsXcN1VTG0gnGSvS8ZLRYYi_gc_Nrg1kfa2Dn93Y3tdrX8rMLpC0r9dQVFz6558IEB7ebWsdvKSE2jYQUPPC_Hx8gKLz2YPhFSkH7HDqvIHRWSzZ1NmSJTSUujt54yWyFglmlSTnlpcCYuV28BgFnX6Iuryxjo1rzGWDhJliKTxXL50L9fa_dntE9Dsfn38xQBlhlcBdFwLmVYN6OJyAg5oQnlvfYPaMA9B4ANiud12UPG4j-nFu3WEnvlFJxhh3tRyXCvnYR5os559Qu1xLrtBddm8JXTB22SOx6oD6lVu27ZavS0tuIaT_ovnYJgidszhvnECWSkrD7O7jhMYGLbvG0xfCM1sP7koWF-As4qhUWqUG-4udtpORvO-XJheWE8iDz1KfJZZM64A8lSdfs0eE2jZ6ilJYIRlz4KqztJ_Zkk50RUSc3KVIW3eBfYL2xEKjOxhtxL2V8vbAlX5tm_mfd54bWwIaXH2wgKh4OLb22FwRCnCyemO6RU5YXIGEBmfuF1_VtDRdPRLrBAyv5fW_OxLfITh0U1V-LfOtJVgWprc3tfzly1URjTXbnTwLHD5xtb83gYcNUygsWbC_xsI8hr4-fYVtBXfZUEwLBXiYvwfqlHxHb4VTnCFG5xtaITwqNlQksH5tX8Yu3Egaf_OehiNiSKmBelTJdjrVoU7J9Sds7yiMf3NNggzqfUHMBcBJxzdOxsYB5CHbMuoQr7n4IbuOYhcHTNcJZ-N1y1j24zuSqdZFLchjH9Irgb_OL0riEp6l7bW3gGe6L7dpmTNVqqMYy7Mxj66uqZ4S7kQ1cr8XzfN71GW_BzRWIMgEzdrfjAB-qsS-g_8scqE2j6yR_zcRxZcP1G18r_emDWOe6Th4optWTCeHMDNltGmP6ydt75gQvaNCWT1v-CY2rNLpU4IEqohDXNncc0oK3AngQ5_GfkG4h15bEVdx9V5wuhYq1bRm2d5lEC33PdlJZTb01PsZ1W8tSV8a8rSt0eNtuMmCrANRu97_pr7xW70chN5yoa2CHl6RsendtnLsa1Fo8sIwA_xUjCmmUvkA-EZ2SzafmJ0G9y9zjwUPcYCTOAxPLVXI4SBLXdBTxRB1OmDm4ltQvnvQdLPInBR_B1gWHYxPyj0SW0nZyqMXZ6GQ5XuFQoj3ezNnQZAc9dkzDnqNuS9DUqttTc3W6yBkVasZdUjpv_hgDBf0sVOYHfz57BQKod9OaaHhur8z7rYqnzVU-IyjWkDnH09dJ7OGgohElS4Ajb3YEAnD6Knm27Yy5G5bvapt_qP-m_xa78EjKUVYOuLXPICzI7ZoJ8sQh1D1kkuz1-PEpEipHQW_xUDRz6fZsoWjah3c_GRkNCeQMkN53ZHqN4wxFPA5EDpJTadR4lCmhlNuMoZIWBd7a2ds7mlyebGeY789xP6Oz5MGnIy-NryHvToDkFuTTbzUMIVi4XxO3rzgAEhFoloFvKvL0UhszveHgI9no8g4n-TofO1Vxh3ajVfBiBD3iyLEzYUiSMqk17g8vqKhYcysQneAl5zJohiGVtL3f8oqnWMh0blc6V4V0kg-Rb-2dViu42pyD_8-tBUD-PnpZWtivNDO8IcnEvOz05PpS1MtHewAt1HHvOOXhOvg-yKr_i6sp5rPo4AbKTdetOnUQU9N4QfbCrLcXiwnZys4lyHCsalfcwWTMbo-bQBHtR8tek56mvgrA4UFsZmPSKbKYIxZXgpKe1DceDPUSl75-HoCf3JZdjnQB_3sEelrYSgJSZKGSh679AxLPPQirmetk8uZyiuqE-q9qQ2rn5IKESU1zdcDDwGW3llHF3CCiwj74MstJ0K5gR7-0bN817tbtjaYz0CBBFl-9m0Djjv7rhqYAiqg60xItfKJ2qWznzJdon1YK8iDz965LTOZ9OjWA6tdqKMTgyF6zYDzwcvqT_hld-hgYQX1BQ8lW1xriuWBr6cLcut54L_Esv5cyefyuCwhvBDIcfU2_nIhtz6uVPJoy96CK1Fqhtht09JkDb_9SRFDZmeJc3mJyTxsiZ_vXBUty34llg6bhtv39j67p8qTVgm2LnNJFncUlNGsaC0MEJdSc9rzxl1MMLIe9ec8Wu64zajjE6rAV6eo998GSsAodov-bwFh4qs5w1jrK961jlqU4fFBf4CCRs87fs50wE3xFzxJUadVZA2rLQcec20iuX4ne0FQ42ouji13NClniJ2BNOqDRibiVwxNpHZuiJhxrqpjL6y7qPU0&cid=CAQSYQAvHhf_2xGYszWXeN_7SMroRJHwhC3ogGUyagm4BX1RZPpU1W8lpzwYBbYjdbKMxdfftFHtrEQj-3BNf3CexXU4HfGNIfrNDrOU-5X2buLkOdMYqraz0dcUtRoPTE3SVjUYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcelebwell.com%2F&ds=l&xdt=1&iif=1&cor=18068237563565220000&adk=3944675603&idt=342&cac=0&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f7b7ba3dcce4cfc079941906205338b5101e841e9c9c715c4389ccd0408935d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39532
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F32D 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70674428&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:54 GMT
content-length
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame CD5F 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
Origin
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:46:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69556
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 20:46:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame CD5F 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVCEtrqaRWAybe76qyhp1xKJCND7819vpFRp4oY0OWTkaVl_EPd4Yrne2MDVsvctNW0XCGggmBCys-sOu6P-cy8W4X5sL3idebEpk8OUPiTUUPKIy3k8t_77k_fbjnyjNZFAz8rrVS9PAQZvDu0qbiewchcvIitDZu2Mf-DnhhKfga_pE&dbm_d=AKAmf-BGwxa7-MsOhpK_sMeLKLI1DHSdrLz1YHycHpbp2fOde5DIET_MVSPfCl40klcNIPjmESK3o65iSVeUDjw_Vul8tPgb2mVefa3OPZnFI94eelI5yuM6HiQYqC6tQ9Da64oP_-VAdK_qIidhvKq_CguobvRT4I1eTUEeWBLXViCpLspPiaZIjzpXOEJQH_Jl57c8_Y-zf_4nvlVk0kBjl_nPzRf88JDTcaAaYPvs8xybK8qVKrzWUYh3TedJjKCXDBvh8HxKKA3gUyQPrPkMcqf1K52P-HZWwKt5jcMHeHmulDrEQvLN7NoaoWe19HIZJ56rRbgBen_QlfGvUlTJ7eYNlswH33PrPPwY0ckoVKc5TuXhhkTFxib42LKUCDWPo7NHxOL4RnNBf4DEpNLOHBcM43_oOVNQj32FBqcfnQRmbbxXpCLJOdWWvaCMHB5jhymv2HBKFGUcdkkbBfLa5JiVa2NPDNUmk59SkXtXI1NvmE9KXdPxRhXfqfG2QU8ILH7cqVe2x6M2dq0Oj1OWIteRsH_7ymY29wsfBCkSyHW0ovtA3tyyi6JQQ9GIv_ItGpzywI3rIFxLYx8lmXp8KOHlgiVliSzZaKXVFjYBURTirwJqFHM1hyKykoDbJ93dVIuR0rY54ASl4aEak2YBH_7Ib3L6Z8R2GmnQqIrOIbEEphQTkZbmIE90n6z5ASuT2hECmYMiK1T6mzdTMouIlvsZEZmnlNNDssSNORMlF8yUhVig1qGa61AXAypWRyg3muIbXFRjkOov18LlZFSzEGQPXOo3nj17JkCwTjuDO65W2Hl2_yCFvWprpJ9llKAmR106iWIVPhUZN89APWmUHqnZ6ToMKvzBpiUA7qNMlsxrsffUeGlhMnAGnf7g0PtAVWJ2TYMgbmiB3tLBbYIA-qsduolHjSHnorgRJLCN-FuiNA67hzuEVXMoC_05MCq_HBZ1rCF5JWXKWjAEz9cMTPmsBXTLPp391SL9Ee0kVjlaZVLjgH4j53XIh-YaHNLVBxgdeouNdxB1R8FOrTHlq3vtSym0XLYhHIVwIwdmgygg1nOU353k2rK7NYabbGAKc0nfkrDTDKzGvMZ2ENvAzNBsBaXAItMjCWAs1xGK8y--0DDO7CZ5qjBFZ1JJ07QHuzCxZxXJOh6TtmMzPqxmJRc-foA0YHmj_GaR9FHxR_N08OBCtdQ0reegOX3-d57RbqzE7zE6dGGzF7k2siQdPFRDjK6SZVkaU0XaSOrKC9xNgCDclBSnoVPzWatOTgl7i6RxUjQEe9LSMP4-Lyzkq4U_YOB-HqS-TCqE5awitCXj7e98uvpD4o2kkTrnbJ2Ah2bBVg9QWGaScrHvu45Y9tbLGzM3nvGc4t8kx-PKHjGj17x1MiWMYT0UtkvFkiyXwM-Ry72YaL1lB8YwCpKzC0AgfY9Vm-YaBgpgu_MgcXSpnwWl4AiNft851kAIm3LGl6DJ5n0D8uEgACRfJM2el6lHKWtA9G9-TRZHhIhch6lB3EDorJjKpKbbJZIXeLIQInYTa2FvNl6qZUsNd7jeIJROToUxn1tICuLQNk9wZt_wDLHxqylYWvY0tFiDNc3OcxXfcv7Uh_HBXzzEdC4kyFUY-zvbvwIb44IVHJkJXzeAsXcN1VTG0gnGSvS8ZLRYYi_gc_Nrg1kfa2Dn93Y3tdrX8rMLpC0r9dQVFz6558IEB7ebWsdvKSE2jYQUPPC_Hx8gKLz2YPhFSkH7HDqvIHRWSzZ1NmSJTSUujt54yWyFglmlSTnlpcCYuV28BgFnX6Iuryxjo1rzGWDhJliKTxXL50L9fa_dntE9Dsfn38xQBlhlcBdFwLmVYN6OJyAg5oQnlvfYPaMA9B4ANiud12UPG4j-nFu3WEnvlFJxhh3tRyXCvnYR5os559Qu1xLrtBddm8JXTB22SOx6oD6lVu27ZavS0tuIaT_ovnYJgidszhvnECWSkrD7O7jhMYGLbvG0xfCM1sP7koWF-As4qhUWqUG-4udtpORvO-XJheWE8iDz1KfJZZM64A8lSdfs0eE2jZ6ilJYIRlz4KqztJ_Zkk50RUSc3KVIW3eBfYL2xEKjOxhtxL2V8vbAlX5tm_mfd54bWwIaXH2wgKh4OLb22FwRCnCyemO6RU5YXIGEBmfuF1_VtDRdPRLrBAyv5fW_OxLfITh0U1V-LfOtJVgWprc3tfzly1URjTXbnTwLHD5xtb83gYcNUygsWbC_xsI8hr4-fYVtBXfZUEwLBXiYvwfqlHxHb4VTnCFG5xtaITwqNlQksH5tX8Yu3Egaf_OehiNiSKmBelTJdjrVoU7J9Sds7yiMf3NNggzqfUHMBcBJxzdOxsYB5CHbMuoQr7n4IbuOYhcHTNcJZ-N1y1j24zuSqdZFLchjH9Irgb_OL0riEp6l7bW3gGe6L7dpmTNVqqMYy7Mxj66uqZ4S7kQ1cr8XzfN71GW_BzRWIMgEzdrfjAB-qsS-g_8scqE2j6yR_zcRxZcP1G18r_emDWOe6Th4optWTCeHMDNltGmP6ydt75gQvaNCWT1v-CY2rNLpU4IEqohDXNncc0oK3AngQ5_GfkG4h15bEVdx9V5wuhYq1bRm2d5lEC33PdlJZTb01PsZ1W8tSV8a8rSt0eNtuMmCrANRu97_pr7xW70chN5yoa2CHl6RsendtnLsa1Fo8sIwA_xUjCmmUvkA-EZ2SzafmJ0G9y9zjwUPcYCTOAxPLVXI4SBLXdBTxRB1OmDm4ltQvnvQdLPInBR_B1gWHYxPyj0SW0nZyqMXZ6GQ5XuFQoj3ezNnQZAc9dkzDnqNuS9DUqttTc3W6yBkVasZdUjpv_hgDBf0sVOYHfz57BQKod9OaaHhur8z7rYqnzVU-IyjWkDnH09dJ7OGgohElS4Ajb3YEAnD6Knm27Yy5G5bvapt_qP-m_xa78EjKUVYOuLXPICzI7ZoJ8sQh1D1kkuz1-PEpEipHQW_xUDRz6fZsoWjah3c_GRkNCeQMkN53ZHqN4wxFPA5EDpJTadR4lCmhlNuMoZIWBd7a2ds7mlyebGeY789xP6Oz5MGnIy-NryHvToDkFuTTbzUMIVi4XxO3rzgAEhFoloFvKvL0UhszveHgI9no8g4n-TofO1Vxh3ajVfBiBD3iyLEzYUiSMqk17g8vqKhYcysQneAl5zJohiGVtL3f8oqnWMh0blc6V4V0kg-Rb-2dViu42pyD_8-tBUD-PnpZWtivNDO8IcnEvOz05PpS1MtHewAt1HHvOOXhOvg-yKr_i6sp5rPo4AbKTdetOnUQU9N4QfbCrLcXiwnZys4lyHCsalfcwWTMbo-bQBHtR8tek56mvgrA4UFsZmPSKbKYIxZXgpKe1DceDPUSl75-HoCf3JZdjnQB_3sEelrYSgJSZKGSh679AxLPPQirmetk8uZyiuqE-q9qQ2rn5IKESU1zdcDDwGW3llHF3CCiwj74MstJ0K5gR7-0bN817tbtjaYz0CBBFl-9m0Djjv7rhqYAiqg60xItfKJ2qWznzJdon1YK8iDz965LTOZ9OjWA6tdqKMTgyF6zYDzwcvqT_hld-hgYQX1BQ8lW1xriuWBr6cLcut54L_Esv5cyefyuCwhvBDIcfU2_nIhtz6uVPJoy96CK1Fqhtht09JkDb_9SRFDZmeJc3mJyTxsiZ_vXBUty34llg6bhtv39j67p8qTVgm2LnNJFncUlNGsaC0MEJdSc9rzxl1MMLIe9ec8Wu64zajjE6rAV6eo998GSsAodov-bwFh4qs5w1jrK961jlqU4fFBf4CCRs87fs50wE3xFzxJUadVZA2rLQcec20iuX4ne0FQ42ouji13NClniJ2BNOqDRibiVwxNpHZuiJhxrqpjL6y7qPU0&cid=CAQSYQAvHhf_2xGYszWXeN_7SMroRJHwhC3ogGUyagm4BX1RZPpU1W8lpzwYBbYjdbKMxdfftFHtrEQj-3BNf3CexXU4HfGNIfrNDrOU-5X2buLkOdMYqraz0dcUtRoPTE3SVjUYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcelebwell.com%2F&ds=l&xdt=1&iif=1&cor=18068237563565220000&adk=3944675603&idt=342&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 23:43:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
58918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Jan 2024 23:43:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame CD5F 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVCEtrqaRWAybe76qyhp1xKJCND7819vpFRp4oY0OWTkaVl_EPd4Yrne2MDVsvctNW0XCGggmBCys-sOu6P-cy8W4X5sL3idebEpk8OUPiTUUPKIy3k8t_77k_fbjnyjNZFAz8rrVS9PAQZvDu0qbiewchcvIitDZu2Mf-DnhhKfga_pE&dbm_d=AKAmf-BGwxa7-MsOhpK_sMeLKLI1DHSdrLz1YHycHpbp2fOde5DIET_MVSPfCl40klcNIPjmESK3o65iSVeUDjw_Vul8tPgb2mVefa3OPZnFI94eelI5yuM6HiQYqC6tQ9Da64oP_-VAdK_qIidhvKq_CguobvRT4I1eTUEeWBLXViCpLspPiaZIjzpXOEJQH_Jl57c8_Y-zf_4nvlVk0kBjl_nPzRf88JDTcaAaYPvs8xybK8qVKrzWUYh3TedJjKCXDBvh8HxKKA3gUyQPrPkMcqf1K52P-HZWwKt5jcMHeHmulDrEQvLN7NoaoWe19HIZJ56rRbgBen_QlfGvUlTJ7eYNlswH33PrPPwY0ckoVKc5TuXhhkTFxib42LKUCDWPo7NHxOL4RnNBf4DEpNLOHBcM43_oOVNQj32FBqcfnQRmbbxXpCLJOdWWvaCMHB5jhymv2HBKFGUcdkkbBfLa5JiVa2NPDNUmk59SkXtXI1NvmE9KXdPxRhXfqfG2QU8ILH7cqVe2x6M2dq0Oj1OWIteRsH_7ymY29wsfBCkSyHW0ovtA3tyyi6JQQ9GIv_ItGpzywI3rIFxLYx8lmXp8KOHlgiVliSzZaKXVFjYBURTirwJqFHM1hyKykoDbJ93dVIuR0rY54ASl4aEak2YBH_7Ib3L6Z8R2GmnQqIrOIbEEphQTkZbmIE90n6z5ASuT2hECmYMiK1T6mzdTMouIlvsZEZmnlNNDssSNORMlF8yUhVig1qGa61AXAypWRyg3muIbXFRjkOov18LlZFSzEGQPXOo3nj17JkCwTjuDO65W2Hl2_yCFvWprpJ9llKAmR106iWIVPhUZN89APWmUHqnZ6ToMKvzBpiUA7qNMlsxrsffUeGlhMnAGnf7g0PtAVWJ2TYMgbmiB3tLBbYIA-qsduolHjSHnorgRJLCN-FuiNA67hzuEVXMoC_05MCq_HBZ1rCF5JWXKWjAEz9cMTPmsBXTLPp391SL9Ee0kVjlaZVLjgH4j53XIh-YaHNLVBxgdeouNdxB1R8FOrTHlq3vtSym0XLYhHIVwIwdmgygg1nOU353k2rK7NYabbGAKc0nfkrDTDKzGvMZ2ENvAzNBsBaXAItMjCWAs1xGK8y--0DDO7CZ5qjBFZ1JJ07QHuzCxZxXJOh6TtmMzPqxmJRc-foA0YHmj_GaR9FHxR_N08OBCtdQ0reegOX3-d57RbqzE7zE6dGGzF7k2siQdPFRDjK6SZVkaU0XaSOrKC9xNgCDclBSnoVPzWatOTgl7i6RxUjQEe9LSMP4-Lyzkq4U_YOB-HqS-TCqE5awitCXj7e98uvpD4o2kkTrnbJ2Ah2bBVg9QWGaScrHvu45Y9tbLGzM3nvGc4t8kx-PKHjGj17x1MiWMYT0UtkvFkiyXwM-Ry72YaL1lB8YwCpKzC0AgfY9Vm-YaBgpgu_MgcXSpnwWl4AiNft851kAIm3LGl6DJ5n0D8uEgACRfJM2el6lHKWtA9G9-TRZHhIhch6lB3EDorJjKpKbbJZIXeLIQInYTa2FvNl6qZUsNd7jeIJROToUxn1tICuLQNk9wZt_wDLHxqylYWvY0tFiDNc3OcxXfcv7Uh_HBXzzEdC4kyFUY-zvbvwIb44IVHJkJXzeAsXcN1VTG0gnGSvS8ZLRYYi_gc_Nrg1kfa2Dn93Y3tdrX8rMLpC0r9dQVFz6558IEB7ebWsdvKSE2jYQUPPC_Hx8gKLz2YPhFSkH7HDqvIHRWSzZ1NmSJTSUujt54yWyFglmlSTnlpcCYuV28BgFnX6Iuryxjo1rzGWDhJliKTxXL50L9fa_dntE9Dsfn38xQBlhlcBdFwLmVYN6OJyAg5oQnlvfYPaMA9B4ANiud12UPG4j-nFu3WEnvlFJxhh3tRyXCvnYR5os559Qu1xLrtBddm8JXTB22SOx6oD6lVu27ZavS0tuIaT_ovnYJgidszhvnECWSkrD7O7jhMYGLbvG0xfCM1sP7koWF-As4qhUWqUG-4udtpORvO-XJheWE8iDz1KfJZZM64A8lSdfs0eE2jZ6ilJYIRlz4KqztJ_Zkk50RUSc3KVIW3eBfYL2xEKjOxhtxL2V8vbAlX5tm_mfd54bWwIaXH2wgKh4OLb22FwRCnCyemO6RU5YXIGEBmfuF1_VtDRdPRLrBAyv5fW_OxLfITh0U1V-LfOtJVgWprc3tfzly1URjTXbnTwLHD5xtb83gYcNUygsWbC_xsI8hr4-fYVtBXfZUEwLBXiYvwfqlHxHb4VTnCFG5xtaITwqNlQksH5tX8Yu3Egaf_OehiNiSKmBelTJdjrVoU7J9Sds7yiMf3NNggzqfUHMBcBJxzdOxsYB5CHbMuoQr7n4IbuOYhcHTNcJZ-N1y1j24zuSqdZFLchjH9Irgb_OL0riEp6l7bW3gGe6L7dpmTNVqqMYy7Mxj66uqZ4S7kQ1cr8XzfN71GW_BzRWIMgEzdrfjAB-qsS-g_8scqE2j6yR_zcRxZcP1G18r_emDWOe6Th4optWTCeHMDNltGmP6ydt75gQvaNCWT1v-CY2rNLpU4IEqohDXNncc0oK3AngQ5_GfkG4h15bEVdx9V5wuhYq1bRm2d5lEC33PdlJZTb01PsZ1W8tSV8a8rSt0eNtuMmCrANRu97_pr7xW70chN5yoa2CHl6RsendtnLsa1Fo8sIwA_xUjCmmUvkA-EZ2SzafmJ0G9y9zjwUPcYCTOAxPLVXI4SBLXdBTxRB1OmDm4ltQvnvQdLPInBR_B1gWHYxPyj0SW0nZyqMXZ6GQ5XuFQoj3ezNnQZAc9dkzDnqNuS9DUqttTc3W6yBkVasZdUjpv_hgDBf0sVOYHfz57BQKod9OaaHhur8z7rYqnzVU-IyjWkDnH09dJ7OGgohElS4Ajb3YEAnD6Knm27Yy5G5bvapt_qP-m_xa78EjKUVYOuLXPICzI7ZoJ8sQh1D1kkuz1-PEpEipHQW_xUDRz6fZsoWjah3c_GRkNCeQMkN53ZHqN4wxFPA5EDpJTadR4lCmhlNuMoZIWBd7a2ds7mlyebGeY789xP6Oz5MGnIy-NryHvToDkFuTTbzUMIVi4XxO3rzgAEhFoloFvKvL0UhszveHgI9no8g4n-TofO1Vxh3ajVfBiBD3iyLEzYUiSMqk17g8vqKhYcysQneAl5zJohiGVtL3f8oqnWMh0blc6V4V0kg-Rb-2dViu42pyD_8-tBUD-PnpZWtivNDO8IcnEvOz05PpS1MtHewAt1HHvOOXhOvg-yKr_i6sp5rPo4AbKTdetOnUQU9N4QfbCrLcXiwnZys4lyHCsalfcwWTMbo-bQBHtR8tek56mvgrA4UFsZmPSKbKYIxZXgpKe1DceDPUSl75-HoCf3JZdjnQB_3sEelrYSgJSZKGSh679AxLPPQirmetk8uZyiuqE-q9qQ2rn5IKESU1zdcDDwGW3llHF3CCiwj74MstJ0K5gR7-0bN817tbtjaYz0CBBFl-9m0Djjv7rhqYAiqg60xItfKJ2qWznzJdon1YK8iDz965LTOZ9OjWA6tdqKMTgyF6zYDzwcvqT_hld-hgYQX1BQ8lW1xriuWBr6cLcut54L_Esv5cyefyuCwhvBDIcfU2_nIhtz6uVPJoy96CK1Fqhtht09JkDb_9SRFDZmeJc3mJyTxsiZ_vXBUty34llg6bhtv39j67p8qTVgm2LnNJFncUlNGsaC0MEJdSc9rzxl1MMLIe9ec8Wu64zajjE6rAV6eo998GSsAodov-bwFh4qs5w1jrK961jlqU4fFBf4CCRs87fs50wE3xFzxJUadVZA2rLQcec20iuX4ne0FQ42ouji13NClniJ2BNOqDRibiVwxNpHZuiJhxrqpjL6y7qPU0&cid=CAQSYQAvHhf_2xGYszWXeN_7SMroRJHwhC3ogGUyagm4BX1RZPpU1W8lpzwYBbYjdbKMxdfftFHtrEQj-3BNf3CexXU4HfGNIfrNDrOU-5X2buLkOdMYqraz0dcUtRoPTE3SVjUYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcelebwell.com%2F&ds=l&xdt=1&iif=1&cor=18068237563565220000&adk=3944675603&idt=342&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 01:43:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
51724
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 01:43:50 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame CD5F 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
180998
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 13:49:16 GMT
truncated
/ Frame CD5F 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c420a769099abc36c66e703fd5b502e65d249c184aeeb3329098b921acacc3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 30EF 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
179115
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 14:20:39 GMT
expires
Wed, 18 Dec 2024 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 30EF 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:18:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
20860
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 10:18:14 GMT
index.html
s0.2mdn.net/sadbundle/17122347991386657747/ Frame 7E8F 		18 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f6648911501352bf0e79f1411672eceffdaf674acc6cbd375a3475d79a86ecc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
501143
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4497
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 20:53:31 GMT
expires
Sat, 14 Dec 2024 20:53:31 GMT
last-modified
Fri, 10 Nov 2023 09:28:21 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame CD5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuiWE-mjGd6f8x8A0XglQ_-uLBtoCi2v1sm5tiL2HR5MVfu1iVHCeTFPqCDPr8KKi3oLuWfa-NlaeN7DSpkJEkFSxx0WaTXUneCm_mzesmr_JE8ZMGDTLBFsAjLHvgWgOfZlzKD7J0ShAF7nV9Y_wyAoSLw19mS-PyHj0LEfbtmRlfg7JaqbdhAhB2ceVRUOesldgx6O0dKg4U_fzd4AhDCj6_UH-zpmqwXa77CTCLguZe-YljDFvxS3xuoIvFXuv7jjSU0q1c1JzqvypY_J4gSuRqWi4I6wZB1LRi-WEPikjpITJxgCVfpmE2JWFn1izGUjyt0gpCl3wR2axwoiZuWotZ0wEkRvXm5o8ZVyzGPHDb2XQrH6p-OtZguqWCJrQeSjtanA2SclB-W18J1hTSj1VGN1lIvPzRwlmz1fTd2WWyDr-I1AR5wDhD59XCU6y2ZwDBXoIp2hFQG6_pJ3JdSGGbrnp1T4eBNXdhDp9rD_6D7cE6z3fRp3BJctSGMiHXu3hf4uq4_tnIqWgbObsKINDR2J2y4i2gb15hlulCSHlCjOrhL4uS07wU6SdM5n1Nc_z14akA2pi45nJl2QG44MQ9A0Q0IioqSL-eVcmxxFqzlvLhQbsjNWmP1OgkzNhueBURBTyMIfqTjFrO2xbNjorSUaJ9UalFQVhKnAyWRM82yCWckB31I6OPspo1hvMeoRVknVutcUgqNnhOAS2J6FCutOINqMt6joHDuBZ81q9mc6o4kCUvzsoJeBUwsI1Xz7dZLmyypwubvgMQeDiFk6UnL0Exi_tAtrqmPSzsNYt1nNpeip3LLlQ2utCf5V2RjNSzXhDRnPbRrINQZz3p12xqBzbRsKaQcsitOkkVbhW2SyMlH7zT6p23GNm60e4b8DavHaSeZVabDC3f90sH_hZ7-RboLnuHMOnjsTKUuxIpGw6EzMYdmCg-peMmp4E9FKceprLg0nw347VJ6H_699o_me3aRwzateuecl7wd-9OQvt6qKcg0Ixvh0Crv9PNiN9Bqvs6qyv6U-peXrUYZQDf85vzKA4ZMgsTBNUVc4Pw6QzJGnzFYhxr9WZhtII3NeW-qamFiFd3kKKhlSa6rGhb2hWyMXVvi1OU53FUtkHXFHOHiXMVEm_BcqLjLrDScxSVlnUR21SlMvnjIls07k3u2OmXzbGIuMekb48orAgYI4O-LkWgDl9_FaHFqEtsG-zfjO5prBl1j6QjsKmaeHCqt8UU19WcoGd97306U7-MGIjEcS9eQYHEvwqxjCFwYwwOhUdqeRCvo8T4ewMcR3h4GqlufVHvr5NHJ72HVeROWrEfm0kVFpV9nd01BBV-fY9JF4SheeC4vPOdSz-qm-AiDaATHxDWiPMSbyoyqg95C2U6znzk96rELq76MQaaKKgKSiZZ4cj2rVMEFB9VUXwXCgxuwfBy_vX7Gs-tFRJmxDIKap9qGze53Og2EOcspev850qmQJdh7tk5akrvgW9zFmb-k&sai=AMfl-YSddzkO7XSIV7OpJVUVMHBc0L1QwgoyeRKAV7gsJkeh_40BC_17e-ABL-UnCMRONz6Pn0bYq6vL1PA09tTQPfLA6dbjy_G8z9s-MSGPkpI2HyPRt1cueUeLNemYVGUO7nfz907II8FG6-r78xCLadaFhYtl0OfLH-42aee_sLV1m9TZGD9EtX3qkzt5GLGDBdOD2St1bpEPoIO--r7nKGm08OPhUVJBzEPtuS6hQAoaEh0urrLlJ9xVMv2DVOMmt9h0Ll1jljaqIGm7Dg1OOEvnHNaeZBrDw9KADjHov25XN41z7zHr2eQLwz5KqH2rn1ZK9EYrQI9kfwwI3QCOy9DABtCh33EE0sM76feSk-pdEkmeACKr7MfaHCp81S1Aiw&sig=Cg0ArKJSzIHxiynEygwdEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=258&cbvp=1&cstd=255&cisv=r20231207.11082&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 21 Dec 2023 