www.celebzz.com Open in urlscan Pro
2606:4700:3031::ac43:c8b2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://celebzz.com/
Effective URL:
http://www.celebzz.com/
Submission: On June 02 via manual (June 2nd 2021, 10:22:27 pm UTC) from US

Summary HTTP 358 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 72 IPs in 8 countries across 69 domains to perform 358 HTTP transactions. The main IP is 2606:4700:3031::ac43:c8b2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.celebzz.com.

This is the only time www.celebzz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::6815:550d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	2606:4700:303... 2606:4700:3031::ac43:c8b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.215.128.143 18.215.128.143	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:218e:5400:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
16	2606:4700:20:... 2606:4700:20::681a:eee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.255.6.251 172.255.6.251	7979 (SERVERS-COM) (SERVERS-COM)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ab::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:20:... 2606:4700:20::ac43:4739	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:f13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:218... 2600:9000:218d:6800:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
2	18.198.109.212 18.198.109.212	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1 2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	67.202.114.214 67.202.114.214	32748 (STEADFAST) (STEADFAST)
1	192.99.8.34 192.99.8.34	16276 (OVH) (OVH)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
7	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
7	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
12	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
5	3.123.167.229 3.123.167.229	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:20:... 2606:4700:20::ac43:47f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 10	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1 2	2606:4700:20:... 2606:4700:20::681a:fee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:60::6	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
6	2606:4700:20:... 2606:4700:20::ac43:4597	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700:e2:... 2606:4700:e2::ac40:831e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	138.201.84.244 138.201.84.244	24940 (HETZNER-AS) (HETZNER-AS)
1 3	185.29.133.208 185.29.133.208	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	54.36.108.3 54.36.108.3	16276 (OVH) (OVH)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 79	2606:4700:20:... 2606:4700:20::681a:34e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
7 7	34.231.105.138 34.231.105.138	14618 (AMAZON-AES) (AMAZON-AES)
12 12	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
33 33	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
12 12	18.184.153.186 18.184.153.186	16509 (AMAZON-02) (AMAZON-02)
17 17	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
11 11	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
12	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
6 6	88.214.206.142 88.214.206.142	46636 (NATCOWEB) (NATCOWEB)
12 47	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
6	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
6	67.202.110.23 67.202.110.23	32748 (STEADFAST) (STEADFAST)
12	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
12 12	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
6	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
6 12	52.94.232.32 52.94.232.32	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	52.211.113.33 52.211.113.33	16509 (AMAZON-02) (AMAZON-02)
4 4	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
1	3.121.66.166 3.121.66.166	16509 (AMAZON-02) (AMAZON-02)
4 4	3.66.135.160 3.66.135.160	16509 (AMAZON-02) (AMAZON-02)
1 1	54.236.220.178 54.236.220.178	14618 (AMAZON-AES) (AMAZON-AES)
1 1	185.29.135.226 185.29.135.226	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
4 6	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.210.44.111 52.210.44.111	16509 (AMAZON-02) (AMAZON-02)
1 1	185.183.112.148 185.183.112.148	60350 (VP) (VP)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	54.204.142.198 54.204.142.198	14618 (AMAZON-AES) (AMAZON-AES)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
358	72

1 2606:4700:3034::6815:550d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

celebzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2606:4700:3031::ac43:c8b2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.celebzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.128.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-128-143.compute-1.amazonaws.com

celebs.gallery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:218e:5400:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

w.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::681a:eee (United States)

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.255.6.251 (Netherlands)

ASN7979 (SERVERS-COM, US)

hosupshunk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:f13 (United States)

ASN13335 (CLOUDFLARENET, US)

ad.impactify.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dvr.impactify.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:218d:6800:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.114.214 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.8.34 (Villa Park, United States)

ASN16276 (OVH, FR)
PTR: ns501383.ip-192-99-8.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.123.167.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-167-229.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:47f1 (United States)

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 46.249.52.249 (Netherlands) 3 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:fee (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

media.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:60::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5e6ns6.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:4597 (United States)

ASN13335 (CLOUDFLARENET, US)

stats.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.160.75 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

nym1-ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:831e (United States)

ASN13335 (CLOUDFLARENET, US)

quantumsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.133.208 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 94.130.102.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

hal900012.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

cdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.108.3 (France)

ASN16276 (OVH, FR)
PTR: ns3112796.ip-54-36-108.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

79 2606:4700:20::681a:34e (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.11 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.231.105.138 (Ashburn, United States) 7 redirects

ASN14618 (AMAZON-AES, US)

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 216.52.2.48 (United States) 12 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 185.33.221.13 (Amsterdam, Netherlands) 33 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.184.153.186 (Frankfurt am Main, Germany) 12 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 18.156.0.31 (Frankfurt am Main, Germany) 17 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 188.42.196.115 (Luxembourg) 11 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 88.214.206.142 (United Kingdom) 6 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2.18.234.21 (Frankfurt am Main, Germany) 12 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 67.202.110.23 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-110.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.162 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.94.232.32 (Ashburn, United States) 6 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.113.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-113-33.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.253.128.188 (Amsterdam, Netherlands) 4 redirects

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.66.166 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.66.135.160 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.220.178 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.226 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.242.53 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.44.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.148 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