16:05:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=4239129592596165&bg=!1tWl1ZrNAAY3kmNgF5I7ADQBe5WfOFRUrFU_v6Q2VrtYZ5ngURCkAt2C0JYxvLcwWT1t1s77F6Xxa1PqATmxzkka-uNQAgAAAGRSAAAAA2gBB5kC-PR0sYZ-6OVksKItOJhWipnfdJa-UDgwxQ8F8xv_oNwSfjgLgyD-k2uedl1gnte2aBMpz477PdpHyrEAW9znz4QxjgoYY6rcPNtx_6QO28yKGgbqYBUcC4_JqSlWPjXS005SG4CXWPkV78DX_T2bdK40SQGSxBGnl69o0z2zG2Gs6Rd8CZLV54T231GlkjnSxWDFeMsrb75Jml5CqIZp1GhOyl7wg-HAKPSRijW-D81iOfuDvyyssbjYMr29uMeWKnAo9vS84TZkLN0LukLZh9guNQaWJJXc9mCHeZSouR97Tn70W2NNwyCpwWdu_VisZnaKelPTImUXXIS9B3LeIEdyyYf-rKzNuejjtHr0R24hz2bji4FXuO6GmkPpVraRQeEb41OdLLDNb2UeedObgWMGzaBCHtOGhvWk_NeQmx_V0u4oEfOhsZbgR1yC2axvZNHXDg7e7cjaiE2Q1b-2DqSGvWgW99ixg-Avo8N9bIdSJNH03ke00NI825KiOKuYQnivrvSUeWLJuFFFVzHiX-bVnYCBCrQbbKrepZ3OdyTLEVYUwkyY8j3eFfLha83g9iFFaRY_kKpq64RfMcmTbYOnhc3TFze0GV0py_3SVlBkkL1j6E0pkgR1d-epqItiHg7D30X-nAOA2Z_x3_35SfB9sRTMuW22fOq-h92MpsM3qpeW22N9lBClH4abT-Aepg0_kht3KDMPpRfaeIg12LvSPs2Ehk3yMe6QnDho6DRBmIPz678obOHubixhQfd_YsYst0Ooq0p8PCX1IOfUabVNYKsnsA5TUjB3XtGjdJ6ER0l2b8QdzihJszyZPKHq4oXfGPhhdn9FNlKdtkp9SiBoMngNWfdHt55IFRBkDOtbHmIazy3k8HTQ3SP9dJG_MQ2e9U2KtnYGUmQmXLWYWNfpSeq72iAkM9pkVQuhtFsKBPbbYfyHKOC4-ENiappN6IKJv835aFWHBdiGJwZwGHuABG-aHBNRXC4OGkizCmW8Ztyiwxh_wW8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 30EF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BERDkYWKEZfyvNra5juwPuMqdgAYAAAAAOAHgBAI&bg=!T0ylTAPNAAY3kmNgF5I7ADQBe5WfODxySAnqcriU7LlVE9jSJpq4OIvOk2uvCigKd5oYCL0CMYfzq2hbg5hOKJEMQYj_AgAAAFRSAAAABWgBB5kDOiFSZk7iwnKy9PHm0EGGGm4ELXI1IH_mf3-67BCqD-3bVX2rCtZwtXaS2zgctHDPTTBtH21geMeskdyhvyPPVtqpOCIS71RgxHj2WB2n77x13fiPtOKVd1L9_FChqsQBtH9QdCbidPMG9OJDvMZKkY59H4uYJPicvozaAgm2tC5LmJBjqDT1lRyef1BAFZN4gwobpzQGU1ExQCTHnHM3RKSc0dXvuzIQedyBJj8oGhvIwZOCy_nFYpOKQY4QdnDu53qPET3Zb6w406nQJNMG7cI_1ncbWZJTeftCF2foiQMRB1N4tMTi5hx9TZNWCQEFf3WNCz2TQftNeivGnRrwPmX2WTTr2_ny4cpKD5yRvz0ZpKd1XepGDEv9H_Rl8HGxIZQsA7qQG4T-8jzWfAEcO5ZxXz8Lz7rbiYvshLGUhuEYeEw0rJ1VX91Nl8RGNIu5lG_ZatdLPkHnTL2tInTmLZLR9KJQnjH6csmy3qCGw0YLux6KVw0crV1mHawnSkcCIGupZ_miURuDO3wmtK5yve-NHy09OsFFDcMBodY_OCJB_rfDs8mhiiHcOZMgJkIUGjbuW3XNYRznGkDpI-2wmIVLYmNKKMJ1OHX96affPHKXyvg0PatXvaLhvR0a4r2RY6gVItPqsBmiBAABat4HQBzvh36iXvZ7m8DIl0zk7EildeIkP68tN05zDW7yh0_IdMwOq6hTLy8pHlyuj855Y9LKtskPYRPNTI_dXAK7YEf9LkLQjNNG2IXOtDAe5pSSDvjAJGNGLpySmQAKc3Ng_ZgTj_sLYtIaG_fXpNp96Wp6fE0H2m0PnfFihTJaaRYFull8dlCgA4gKM_a1JEcYvTlB-_XL1GAnzTwW-dy1yoCxTbAaj6ss8B1h70paKAFEBch73YSnMawm4u-KocGMVinlntgfZOC3weQ_hpo5Gqfim4A09Y8WL-eKxOLuL-76P4dCUyNm5FkEKxwHAf2hQ7LjMlyw2QodNp6UYL5k7Kps653VtxpW5aWxZ2VUODtRRAykX3d8wxBYYjZe4eYMOlb0SzDbTbBksZ_9WHL8z4m4QaNnHQp2f1OZmoxtm4w7gseF1eUXwbvjNjo
Requested by
Host: 670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com
URL: https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
25d28f68eabd55c2c93cf17349952126.png
s0.2mdn.net/sadbundle/17122347991386657747/images/ Frame 7E8F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17122347991386657747/images/25d28f68eabd55c2c93cf17349952126.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3aef16120f28270aacaf40870f473491be681f8a59d844ffbb90a6ba24b5442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 10:43:54 GMT
date
Mon, 18 Dec 2023 10:43:54 GMT
x-content-type-options
nosniff
age
278520
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3327
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 09:28:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
08eb7e578603921dd151e5f4c95cf761.svg
s0.2mdn.net/sadbundle/17122347991386657747/images/ Frame 7E8F 		1019 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17122347991386657747/images/08eb7e578603921dd151e5f4c95cf761.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
030ed21d081bfc4198fb60986d7048e797e3ad280a115cdcf3b35ee53226937d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 18 Dec 2024 06:00:58 GMT
date
Tue, 19 Dec 2023 06:00:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209096
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
560
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 09:28:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
8a34fe5f555bc2015e3c6553e0f3d01a.svg
s0.2mdn.net/sadbundle/17122347991386657747/images/ Frame 7E8F 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17122347991386657747/images/8a34fe5f555bc2015e3c6553e0f3d01a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4120daa45b3292ce48b351137e02bf33482d184cefa023e0ddeb5b27aef10ebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 18 Dec 2024 08:54:25 GMT
date
Tue, 19 Dec 2023 08:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198689
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2849
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 09:28:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
13a5f6605bacf730d7a6727313e8eb76.png
s0.2mdn.net/sadbundle/17122347991386657747/images/ Frame 7E8F 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17122347991386657747/images/13a5f6605bacf730d7a6727313e8eb76.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a181c1a918370f223beca0b1fdc7f929228944852bf19082ba06af9dfd481f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 20:51:05 GMT
date
Mon, 18 Dec 2023 20:51:05 GMT
x-content-type-options
nosniff
age
242089
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15466
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 09:28:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
3d68a26de213f18d9bb4300d70c38914.svg
s0.2mdn.net/sadbundle/17122347991386657747/images/ Frame 7E8F 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17122347991386657747/images/3d68a26de213f18d9bb4300d70c38914.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fe7554cd67a2912fd158eb0a5cc8fae49e6028b12d360f0c6be8a38ff2a5c13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 15 Dec 2024 09:29:18 GMT
date
Sat, 16 Dec 2023 09:29:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455796
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1890
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 09:28:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
090f381c5aaa81205ad27bc5ccca1e2a.png
s0.2mdn.net/sadbundle/17122347991386657747/images/ Frame 7E8F 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17122347991386657747/images/090f381c5aaa81205ad27bc5ccca1e2a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a10f11ad6d5a96e398b1b883b20931df0a99c6dea5de9f16385a8bdeea6e1849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 18 Dec 2024 06:00:46 GMT
date
Tue, 19 Dec 2023 06:00:46 GMT
x-content-type-options
nosniff
age
209108
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70364
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 09:28:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
123071ea6bc00b488858debed3be989c.svg
s0.2mdn.net/sadbundle/17122347991386657747/images/ Frame 7E8F 		365 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17122347991386657747/images/123071ea6bc00b488858debed3be989c.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19279b86b790e30a1a461073df60cab0eb27531f557a853a606b39fe15439e57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 18 Dec 2024 08:55:44 GMT
date
Tue, 19 Dec 2023 08:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198610
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
270
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 09:28:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
2d26b82406aa6cb74806ff08a99735a2.png
s0.2mdn.net/sadbundle/17122347991386657747/images/ Frame 7E8F 		457 KB
457 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17122347991386657747/images/2d26b82406aa6cb74806ff08a99735a2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f12ceb37f0af94011d64c0005380aab1bb42bc76b71f950fd30a610b37d4a0d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 16:08:25 GMT
date
Mon, 18 Dec 2023 16:08:25 GMT
x-content-type-options
nosniff
age
259049
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
467710
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 09:28:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
f257b540d2e789d1400922c4e1d88d32.svg
s0.2mdn.net/sadbundle/17122347991386657747/images/ Frame 7E8F 		355 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17122347991386657747/images/f257b540d2e789d1400922c4e1d88d32.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be45f23778b047b9d8755f40c19d8f534c8dda03f095a9d54b4d7326cf1a03f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 15 Dec 2024 06:37:05 GMT
date
Sat, 16 Dec 2023 06:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
466129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
261
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 09:28:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
1d576eb5cdf906af58512e1591408110.svg
s0.2mdn.net/sadbundle/17122347991386657747/images/ Frame 7E8F 		275 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17122347991386657747/images/1d576eb5cdf906af58512e1591408110.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dbefcda6adee5b7a27c53760fcf9fcbcf81aeda802e3714f5ec8671feed1c7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17122347991386657747/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 18 Dec 2024 09:08:26 GMT
date
Tue, 19 Dec 2023 09:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197848
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
193
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 09:28:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
view
googleads4.g.doubleclick.net/pcs/ Frame CD5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuiWE-mjGd6f8x8A0XglQ_-uLBtoCi2v1sm5tiL2HR5MVfu1iVHCeTFPqCDPr8KKi3oLuWfa-NlaeN7DSpkJEkFSxx0WaTXUneCm_mzesmr_JE8ZMGDTLBFsAjLHvgWgOfZlzKD7J0ShAF7nV9Y_wyAoSLw19mS-PyHj0LEfbtmRlfg7JaqbdhAhB2ceVRUOesldgx6O0dKg4U_fzd4AhDCj6_UH-zpmqwXa77CTCLguZe-YljDFvxS3xuoIvFXuv7jjSU0q1c1JzqvypY_J4gSuRqWi4I6wZB1LRi-WEPikjpITJxgCVfpmE2JWFn1izGUjyt0gpCl3wR2axwoiZuWotZ0wEkRvXm5o8ZVyzGPHDb2XQrH6p-OtZguqWCJrQeSjtanA2SclB-W18J1hTSj1VGN1lIvPzRwlmz1fTd2WWyDr-I1AR5wDhD59XCU6y2ZwDBXoIp2hFQG6_pJ3JdSGGbrnp1T4eBNXdhDp9rD_6D7cE6z3fRp3BJctSGMiHXu3hf4uq4_tnIqWgbObsKINDR2J2y4i2gb15hlulCSHlCjOrhL4uS07wU6SdM5n1Nc_z14akA2pi45nJl2QG44MQ9A0Q0IioqSL-eVcmxxFqzlvLhQbsjNWmP1OgkzNhueBURBTyMIfqTjFrO2xbNjorSUaJ9UalFQVhKnAyWRM82yCWckB31I6OPspo1hvMeoRVknVutcUgqNnhOAS2J6FCutOINqMt6joHDuBZ81q9mc6o4kCUvzsoJeBUwsI1Xz7dZLmyypwubvgMQeDiFk6UnL0Exi_tAtrqmPSzsNYt1nNpeip3LLlQ2utCf5V2RjNSzXhDRnPbRrINQZz3p12xqBzbRsKaQcsitOkkVbhW2SyMlH7zT6p23GNm60e4b8DavHaSeZVabDC3f90sH_hZ7-RboLnuHMOnjsTKUuxIpGw6EzMYdmCg-peMmp4E9FKceprLg0nw347VJ6H_699o_me3aRwzateuecl7wd-9OQvt6qKcg0Ixvh0Crv9PNiN9Bqvs6qyv6U-peXrUYZQDf85vzKA4ZMgsTBNUVc4Pw6QzJGnzFYhxr9WZhtII3NeW-qamFiFd3kKKhlSa6rGhb2hWyMXVvi1OU53FUtkHXFHOHiXMVEm_BcqLjLrDScxSVlnUR21SlMvnjIls07k3u2OmXzbGIuMekb48orAgYI4O-LkWgDl9_FaHFqEtsG-zfjO5prBl1j6QjsKmaeHCqt8UU19WcoGd97306