cm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.204.142.198 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	quantumdex.io 6 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	38 KB
47	casalemedia.com 12 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	55 KB
39	celebzz.com 1 redirects celebzz.com www.celebzz.com	503 KB
33	adnxs.com 33 redirects ib.adnxs.com	30 KB
24	vlitag.com 1 redirects services.vlitag.com tag.vlitag.com assets.vlitag.com media.vlitag.com stats.vlitag.com	424 KB
20	adnxs-simple.com ib.adnxs-simple.com nym1-ib.adnxs-simple.com cdn.adnxs-simple.com	49 KB
17	yahoo.com 17 redirects ups.analytics.yahoo.com	15 KB
16	doubleclick.net 12 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	132 KB
13	pubmatic.com ads.pubmatic.com image6.pubmatic.com	102 KB
12	amazon-adsystem.com 6 redirects s.amazon-adsystem.com	6 KB
12	sonobi.com sync.go.sonobi.com	6 KB
12	advertising.com 12 redirects pixel.advertising.com	4 KB
12	lijit.com 12 redirects ap.lijit.com	6 KB
11	betweendigital.com 11 redirects ads.betweendigital.com	5 KB
10	e-planning.net 3 redirects ads.us.e-planning.net	4 KB
9	criteo.com bidder.criteo.com gum.criteo.com	3 KB
9	google-analytics.com www.google-analytics.com	39 KB
7	advangelists.com 7 redirects nep.advangelists.com	2 KB
7	creativecdn.com prebid-eu.creativecdn.com	1 KB
7	a-mo.net prebid.a-mo.net	2 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	159 KB
6	owneriq.net 4 redirects px.owneriq.net	2 KB
6	adsrvr.org match.adsrvr.org	2 KB
6	33across.com ssc-cms.33across.com
6	onetag-sys.com onetag-sys.com	5 KB
6	admanmedia.com 6 redirects cs.admanmedia.com	2 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net hal900012.redintelligence.net	8 KB
5	mathtag.com 2 redirects tags.mathtag.com pixel.mathtag.com sync.mathtag.com	2 KB
5	sharethrough.com btlr.sharethrough.com	566 B
4	w55c.net 4 redirects pm.w55c.net	3 KB
4	simpli.fi 4 redirects um.simpli.fi	2 KB
3	turn.com 3 redirects ad.turn.com	1 KB
3	impactify.io ad.impactify.io dvr.impactify.io	75 KB
3	gstatic.com fonts.gstatic.com	45 KB
3	sharethis.com w.sharethis.com l.sharethis.com	9 KB
3	googleapis.com fonts.googleapis.com imasdk.googleapis.com ajax.googleapis.com	149 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	66 KB
2	eqads.com 1 redirects um2.eqads.com	563 B
2	bidr.io match.prod.bidr.io	222 B
2	criteo.net static.criteo.net	53 KB
2	googlevideo.com 1 redirects redirector.googlevideo.com r1---sn-4g5e6ns6.googlevideo.com	990 B
2	facebook.com 1 redirects www.facebook.com	581 B
2	histats.com s10.histats.com s4.histats.com	5 KB
2	googletagservices.com www.googletagservices.com	49 KB
2	google.com adservice.google.com www.google.com	1 KB
2	facebook.net connect.facebook.net	66 KB
2	hosupshunk.com hosupshunk.com
1	ctnsnet.com 1 redirects cm.ctnsnet.com	412 B
1	adotmob.com 1 redirects sync.adotmob.com	689 B
1	quantserve.com 1 redirects pixel.quantserve.com	508 B
1	extend.tv 1 redirects sync.extend.tv	546 B
1	bidswitch.net x.bidswitch.net	146 B
1	demdex.net dpm.demdex.net
1	rfihub.com 1 redirects p.rfihub.com	776 B
1	ad4m.at ad4m.at
1	contentspread.net cdn.contentspread.net	40 KB
1	quantumsyndication.com quantumsyndication.com	631 B
1	cloudflare.com ajax.cloudflare.com	5 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	amung.us whos.amung.us	213 B
1	lockerdome.com lockerdome.com	2 KB
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	640 B
1	lockerdomecdn.com cdn2.lockerdomecdn.com	3 KB
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	waust.at waust.at	8 KB
1	aniview.com tg1.aniview.com	542 B
1	celebs.gallery celebs.gallery	1 KB
358	69

	Domain	Requested by
72	sync.quantumdex.io	assets.vlitag.com sync.quantumdex.io ssum-sec.casalemedia.com
38	www.celebzz.com	www.celebzz.com
33	ib.adnxs.com	33 redirects
29	dsum-sec.casalemedia.com	6 redirects ssum-sec.casalemedia.com um2.eqads.com
18	ssum-sec.casalemedia.com	6 redirects sync.quantumdex.io ssum-sec.casalemedia.com
17	ups.analytics.yahoo.com	17 redirects
14	ib.adnxs-simple.com	assets.vlitag.com
12	s.amazon-adsystem.com	6 redirects ssum-sec.casalemedia.com
12	cm.g.doubleclick.net	12 redirects
12	ads.pubmatic.com	sync.quantumdex.io ads.pubmatic.com
12	sync.go.sonobi.com	sync.quantumdex.io
12	pixel.advertising.com	12 redirects
12	ap.lijit.com	12 redirects
11	ads.betweendigital.com	11 redirects
10	ads.us.e-planning.net	3 redirects www.celebzz.com assets.vlitag.com
9	assets.vlitag.com	tag.vlitag.com www.celebzz.com assets.vlitag.com ajax.cloudflare.com
9	www.google-analytics.com	www.celebzz.com www.google-analytics.com www.googletagmanager.com
8	bidder.criteo.com	assets.vlitag.com static.criteo.net
7	nep.advangelists.com	7 redirects
7	useast.quantumdex.io	assets.vlitag.com
7	prebid-eu.creativecdn.com	assets.vlitag.com
7	prebid.a-mo.net	assets.vlitag.com
6	px.owneriq.net	4 redirects ssum-sec.casalemedia.com
6	match.adsrvr.org	ssum-sec.casalemedia.com
6	ssc-cms.33across.com	sync.quantumdex.io
6	onetag-sys.com	sync.quantumdex.io
6	cs.admanmedia.com	6 redirects
6	ms.quantumdex.io	6 redirects
6	stats.vlitag.com	tag.vlitag.com
6	tag.vlitag.com	services.vlitag.com tag.vlitag.com
5	hal900012.redintelligence.net	1 redirects ajax.cloudflare.com hal900012.redintelligence.net
5	nym1-ib.adnxs-simple.com	ajax.cloudflare.com cdn.adnxs-simple.com
5	btlr.sharethrough.com	assets.vlitag.com
5	pagead2.googlesyndication.com	www.celebzz.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	pm.w55c.net	4 redirects
4	um.simpli.fi	4 redirects
3	ad.turn.com	3 redirects
3	tags.mathtag.com	1 redirects
3	fonts.gstatic.com	fonts.googleapis.com
3	maxcdn.bootstrapcdn.com	www.celebzz.com maxcdn.bootstrapcdn.com
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	match.prod.bidr.io	ssum-sec.casalemedia.com
2	static.criteo.net	assets.vlitag.com static.criteo.net
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.facebook.com	1 redirects connect.facebook.net
2	l.sharethis.com	w.sharethis.com www.celebzz.com
2	www.googletagservices.com	pagead2.googlesyndication.com tag.vlitag.com
2	ad.impactify.io	www.celebzz.com ad.impactify.io
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	connect.facebook.net	www.celebzz.com connect.facebook.net
2	hosupshunk.com	www.celebzz.com
2	services.vlitag.com	www.celebzz.com services.vlitag.com
1	image6.pubmatic.com	ads.pubmatic.com
1	cm.ctnsnet.com	1 redirects
1	sync.adotmob.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	sync.mathtag.com	1 redirects
1	sync.extend.tv	1 redirects
1	x.bidswitch.net	ssum-sec.casalemedia.com
1	dpm.demdex.net	ssum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	ad4m.at	ssum-sec.casalemedia.com
1	gum.criteo.com	static.criteo.net
1	cdn.contentspread.net	hal900012.redintelligence.net
1	ajax.googleapis.com	hal900012.redintelligence.net
1	cdn.adnxs-simple.com	ajax.cloudflare.com
1	pixel.mathtag.com
1	hal9000.redintelligence.net	ajax.cloudflare.com
1	quantumsyndication.com
1	ajax.cloudflare.com	assets.vlitag.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagmanager.com	tag.vlitag.com
1	stats.g.doubleclick.net	lockerdome.com
1	r1---sn-4g5e6ns6.googlevideo.com	www.celebzz.com
1	redirector.googlevideo.com	1 redirects
1	media.vlitag.com	1 redirects
1	cdn.jsdelivr.net	assets.vlitag.com
1	s4.histats.com	s10.histats.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	whos.amung.us	waust.at
1	s10.histats.com	www.celebzz.com
1	imasdk.googleapis.com	tag.vlitag.com
1	dvr.impactify.io	ad.impactify.io
1	lockerdome.com	cdn2.lockerdomecdn.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn2.lockerdomecdn.com	www.celebzz.com
1	c.sharethis.mgr.consensu.org	w.sharethis.com
1	waust.at	www.celebzz.com
1	tg1.aniview.com	www.celebzz.com
1	w.sharethis.com	www.celebzz.com
1	fonts.googleapis.com	www.celebzz.com
1	celebs.gallery	www.celebzz.com
1	celebzz.com	1 redirects
358	95