U7-MGIjEcS9eQYHEvwqxjCFwYwwOhUdqeRCvo8T4ewMcR3h4GqlufVHvr5NHJ72HVeROWrEfm0kVFpV9nd01BBV-fY9JF4SheeC4vPOdSz-qm-AiDaATHxDWiPMSbyoyqg95C2U6znzk96rELq76MQaaKKgKSiZZ4cj2rVMEFB9VUXwXCgxuwfBy_vX7Gs-tFRJmxDIKap9qGze53Og2EOcspev850qmQJdh7tk5akrvgW9zFmb-k&sai=AMfl-YSddzkO7XSIV7OpJVUVMHBc0L1QwgoyeRKAV7gsJkeh_40BC_17e-ABL-UnCMRONz6Pn0bYq6vL1PA09tTQPfLA6dbjy_G8z9s-MSGPkpI2HyPRt1cueUeLNemYVGUO7nfz907II8FG6-r78xCLadaFhYtl0OfLH-42aee_sLV1m9TZGD9EtX3qkzt5GLGDBdOD2St1bpEPoIO--r7nKGm08OPhUVJBzEPtuS6hQAoaEh0urrLlJ9xVMv2DVOMmt9h0Ll1jljaqIGm7Dg1OOEvnHNaeZBrDw9KADjHov25XN41z7zHr2eQLwz5KqH2rn1ZK9EYrQI9kfwwI3QCOy9DABtCh33EE0sM76feSk-pdEkmeACKr7MfaHCp81S1Aiw&sig=Cg0ArKJSzIHxiynEygwdEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=599&vt=11&dtpt=341&dett=3&cstd=255&cisv=r20231207.11082&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: celebwell.com
URL: https://celebwell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 16:05:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame CD5F 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4mSuajy2QD4uhOyKhUVbQbE_xZqV5M0cMxSD4OaiBKhoi3Rt5oMlu0BYaQ-kGlJf39ijqd0Dtpljrs5myXkcopoomF3o44SLnVz-rxWaxdQpu7yB4SBEIPE_NzH9_PEUwme8L0q5WlAbkEvreQgupRgiA&sai=AMfl-YS4jaeZoVYCkkKs3l1JHDGEl08czfHHoGz5X6ginFjpOqUkI7vci_F43BKWp_GnOuRWbb_sQT93QLffN2iZNpPdIL0YD4C6LaoWC52RStW5d5_aofVh8emJ_CpzA0YCu_b5B2EZmrra8pdE-1NCMuSbcWzgCiBG9_Lxxl77UvEN6g&sig=Cg0ArKJSzE-_db9dnFScEAE&cid=CAQSYQAvHhf_2xGYszWXeN_7SMroRJHwhC3ogGUyagm4BX1RZPpU1W8lpzwYBbYjdbKMxdfftFHtrEQj-3BNf3CexXU4HfGNIfrNDrOU-5X2buLkOdMYqraz0dcUtRoPTE3SVjUYAQ&id=lidar2&mcvt=1000&p=176,315,426,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=246799813&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703174753429&rpt=614&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD5F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1052062562146&version=m202309260101&ct=76&x=1&cor=18068237563565220000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 16:05:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture boolean| isLighthouseAudit boolean| isSlowHardware object| dataLayer function| lightboxjs function| lightboxlib number| width object| karma string| GoogleAnalyticsObject function| ga function| __gaTracker function| gtag string| wpParselySiteId object| galvanizedData object| webVitalsAnalyticsData object| _stq object| runtime object| regeneratorRuntime object| wp function| sprintf function| vsprintf object| wpParselyHooks object| PARSELY function| _typeof function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray function| trackLink object| lazySizes object| lazySizesConfig function| st_go function| linktracker_init object| wpcom undefined| $ function| jQuery object| DIGIOH_API object| LIGHTBOX_API boolean| SENT_LIGHTBOX_PV undefined| jQuery17107529651041875962_1703174750751 object| jQuery17107529651041875962 object| googletag object| pbjs object| globalTI object| apstag object| karmaService object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| headertag object| google_tag_manager function| onYouTubeIframeAPIReady object| _aps boolean| apstagLOADED object| apscustom object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| pbjsChunk object| _pbjsGlobals object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad object| ID5 object| __id5_instances object| PublisherCommonId object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_145 object| Criteo object| Criteo_identitytag_145 function| postscribe object| google_tag_manager_external object| bouncex number| google_unique_id object| webpackChunksmart_tag object| GoogleGcLKhOms function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie object| adServiceQ function| close_bouncex_ad object| google_image_requests

40 Cookies

Domain/Path Name / Value
celebwell.com/ Name:
Value: test
.celebwell.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://celebwell.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1703174750520%2C%22slts%22:0}
.celebwell.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=1a37cfc6-535e-4afa-af86-81e08063eb85%22%2C%22session_count%22:1%2C%22last_session_ts%22:1703174750520}
.lightboxcdn.com/ Name: _cfuvid
Value: VMLoDqQZna_kpMo0uWfKZlU6DN87zCfKq2HYHsStQQc-1703174750535-0-604800000
.celebwell.com/ Name: cf_clearance
Value: n9HUjqwrLYxMVHp5rtIzCLXZtdoetF8USnRaIfpvFog-1703174750-0-2-87e7c764.51568d8d.81c26492-0.2.1703174750
.lightboxapi.azurewebsites.net/ Name: TiPMix
Value: 35.36517506758419
.lightboxapi.azurewebsites.net/ Name: x-ms-routing-name
Value: self
celebwell.com/ Name: isSlowHardware
Value: 0
celebwell.com/ Name: muuid_origin
Value: celebwell.com
celebwell.com/ Name: muuid_source
Value: CLIENT
celebwell.com/ Name: muuid_date
Value: 1703174751955
celebwell.com/ Name: first_request_id
Value: f94c9b0a-7c6a-41c7-97e7-74c907130263
celebwell.com/ Name: globalTI_SID
Value: cf090632-3b4d-4f49-b94c-3749de1fa7d3
.celebwell.com/ Name: _gid
Value: GA1.2.905700640.1703174752
.celebwell.com/ Name: _gat
Value: 1
d9jj3mjthpub.cloudfront.net/ Name: cross_site_muuid
Value: 915388e4-2d32-5e04-9545-5c40eeaef6f8
.celebwell.com/ Name: _ga_37X3P54THV
Value: GS1.1.1703174752.1.0.1703174752.0.0.0
.celebwell.com/ Name: _ga
Value: GA1.1.1216795759.1703174752
celebwell.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.yahoo.com/ Name: A3
Value: d=AQABBGBihGUCENf6ZmDHHSt7iMozbGUkUGwFEgEBAQGzhWWOZeAJyiMA_eMAAA&S=AQAAAklx4CUJVbF66JdPo2Vz5LI
.adnxs.com/ Name: icu
Value: ChgI3el5EAoYASABKAEw4MSRrAY4AUABSAEQ4MSRrAYYAA..
.adnxs.com/ Name: uuid2
Value: 7167642707865891414
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: eb79ffdd-962f-47e5-bce8-e83b7a47cc0f
.openx.net/ Name: i
Value: 3dbca11c-f8fa-410f-95d4-c980e35a2795|1703174752
.celebwell.com/ Name: cto_bundle
Value: K-PnxV85VzA3SFRDUjF1RkVrWGtKeVFqSXU4Y1ZnQmVROCUyQmFiY3lmUGhVU0hDUk1QZFF1ZjVLaHpSM29JaG54aGc3Q0NOVUlJckNLVm5FaEU0ZTZEcyUyRnBnSmlPTUdMcjU2MTlRamJwM2ZwNGZtdGp4dnVnSnQ2N2tXUHJDYzl0NGQwZ2o0ZyUyQlR4JTJCSmMwWGU2MVVxclRmak9pZyUzRCUzRA
.celebwell.com/ Name: __gads
Value: ID=bb60a3962171d0b2:T=1703174753:RT=1703174753:S=ALNI_MaX5XIgxUoHVhxIkeSXjylku7WRHQ
.celebwell.com/ Name: __gpi
Value: UID=00000d257257c5b4:T=1703174753:RT=1703174753:S=ALNI_MZXddc2kGdK4uMdmd5zdAw_nz4OqA
.doubleclick.net/ Name: IDE
Value: AHWqTUkeimBrtddzfTPJRkOD3YjKRu1J3xW-nVwgdvt9mwr3X7Roz_KIydfokTnb
.bounceexchange.com/ Name: bounceClientVisit6217c
Value: %7B%22vid%22%3A1703174753656656%2C%22did%22%3A%22538371832589537351%22%7D
.celebwell.com/ Name: bounceClientVisit6217v
Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgMYCmYpARgO7lgB0xA9gLZEgA0IATjCJyACWKAPoBzJiJSkUKQUwB2MAGYBDMNK7DxEKTLmKV6zSGliYAbQC6AXyA
.casalemedia.com/ Name: CMID
Value: ZYRiYUTMRgYTlqIO07pnpQAA
.casalemedia.com/ Name: CMPS
Value: 3290
.casalemedia.com/ Name: CMPRO
Value: 3290
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>zJ:Faa!@wnfH8K6pQK`!5=E<*L5?%K78N2Ly33dZSk1E`<g/R3=3]n2OC2]a*Q24em*bpRz*qF1`*b_qb*=V[?
.doubleclick.net/ Name: APC
Value: AfxxVi6vLK2C86T3tg7ceQcJduqwuNNZeSlnRgHuNtPu6ZpP_IvmLg
ssp.behave.com/ Name: tuuid
Value: 324f3ce9-d3a7-47e7-b568-8c05e377a96f
ssp.behave.com/ Name: c
Value: 1703174754
ssp.behave.com/ Name: tuuid_lu
Value: 1703174754

3 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=MEREDITH&sv_domain=celebwell.com
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://script.crazyegg.com/pages/scripts/0031/6691.js?473104
Message:
Failed to load resource: the server responded with a status of 410 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

670c56e41869bd8a9602c2ca20169b79.safeframe.googlesyndication.com
aax.amazon-adsystem.com
ads.pubmatic.com
api.bounceexchange.com
api.parsely.com
api.rlcdn.com
assets.bounceexchange.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
cdn.id5-sync.com
cdn.parsely.com
celebwell.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
contextual-analytics.wunderkind.co
d30qdagvt44524.cloudfront.net
d9jj3mjthpub.cloudfront.net
dsum-sec.casalemedia.com
events.bouncex.net
fastlane.rubiconproject.com
geo.privacymanager.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.sv.rkdms.com
id5-sync.com
image6.pubmatic.com
js-sec.indexww.com
karma.mdpcdn.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
lightboxapi.azurewebsites.net
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
p1.parsely.com
pagead2.googlesyndication.com
pixel.wp.com
region1.google-analytics.com
s0.2mdn.net
script.crazyegg.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
ssp.behave.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
tag.wknd.ai
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lightboxcdn.com
x.bidswitch.net
104.18.11.111
104.18.38.76
13.227.219.79
142.250.186.34
162.19.138.120
162.19.138.83
172.217.18.2
172.64.151.101
18.156.195.47
18.239.18.66
18.239.69.72
18.239.83.45
184.30.211.26
185.64.189.112
185.64.190.78
185.89.210.141
192.0.76.3
2.18.96.187
20.40.202.0
2001:4860:4802:34::36
2600:9000:20ab:4400:11:e0c9:84c0:21
2600:9000:223f:ec00:d:2820:3bc0:93a1
2600:9000:2644:6600:19:bcbe:a700:21
2602:803:c003:200::44
2606:4700:10::6816:3556
2606:4700::6812:b6f
2606:4700::6813:9308
2606:4700::6813:d483
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::2006
2a00:1450:400c:c0b::9c
2a02:2638:3::3
2a02:2638:3::c
3.233.132.210
3.73.254.34
34.102.146.192
34.111.8.32
34.120.133.55
34.120.135.53
34.120.253.250
34.98.64.218
34.98.72.95
35.157.253.10
35.207.48.122
52.1.43.208
52.222.208.154
52.222.239.116
52.223.40.198
54.155.18.159
65.9.61.60
0257ada135b20b5b030fd3e5bdef0766f432bdf0e0016c75bcf82e28f14d2472
030ed21d081bfc4198fb60986d7048e797e3ad280a115cdcf3b35ee53226937d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0c3d4ec40b791da4127d1c957f31146b4f65d665d3eff7d118086fbbb7570ba1
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fe7554cd67a2912fd158eb0a5cc8fae49e6028b12d360f0c6be8a38ff2a5c13
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
10ca218fc957f3b1b7f8f0a0f6bab1c8b384ed7d6edda052614bf8cc9c14eac2
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
12c9b4c849eb03001a65d70185a686ec3e396a85c25bd33af382cb90987b996c
13ff3a4f4a015b6ed6b3c7d6036a8a72759e179b28b865de695636bbc43da180
159bd804f3a207ce59088ef63f186ba5b3d906d5245b7bfa882a6a6c3f6a9314
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
19279b86b790e30a1a461073df60cab0eb27531f557a853a606b39fe15439e57
1a5a94f596f295bd2137a982b38169f86b8557cf5c7986d344f1d4aa6f656d4a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2114347e3add7fb4a53d7e68ac895f0e08c63946c29e1f4c6359eb6632386ea4
2820df6852dc5e4da53ed27ce5714777707c507956b66c47244b57d474b21308
285a3410b6c9daa6ec89ea2baf9c18290c37377fea84957c59211418a575717e
286a9eb90b3236f3c77e9cd147b524d542d53ba83973de175c45be3eb1147805