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
feeds.feedburner.com
plus.google.com
whos.amung.us
valueimpression.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2020-09-27` - `2021-10-29`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
histats.com R3	`2021-05-21` - `2021-08-19`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-18` - `2022-03-26`	10 months	crt.sh
*.a-mo.net R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.adnxs-simple.com GeoTrust ECC CA 2018	`2021-03-17` - `2022-03-15`	a year	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
ads.us.e-planning.net R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-05-25` - `2021-08-03`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
contentspread.net R3	`2021-04-05` - `2021-07-04`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
um3.eqads.com Amazon	`2020-07-24` - `2021-08-24`	a year	crt.sh

This page contains 60 frames:

Primary Page: http://www.celebzz.com/
Frame ID: 992BFE7FE225EDD73E439BA4A1D27C4B
Requests: 146 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/zrt_lookup.html
Frame ID: DE443A4BCE58ADB7FEAF99D8073A9DF9
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 1CF53ADB5C8B397C4981D83798874F50
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8340352295618934&output=html&adk=1812271804&adf=3025194257&lmt=1622672529&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.celebzz.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1622672528953&bpp=33&bdt=378&idt=169&shv=r20210525&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7222319549661&frm=20&pv=2&ga_vid=802403062.1622672529&ga_sid=1622672529&ga_hid=1219619320&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C31060975&oid=3&pvsid=1722314050101086&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=190
Frame ID: 647A0139E45A3B3D7C632B88E3792108
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13235904936384614?pubid=ld-7310-7070&pubo=http%3A%2F%2Fwww.celebzz.com&rid=&width=538
Frame ID: A6BF08593BAF388F4C5C3B9D7FF91620
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3ab5800b241f38%2526domain%253Dwww.celebzz.com%2526origin%253Dhttp%25253A%25252F%25252Fwww.celebzz.com%25252Ff1518400de44a5c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCelebzz-501754036583664%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue
Frame ID: 2EC0CE379894C4ED25594F0188B026D3
Requests: 1 HTTP requests in this frame

Frame: http://tag.vlitag.com/passback/?t=1622654666&d=91&z=19423&divID=vi_9119423_899&w=970&h=250
Frame ID: ED8AA5183524D92CAD2DA702054A5710
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-29
Frame ID: 189D05992B8C3F1A90423A9860BF06A4
Requests: 8 HTTP requests in this frame

Frame: http://tag.vlitag.com/passback/?t=1622654666&d=91&z=19424&divID=vi_9119424_429&w=336&h=280
Frame ID: 944DF3AEE6473CBA025E862877E4E7BC
Requests: 2 HTTP requests in this frame

Frame: http://tag.vlitag.com/passback/?t=1622654666&d=91&z=19424&divID=vi_9119424_198&w=336&h=280
Frame ID: 720AA5AC221B5DBFE632AB010A223375
Requests: 2 HTTP requests in this frame

Frame: http://tag.vlitag.com/passback/?t=1622654666&d=91&z=19424&divID=vi_9119424_547&w=336&h=280
Frame ID: E739AC7B53FD43E9EFED59A81D2724A7
Requests: 2 HTTP requests in this frame

Frame: http://tag.vlitag.com/passback/?t=1622654666&d=91&z=2248&divID=vi_912248_565&w=300&h=600
Frame ID: 5E51B89E7FEDB25218722DE4FCF158EA
Requests: 2 HTTP requests in this frame

Frame: http://assets.vlitag.com/plugins/safeframe/src/html/r.html
Frame ID: FBF2A24B0F3CED0B65CC3A920B1998D4
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 7379D20DDDC7A5C67AF7813318542507
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CE0B1B36408900381F110AC021A445FC
Requests: 1 HTTP requests in this frame

Frame: http://hal900012.redintelligence.net/request_content.php?s=96510500002661300951427011614012&a=2eba3715
Frame ID: C0E74F7060A4DB5E10F6BE96CC1F50ED
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.celebzz.com&gdpr=1&gdpr_consent=
Frame ID: 8321E41B23B488643FAF299594C8F638
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 66E91055DB52224F680FA0405C2BB702
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: D311A7E3C3F7DFA26AB5293EE8F213E4
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 28BECCFD2E40F19D5A4F46613CD1B9AE
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 1EBCFF00D82608FC1FFA784A6D79051F
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: DC749A2CB2764EB269FF614209DF0668
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 897B7271B5B94F0BBFAA6B407783C38F
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 1D80A32EF7C218125F36C0B78C2DA437
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 6CB05E3C99BF0ACABBE03C7B371AF603
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 46843349A2AC29E5AB602721572127FB
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: F2E637C177B2EA8ABBCDA75CD6599295
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 1B392FA63B9959D89A78DCC01E01331A
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: BAE727FE6A25E760B0C8857AAA79C97D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 847D6B6E6558E6288C00EA10C252F71A
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 62C4E0F67442B74F6C559A0F32FA60D7
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 5E6C00B394A2992A540627099E80639E
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: E08607D56349870CD30D26DCB39D33C6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: A0F87310D20D1F6B20D33447210474E6
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 9BC086705A616BB05C400D2915BDCDAA
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 77C1C3AD728E7B463D0C13E2D5E5319E
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 78E324C29ED17C908ED80A19CF97938C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 40CC2B88496CDEF8F80395DF4BC88FA0
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 536CBD6E6D9717692E2E951CC0C93A08
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: CA5F66C701BE097BA743C466DAEA79C8
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 1E7D6F2EB2E161E240E77201415ECFDF
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: AE7C2DC40E8F4E35273AAE2C28BB92A2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: C4EF387BC70D7C59FD74E3CED4D8DB10
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 9D78061CEE03A3D7439BD24C9BCE6AAF
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: F0650B3C4A051F4DD68F154BD429ABFA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 54AA31E8F29810576FCB13B7CDFFA6B7
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: D8C8A3EA0595584609C78AF4A6BCF357
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 02D92A18E0555F5E67752DF9CB39A9D3
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: DF1062B3BA538029EB81248598402A61
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 16EB6E4FEF2462132D0D80EFAD5C0CCC
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 0D6C7E0059430F21F013ABA4C466B218
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 96CBF047D1629541D6257B2EBBB0C459
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 5A27CE84A3E85D46C462152EA1BE00F7
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: C979B9613735CBB003502A972FEB3031
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4F549C3ABC722EEE0F905E1B596EC2BB
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8780B0FBBDF9A49C7F77A6D95AD4238D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B4CAA50135DA5FB2A01FC4A11C738A15
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 13AB198C984BF369626E95F22317A031
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 33298AB853D5B6198890FCEB22E22752
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 146AD9610F3F88E7953FD4A5F7E19B6A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://celebzz.com/ HTTP 301
http://www.celebzz.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

358
Requests

78 %
HTTPS

43 %
IPv6

69
Domains

95
Subdomains

72
IPs

8
Countries

2135 kB
Transfer

5086 kB
Size

16
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://twitter.com/celebzz_a
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.facebook.com/Celebzz-501754036583664/?ref=hl
Title: Facebook

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/Celebzz
Title: RSS

Search URL Search Domain Scan URL

URL: http://plus.google.com/+Celebzz/about
Title: Google+

Search URL Search Domain Scan URL

URL: https://whos.amung.us/stats/th0m99f4yi/
Title: 16

Search URL Search Domain Scan URL

URL: http://valueimpression.com/?ref=www.celebzz.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://celebzz.com/ HTTP 301
http://www.celebzz.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css HTTP 307
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Request Chain 6

http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.4.2 HTTP 307
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.4.2

Request Chain 45

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 46

http://connect.facebook.net/en_US/sdk.js HTTP 307
https://connect.facebook.net/en_US/sdk.js

Request Chain 80

https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ab5800b241f38%26domain%3Dwww.celebzz.com%26origin%3Dhttp%253A%252F%252Fwww.celebzz.com%252Ff1518400de44a5c%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCelebzz-501754036583664%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=true HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3ab5800b241f38%2526domain%253Dwww.celebzz.com%2526origin%253Dhttp%25253A%25252F%25252Fwww.celebzz.com%25252Ff1518400de44a5c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCelebzz-501754036583664%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue

Request Chain 92

https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?rnd=0.10733838779489302&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2F&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?ct=1&rnd=0.10733838779489302&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2F&gdpr=1&gdprcs=

Request Chain 95

https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?rnd=0.10733838779489302&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2F&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?ct=1&rnd=0.10733838779489302&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2F&gdpr=1&gdprcs=

Request Chain 102

http://media.vlitag.com/vid/?id=O5RRxWcXyjc&t=y HTTP 302
https://redirector.googlevideo.com/videoplayback?expire=1622686515&ei=0-a3YMSpOdzXxN8Pr6aikAI&ip=52.210.125.216&id=o-AM8MyXN8z8N6LDezgJGsdLVG3v0w11-_Cbc5KRsA3HXx&itag=22&source=youtube&requiressl=yes&mh=gA&mm=31%2C26&mn=sn-q0c7rn76%2Csn-4g5edned&ms=au%2Conr&mv=u&mvi=1&pl=22&vprv=1&mime=video%2Fmp4&ns=Ya2NIqrJ88uOrgyvMZj8VE0F&cnr=14&ratebypass=yes&dur=344.050&lmt=1543248490693149&mt=1622663161&fvip=6&fexp=24001373%2C24007246&c=WEB&txp=5532432&n=gFVVEDazxdfayOb0&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJh_Cs_Vi6Lqtwg2py4cewAZUSDB2edf7MitLxqru7x-AiEAkxS7oYIGWoQy5UkT2JeDHojsjoj4mxsU9k4D55fWEq0%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAOInrozyK0N-MQcgG7lU2o4rcOMnOYivnVBZACyNTYlSAiBvntHu3t-TdqUl5Ss1HpDk6y5hFsdA8i9ExH4oPd3L5A%3D%3D HTTP 302
https://r1---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1622686515&ei=0-a3YMSpOdzXxN8Pr6aikAI&ip=52.210.125.216&id=o-AM8MyXN8z8N6LDezgJGsdLVG3v0w11-_Cbc5KRsA3HXx&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=Ya2NIqrJ88uOrgyvMZj8VE0F&cnr=14&ratebypass=yes&dur=344.050&lmt=1543248490693149&fexp=24001373%2C24007246&c=WEB&txp=5532432&n=gFVVEDazxdfayOb0&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJh_Cs_Vi6Lqtwg2py4cewAZUSDB2edf7MitLxqru7x-AiEAkxS7oYIGWoQy5UkT2JeDHojsjoj4mxsU9k4D55fWEq0%3D&cms_redirect=yes&mh=gA&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6ns6&ms=au&mt=1622671960&mv=m&mvi=1&pl=50&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMOvJ4wNJINnz-kUzOgjorfMb73FzH4UaGDfoqvUCqmwAiAbXLV3VeXIpmtaHjJweY89U3m-cAaAk7eB7_LdBFnf_g%3D%3D