2a3a3957a0a96ed6faa851b56f971854b104f5199998cba99aaa68624052d1df
2d9d5eece457526daaa86628d0f7cdced3695a3c0ed22a8f0db5803313d0c68d
2dbefcda6adee5b7a27c53760fcf9fcbcf81aeda802e3714f5ec8671feed1c7f
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2fdaa56f0e149ce7ad773f2da520291429cee9ef8b9e0d8ca08073d3c7223ef2
3077df8f2d3cb91f0e82697c26038d6e2dae495264d754a2f7a026e85f308277
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3344e6760ed96d120710d44c5cd858693c0151c78955f27b481d880d2693a7e1
377d69bf7362ad1d6d09cb5abab82bc7e7bbe9e743a34d3cefbe19bc4885b874
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3ee48dbf236caab6a025a981115ba3c09c3183ff93852cb38f35590599b8f0b7
3f6e290b2f8a065e2ecd98b5cf82d3d392146dbbd3c2e7e24f796a6048a80e90
40ff67a8f231a9b3a3cb07eeb1bfa4841f492aa351b55a2260c043b29bfd8bcb
4120daa45b3292ce48b351137e02bf33482d184cefa023e0ddeb5b27aef10ebf
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a4feb5399d6f379f9290d45f4c6fb21a8e0546d3ff6da83d755c2d365f1369c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb4dbb931e063a4120baaee4cfd2d84e60a0e611771f452c4a6c6264038f658
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4d9da0a5aa669531b4f9c4da35a729e9a71b07afd95a9878783855a5f31f83f5
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
56a06c441dfd00a2d9d717680b7a42204e2054dd98ad155d3f386acec69535e9
570d08c2ec68a767e92a75918a8132a8bee5d7b56932921ceaeef525c15bff35
57298ae9c2168c3f86b4f4e67b9b6a222ce706ed3c8191f391c03d37760d253e
5a04c480fa780416b1837c5ebc92976d32097695a4647412686e2839991350d1
5a0d7aae25cf8be546d99bf59a70da80992f434d4e5b709a89340261b0eefadc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623aa63bf6f127299fcd04b563d4184da1f0bee38f9a55684dcca8ea1374e9a6
6851edc0fca6eb99fa5fa083c37055fb96b62567bcd4730305e755e4cc0ab82a
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f6648911501352bf0e79f1411672eceffdaf674acc6cbd375a3475d79a86ecc
6f7b7ba3dcce4cfc079941906205338b5101e841e9c9c715c4389ccd0408935d
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
727b3ff0c716fa8e38788e3dab83691b06edf37ca523b826f9ef67700021516b
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
7f5ddaf0ad3216e94a3afed28fb76a0dfc709b5605935247dc60a1eeecdb093f
828011e932c7f65177e00c50ef88564628178b9d3190845404b02e3132a14c90
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87d3ca80017eba2cdc0bbacb29573912906303cae9d1ff5cfd3747d43b23ec5d
89856c49e35cf6ad2dc136c06577867b927986003088301825c26a3024da075c
8bc8bb2ef9a799f3719e64256b03f6e9e8ed60a1ba1d1337e03a1a23cd33ac03
8c420a769099abc36c66e703fd5b502e65d249c184aeeb3329098b921acacc3d
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8efb6d1832f5dd1de8b187593e01641edb97291039830b8a2772bcbf5880d162
9009ab1961f92fe644f2d0ae066dd5b4302d0b1226c6bf40d2bba4a7561a3366
956a243efde51c11758094189afe270cdc8bb79440e57f27874eecd06aa6663f
97f839599b0dfb937be8cc2aff8b5ddd367f5c9ee31abd1dd0550d0fd87944b1
9a181c1a918370f223beca0b1fdc7f929228944852bf19082ba06af9dfd481f9
9cb5996dc23e7c57e0415a9f0cf168d41a20adb4c427626102b58caffb8825e8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a10f11ad6d5a96e398b1b883b20931df0a99c6dea5de9f16385a8bdeea6e1849
a3cf4861c7d0c966f0ed6564f6aad6b28cbd3421a9ca4f60e2246848d249f196
a7bff2bee16591d47fe4fb207367c7cbe12b95fa066be434e632a2ef0614027c
addcff8eac7c0cf9144538731f468e014eee56682aac2d4daf55d9a20f043c8c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc2fd9559bb88b89bf7c28bf94666ffc8d93c856137ffc999f465d2bec2a6536
be45f23778b047b9d8755f40c19d8f534c8dda03f095a9d54b4d7326cf1a03f5
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c1f3c3167043eb161d452ca961a7f7d70fbfc26aea86a0c48efca21743b59517
c2f8596def684155f65262ab0911f20d15431b83273e235dca89dd4df6464639
c4fad867557fa65e1a778e915c0b4ed0cd1bbb4443452c8943e5cec6504311e7
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d6076bf46f7910c5bdd9507aec9d3102ee9f24612a1450d47209325789ba16ee
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dae865b863756e3617457d112675be3fffd832671e4729353ad909568dab29db
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3aef16120f28270aacaf40870f473491be681f8a59d844ffbb90a6ba24b5442
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a8f8adbbaa2897642d7f356a38665cecbda417fe5fbba48ad3bfbbd23f0f88
e5843a783f6e5ffc663367924473248e7c29356688f6639d879cac0c2c8aa383
e609dcc5358b4fe411a64e42d82a1893cb79a043f8fc695431feb42d0cb28bf1
ea77d4b986c11d48da7d516ee3b298228dbed79875628189d9f000eb976c8ad5
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed78fb7e93fe7fef4bc6a97421f5d97485ce4a7ecd341417f2066bfa20671f03
ed97b9643891f1052dfb85a4f54f9000a83560f0251d890f3faf458ecba4473d
eddc11d8be0ae5311acc08d5f2ebe7ff9426384f6408ecbb56abbd7fb5e03743
ee0c0842fce5cce6d8eda6c8a60af21f833158dd35a69098a7031cd787740c34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12ceb37f0af94011d64c0005380aab1bb42bc76b71f950fd30a610b37d4a0d9
f254eb93b015455a3c89aaf970631bc989fe2bd387f79e871b514992359651aa
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f5a0bb4386dc8332a4566e30dc7a70ef6441c783c3e1fcf357f3d243a30f7282
f5b937bf6e98350aab8d49c0856ea0f369ba6d1098fadb0c2bc5ea883e177c10
f663063341655ffd4a7351a336e4df2edd687a911a4d8d796d5cd32e47903b41
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb9ad3e0fd12e6a32d2a62b8dbb2cb5a40b19605fd9674578345aef2311b3ada
fe587df682e0706aa92b541da6ed2afeea9801514fea8ad1c9297b6af5d77449