Request Chain 105

https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?rnd=0.10733838779489302&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2F&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?ct=1&rnd=0.10733838779489302&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2F&gdpr=1&gdprcs=

Request Chain 168

https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTnpjd1lqRm1aRGN0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzczMTIzNzg1NzIzMDMyNTUzODkvNjYyMjM5My80NTYyMzEyLzEzL1kzbUxsSjhYeERrb2x0bzdEZUJzcHIzLWVGRkZfRmlqNm5YYWlRRnRtNm8vMS8xMy8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczMTIzNzg1NzIzMDMyNTUzODkvb3JkLzAvMTEyOC8xLzk5OS8zMjIvMmEwMTo0Zjg6MTkyOjU0MDA6Oi8wLjAwMC8xNjIyNjcyNTI5LzE2MjI2ODUxMjkvMTMvMTE3MTEv/nk4jh0UkAX7W4I_hywVSfBjjzLs&nodeid=2690&group=us-east&auctionid=7312378572303255389&sid=4562312&cid=6622393&bp=a_behecc&nfy_act=LD5wew&bfip=216.200.232.90&type=imp&client=c2s HTTP 302
https://tags.mathtag.com/ck-confirm?bid_id=7312378572303255389&node_id=2690&exch_id=13

Request Chain 172

http://hal900012.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=b320646378&subid=&uid=f0ebea8b6bce3b31&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7312378572303255389%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=http%3A%2F%2Fwww.celebzz.com%2F&ancestorOrigins=http%3A%2F%2Fwww.celebzz.com&random=5985954677527&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
http://hal900012.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=b320646378&subid=&uid=f0ebea8b6bce3b31&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7312378572303255389%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=http%3A%2F%2Fwww.celebzz.com%2F&ancestorOrigins=http%3A%2F%2Fwww.celebzz.com&random=5985954677527&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 201

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-16712853-d90b-411d-a680-a42f6448feeb

Request Chain 202

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=30674a586dc8d0c53d922622

Request Chain 203

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4353693542060510119

Request Chain 204

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0

Request Chain 205

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5

Request Chain 206

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c9ae5af5-60c0-40bd-9982-28753f7402d4

Request Chain 207

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-LZ_yuddE2uEtsigLaOEZ_Y87U8YwqAHA28PZmI4-~A

Request Chain 209

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5893037069907662909

Request Chain 210

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263

Request Chain 211

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1282552310298438237

Request Chain 212

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 218

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4353693542060510119

Request Chain 219

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263

Request Chain 220

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4353693542060510119

Request Chain 221

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6669380213495963260

Request Chain 222

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-95124d05-730a-4277-9e4c-d8c4b53b148f

Request Chain 223

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3d0f050847bfad77fb905ca2

Request Chain 224

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfa96dbc7-c3f0-11eb-9c26-06e3bec5009e HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa96dbc7-c3f0-11eb-9c26-06e3bec5009e

Request Chain 225

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5

Request Chain 226

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=bfd7cdab-19fc-44e8-9a59-14bb54b4e409

Request Chain 227

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-YK1iNKZE2uFBmH0qTKgqvn_d17vRskX3gUz4zpQ-~A

Request Chain 229

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 233

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263

Request Chain 234

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1218005942203340466

Request Chain 235

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6669380213495963260

Request Chain 236

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-e975d827-9adc-4f54-9423-421395d5760f

Request Chain 237

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=26427a1cea461eafcae78e6c

Request Chain 238

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfa96dbc7-c3f0-11eb-9c26-06e3bec5009e HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa96dbc7-c3f0-11eb-9c26-06e3bec5009e

Request Chain 239

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5

Request Chain 240

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=ce5a23d9-d3b9-4012-930b-07154de487c6

Request Chain 241

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-YK1iNKZE2uFBmH0qTKgqvn_d17vRskX3gUz4zpQ-~A

Request Chain 243

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1282552310298438237

Request Chain 244

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 249

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1218005942203340466

Request Chain 250

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-259a0dbd-481d-49f2-8036-aade61c23636

Request Chain 251

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=d1607f8f905c86236f7a8699

Request Chain 252

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0

Request Chain 253

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5

Request Chain 254

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=0776fae3-ac97-4033-9866-91b9c92d29ac

Request Chain 255

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-dPciszdE2uGXSysFNB8O9is6_uf3_BH9ed6ZV4A-~A

Request Chain 257

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5401949794470317928

Request Chain 258

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263

Request Chain 259

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1282552310298438237

Request Chain 260

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 265

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c7a59960-cbb2-4dca-91df-5d03b815252f

Request Chain 266

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-CreGmUxE2uE1tbwaMmZESDdphnJzIblqvdFZcro-~A

Request Chain 267

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6792495588117786117

Request Chain 269

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4971641737903619009

Request Chain 270

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263

Request Chain 271

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1941530558077917170

Request Chain 272

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a5c3fa6b-57a1-486f-acea-149d663a8488

Request Chain 273

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=cb09e3b3fd35c96214f0f6d6

Request Chain 274

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0

Request Chain 275

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5

Request Chain 276

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 281

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-cD2BwtFE2uHnEmoOTi8kF4crOEo0_azcr3mhv8I-~A

Request Chain 282

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6582740012973749551

Request Chain 283

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=de24406b-25a7-48ce-a0e2-0e8dfaf3957f

Request Chain 285

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1282552310298438237

Request Chain 286

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263

Request Chain 287

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6684565876476211312

Request Chain 288

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-2dea8693-a402-42c7-a811-2bc59451fa5c

Request Chain 289

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=cb09e3b3fd35c96214f0f6d6

Request Chain 290

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0

Request Chain 291

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5

Request Chain 294

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 297

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLgElLfO5XHkX3qqrE7QBwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1

Request Chain 299

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElLfO5XHkX3qqrE7QBwAABHYAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElLfO5XHkX3qqrE7QBwAABHYAAAAB&dcc=t

Request Chain 300

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLgElLfO5XHkX3qqrE7QBwAABHYAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEomsHH1XpCAruJjdo8zrfo&google_cver=1

Request Chain 302

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2443503384313108326

Request Chain 303

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739027279884314

Request Chain 306

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLgElD0bVbHSLFmP7IiYegAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1

Request Chain 308

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLgElD0bVbHSLFmP7IiYegAABMAAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1

Request Chain 309

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElD0bVbHSLFmP7IiYegAABMAAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElD0bVbHSLFmP7IiYegAABMAAAAAB&dcc=t

Request Chain 310

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1606E040AD645DFA1DE69E3DD4B203B&gdpr=1

Request Chain 312

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=CSmnMrRT1LOzfD5&gdpr=1

Request Chain 313

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=2af6bc9a-59dd-42e4-bef3-bb55c2fd8f4b

Request Chain 315

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLgElD0bVbHSLFmP7IiYewAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1

Request Chain 317

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElD0bVbHSLFmP7IiYewAABJYAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElD0bVbHSLFmP7IiYewAABJYAAAIB&dcc=t

Request Chain 318

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLgElD0bVbHSLFmP7IiYewAABJYAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1

Request Chain 319

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=80c660b8-0493-4901-a256-dafd7737bcef&gdpr=1&gdpr_consent=

Request Chain 320

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=8tj5c_Tcon7p2v4p9o62KvXd_yjpjfp7_I7rOAxf

Request Chain 321

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B19B147D28C34B359353A47A642D3D89&gdpr=1

Request Chain 322

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2443503384313108326

Request Chain 325

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLgElLfO5XHkX3qqrE7QCwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1

Request Chain 326

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElLfO5XHkX3qqrE7QCwAABFgAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElLfO5XHkX3qqrE7QCwAABFgAAAAB&dcc=t

Request Chain 327

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLgElLfO5XHkX3qqrE7QCwAABFgAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1

Request Chain 328

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6759589331685250420&uid=Q6759589331685250420&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 329

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2443503384313108326

Request Chain 330

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F5331FD3D5744F8590DD38F95747DEB0&gdpr=1

Request Chain 333

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElbfO5XHkX3qqrE7QDgAABFUAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElbfO5XHkX3qqrE7QDgAABFUAAAAB&dcc=t

Request Chain 334

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLgElbfO5XHkX3qqrE7QDgAABFUAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1

Request Chain 336

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLgElbfO5XHkX3qqrE7QDgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1

Request Chain 337

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6759589361079538517&uid=Q6759589361079538517&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 338

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=7AD5FFAFED674B368750C922E33BF289&gdpr=1

Request Chain 339

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=064d220402c8a3445ffde32f&expiration=[EXPIRATION]&gdpr=1

Request Chain 340

https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=65da3c2d26c54f5a95dfb3d6db6f21c2&expiration=1625264534

Request Chain 342

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElbfO5XHkX3qqrE7QDwAABJEAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElbfO5XHkX3qqrE7QDwAABJEAAAAB&dcc=t

Request Chain 343

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLgElbfO5XHkX3qqrE7QDwAABJEAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1

Request Chain 344

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLgElD0bVbHSLFmP7IiYegAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1

Request Chain 346

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=db62PSiz1LOzfD5&gdpr=1

Request Chain 348

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-87914b96-82b0-4259-bedc-3f1ef9ec38c2

Request Chain 350

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

358 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.celebzz.com/
Redirect Chain

http://celebzz.com/
http://www.celebzz.com/

46 KB
10 KB

422ms
408ms

Document
text/html

2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eff83843d16fa63e43218363cdb002c9aa52e531ab3d4532f43ac890f5497fab

Request headers

Host: www.celebzz.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <http://www.celebzz.com/wp-json/>; rel="https://api.w.org/"
CF-Cache-Status: DYNAMIC
cf-request-id: 0a706aeb23000017761c312000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IGYQYV070hAOBAlQLms775NBnDCmep3eMSX1hUf8bXge9ZK1AcW7qQwYHF8KO3z6J6HyFYeERnTYnUdE0%2BmI%2BiOeNKaE114UC4n18rhJL3mQteG1Qq9qZeBzc5gwy6Iqx%2B6sQEdflwH2"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6594142508fe1776-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Redirect-By: WordPress
Location: http://www.celebzz.com/
CF-Cache-Status: DYNAMIC
cf-request-id: 0a706ae98700002c26bd021000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LRLfP6ZWxQr94qAuwSkvMv8HJedfhY2defp0EyGN8m%2BxUNrkP207kDI1og2xPxNbx8toi1RH8NMFiEGclwD58ThpvQmLQHLwj6S71lHg9DGA7qvvhQzdYHgEiBvHhezklxSAnJw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 659414227c2a2c26-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK jquery-extra.theme.min.js Show response
celebs.gallery/wp-scripts/ 2 KB
1 KB 322ms
198ms Script
text/html 18.215.128.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://celebs.gallery/wp-scripts/jquery-extra.theme.min.js

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/

Protocol

HTTP/1.1

Server

18.215.128.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-128-143.compute-1.amazonaws.com

Software

Resource Hash

d9229ffd4bddfc818931c2566611b3a967cf2426e6e0f285e8a9a11c9023f256

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN, DENY

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:07 GMT
Content-Encoding: gzip
Cache-Control: private, no-cache, no-store, max-age=0
Content-Length: 1003
X-Frame-Options: SAMEORIGIN, DENY
Connection: Keep-Alive
Expires: Mon, 01 Jan 1990 0:00:00 GMT

GET
H2

200

font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/
Redirect Chain

http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

21 KB
5 KB

23ms
22ms

Stylesheet
text/css

2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 718
age: 6225735
cdn-cachedat: 2021-03-11 11:57:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aecc400002b7147b8e000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b0b99654f1852bea042d5b3f1081c580
cf-ray: 65941427a9f12b71-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

Redirect headers

Location: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK css
fonts.googleapis.com/ 8 KB
1 KB 25ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aedf443654dc81c3d47487a64d2a9e9e39b1ecde3595814b658be0f159335a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Jun 2021 22:22:08 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Wed, 02 Jun 2021 22:22:08 GMT

GET
H/1.1 200
OK style.css
www.celebzz.com/wp-content/themes/hawtmen/ 27 KB
7 KB 28ms
20ms Stylesheet
text/css 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/themes/hawtmen/style.css
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98b47a282eb415846fd2d98effe2eb604c9462c0670858b988f6aebbe35f0a3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3517626
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aecc80000d72d2fb2e000000001
Last-Modified: Sun, 13 Dec 2015 13:36:42 GMT
Server: cloudflare
ETag: W/"566d746a-6a81"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TU0nXUBjgWtNdBM7uod%2BSivCs%2BDyFrW1pW3AJ%2B3Sk3WLHBXkNcfxFH3%2Ff7mAR0JJV6IgXeJtaz4eHMUZfNKUsfUUl5DLs6auaVCaApU0m83jfyX9qw1oojtNUuCcM3Zhf8ZNaBgCnuvj"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 65941427ac6dd72d-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK layout.css
www.celebzz.com/wp-content/plugins/special-recent-posts/css/ 5 KB
2 KB 28ms
21ms Stylesheet
text/css 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/plugins/special-recent-posts/css/layout.css?ver=5.4.2
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0b92945f599cd606acb1d5bf60b30d1f6a6b4cee0ff6cb8ea0a29e6903a8cae

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3517473
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aecc800006389cfa57000000001
Last-Modified: Sat, 27 Sep 2014 18:29:41 GMT
Server: cloudflare
ETag: W/"54270215-121c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qyZ%2FPAuaNmWZyoA5im1jjrW6LFC066JbLpKUhe5qyCnr4ZSWFaGZTMN9lWib9vInjCDEfT%2FgwbC68e7MUmbfiw%2Fh%2Ft4uCVCulIwxxFRaALi8OvdSazR5YImFI90Os0wr7mqCIV89OEYt"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 65941427acee6389-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.min.css
www.celebzz.com/wp-includes/css/dist/block-library/ 52 KB
8 KB 29ms
21ms Stylesheet
text/css 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3517473
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aecc80000c2feb0bb0000000001
Last-Modified: Fri, 24 Apr 2020 15:32:14 GMT
Server: cloudflare
ETag: W/"5ea3067e-d159"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=th2LfGrHFXCMLVebBbvDenaDrv9QKYKfg7VMJb53%2BdeNG54kMEoy09anr%2B4R8qyXtQGmU1CWnqHMr1BFYzn0ZkUD%2FPnwGPX3C73%2FRTA1yDouA1O8Ok7H85yVghS6yZ3KGXg1VaWcwyal"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 65941427ab27c2fe-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/
Redirect Chain

http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.4.2
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.4.2

23 KB
5 KB

32ms
32ms

Stylesheet
text/css

2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.4.2

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 3816140
cdn-cachedat: 2021-04-19 19:31:13
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aecc400002b710e967000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6f1f2da5acf3d24818efbb12b345f509
cf-ray: 65941427a9f42b71-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

Redirect headers

Location: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.4.2
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK style.css
www.celebzz.com/wp-content/plugins/wp-post-navigation/ 975 B
1 KB 28ms
20ms Stylesheet
text/css 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/plugins/wp-post-navigation/style.css?ver=5.4.2
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53711afd86ecc21dff5318d62d32ff928991f77181a845d3ec99b2fd2b844c0a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3517626
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aecc800001e478b347000000001
Last-Modified: Wed, 26 Apr 2017 19:34:54 GMT
Server: cloudflare
ETag: W/"5900f65e-3cf"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bM7nulVTxOn3BYXtaYTvY3Jif6pZGJJKTCrTBYsAoe6lO2%2BycUA%2B1Y1veStI1RS4VZH%2BMV0Uv%2FFCV0LYhna61z5ii50ck2j%2BZx0L%2FNXYaKWbax%2F%2BvXRmpGmufDu4NxL1DjU3rTFZGTmc"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 65941427ada31e47-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK pagenavi-css.css
www.celebzz.com/wp-content/plugins/wp-pagenavi/ 374 B
1 KB 27ms
20ms Stylesheet
text/css 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3517473
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aecc900002c26be0c5000000001
Last-Modified: Wed, 08 Apr 2020 19:47:57 GMT
Server: cloudflare
ETag: W/"5e8e2a6d-176"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1b%2BvQW3wN4WyrfMDzENqhkIzWIKoCH%2BfuxilHjlStggM6ieUN2Ux7%2BZNLpaUepuN4ZzE4qVk8ML%2FEnJd%2BYQ4AmuSk95t3PJWRPli1FGU3nUuG%2FlQpl7CtitIBnsuvbn%2BN%2BFEhGco8PMb"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 65941427ac902c26-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK st_insights.js Show response
w.sharethis.com/button/ 26 KB
8 KB 46ms
21ms Script
application/javascript 2600:9000:218e:5400:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2600:9000:218e:5400:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f8284365ba340253ee9c71cfb5efcc37f10a23e8b8b5dd134ec7bbab05073845

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 13:20:12 GMT
Content-Encoding: gzip
Age: 32516
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 7567
Server: nginx/1.16.1
ETag: W/"60256fd5-676f"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 53f1fabf09e106b6477c73343225c059.cloudfront.net (CloudFront)
Cache-Control: max-age=259200
X-Amz-Cf-Pop: CDG52-P1
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: 8LSb2NISgCo07z4v-Y_0wwKoWlHcoF8S-MFt8yEIfkUS9p3cVOUFow==
Expires: Sat, 05 Jun 2021 13:20:12 GMT

GET
H/1.1 200
OK jquery.js Show response
www.celebzz.com/wp-includes/js/jquery/ 95 KB
34 KB 55ms
26ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3517473
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aece000001e47583f5000000001
Last-Modified: Fri, 17 May 2019 04:25:54 GMT
Server: cloudflare
ETag: W/"5cde37d2-17a69"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=n6NAOcdzB79GNN%2BHu5xXq5%2Fg3y5djNKyrqYD%2B6Dmy0oiAy67JBJ4Nu%2BIWKDJncQN7ejKT1tCq%2FbndQEy%2BsllkWiN0iKw9YFZHnP7eqMEPNLNeZoexFQnUiLxAFcDcthNILdj8ke4oSXh"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=315360000
CF-RAY: 65941427cdf71e47-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.celebzz.com/wp-includes/js/jquery/ 10 KB
5 KB 43ms
13ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3517473
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aecdf00006389be2e1000000001
Last-Modified: Fri, 20 May 2016 06:11:28 GMT
Server: cloudflare
ETag: W/"573eaa90-2748"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aDHDOLCueAhZ5zDTg2gwkOAT7mtFwqP8NuBvMRYd0GNCIOFzJTHvnYkVxn4kYSBAToIsoCYs4omG%2F6FduocJcRvy1f00qrd9xze%2Bn1GAkDN7GPQ9Mt4ZcHFmXqN5tv%2Fo3BHwdveEzCEO"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=315360000
CF-RAY: 65941427ccf96389-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dd-multi-col-cats.css
www.celebzz.com/wp-content/themes/hawtmen/ 114 B
997 B 41ms
12ms Stylesheet
text/css 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/themes/hawtmen/dd-multi-col-cats.css
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 631a14305b79d9763d09570f3fdad0478484b27b0cf61f5196b3b954b8bc0db0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3517626
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aecdf00002c267538f000000001
Last-Modified: Sun, 13 Dec 2015 12:52:37 GMT
Server: cloudflare
ETag: W/"566d6a15-72"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KINDs8Q9UY1UNKIEwDHzQl0EVXkAZpQ8DJQ60CbXHeXg%2FXuyLN%2FPHgWdB6u012FoMRSyWNKbAo770Us86ucUaTjernQbkAWvku13kYQh98jWhExM3W3aQRymzwXA0SHXyOGCPIkAIp5q"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 65941427cce32c26-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 43ms
23ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfc0aca46ecc842c804d8ef338a14a953d284fdf34e940ef292324935a1fb3aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48375
x-xss-protection: 0
server: cafe
etag: 4959865219697879150
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 02 Jun 2021 22:22:08 GMT

GET
H/1.1 404
Not Found classie.js
www.celebzz.com/wp-content/themes/hawtmen/js/ 0
0 41ms
12ms Script
text/html 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/themes/hawtmen/js/classie.js
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 32
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rE2DljUyNm0SGn53oakGx1eEY03%2BZgQuYKAY0LMEI1ZUF%2Bdqj2z%2BEM55REGkeFPJZlaEgeOcrcx4j%2B%2BfYhIq1GSWmaMlnPeOPwWPGaAEClzY4ucqNqJXOEvvqRGI82CEsYhyLk7PGTbd"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65941427ccadd72d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aecdf0000d72d78a94000000001

GET
H/1.1 200
OK / Show response
services.vlitag.com/adv1/ 930 B
2 KB 142ms
136ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://services.vlitag.com/adv1/?q=54e09c31ad7d306ae43be19b235e354f

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1971551ad2f9c0153c5f5adb3fa68243fce078f1b721f83d0a49dead642afac

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aedef00003248c5a60000000001
Pragma: no-cache
Last-Modified: Wed, 2 Jun 2021 22:22:08 GMT
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jf1HigDDrDR3mcWyBPvcVR4uKy8JSFIawd%2FqekMl4m2qPWFsRscxR2vREwZDJcu2csglXBph3oBvkCIG6yUJdotrmc4eEKchScbO4pKIcuPrtqzagltbJ0wjXBKcE4IxFV%2FCRG936dLLxhYO"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
CF-RAY: 659414297cb93248-FRA
Expires: on, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 14410 Show response
hosupshunk.com/tTuH48OLkMTmgg6aW/ 0
0 52ms
39ms Script
text/html 172.255.6.251
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://hosupshunk.com/tTuH48OLkMTmgg6aW/14410
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 172.255.6.251 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://www.celebzz.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H/1.1 200
OK chloe-ferry-in-latex-bikini-with-friend-bethan-kershaw-in-portugal-12_thumbnail.jpg
www.celebzz.com/wp-content/uploads/2021/06/ 55 KB
56 KB 21ms
21ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/uploads/2021/06/chloe-ferry-in-latex-bikini-with-friend-bethan-kershaw-in-portugal-12_thumbnail.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a8f3db1c3450a0672a5f8482d715668e13fc62d4c8e14dc17902f86cc87a891

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 32974
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 56348
cf-request-id: 0a706aee0300001e475c10e000000001
Last-Modified: Wed, 02 Jun 2021 13:12:20 GMT
Server: cloudflare
ETag: "60b783b4-dc1c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=A2pIMqMX5ERndjw%2F8iqi0FWBNnk6XPmnDUH2wPjp1VFfRHNDKzW4JjiAVHJ1iTHaP%2Fq0bs6t3v3V5h6I%2Bp%2BfV6XZ%2FIeVWhRTaRz1lwGSCYD2%2B8dNH5f%2FvP%2Fhxka%2Fpk3rGuffSegg6SqT"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6594142998d01e47-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK wendy-williams-looks-fashionable-as-she-steps-out-in-new-york-11_thumbnail-160x222.jpg
www.celebzz.com/wp-content/uploads/2021/06/ 9 KB
10 KB 14ms
13ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/uploads/2021/06/wendy-williams-looks-fashionable-as-she-steps-out-in-new-york-11_thumbnail-160x222.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 988e2f112b2d3368d356884ff7cbdf6bedfa0df7c2ab9f1b01b88a7cf4e95c33

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 32965
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 9715
cf-request-id: 0a706aee2d00001e47853d9000000001
Last-Modified: Wed, 02 Jun 2021 13:11:04 GMT
Server: cloudflare
ETag: "60b78368-25f3"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HfE0Mg%2BJJlUAbfxznNwKH7lkXPnoQeg5nPh5B0cVROC7S7%2FUxcMEiynSRugxz%2BuqHU%2B51Hg9QybvctRSGMfyv76M4Upgs%2F66%2B3n3gzQpNAdNMahHyi8GVEZcgusEOPNlTofrbRZJ22yO"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 65941429e93f1e47-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK myleene-klass-seen-arriving-at-global-studios-smooth-radio-in-london-8_thumbnail-160x222.jpg
www.celebzz.com/wp-content/uploads/2021/06/ 10 KB
11 KB 18ms
17ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/uploads/2021/06/myleene-klass-seen-arriving-at-global-studios-smooth-radio-in-london-8_thumbnail-160x222.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16f6b703c7b8096758daaab8c05b314d0d6dce03fb09671880c3de2b6121035c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 32964
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 10284
cf-request-id: 0a706aee5600001e47ad85c000000001
Last-Modified: Wed, 02 Jun 2021 13:10:17 GMT
Server: cloudflare
ETag: "60b78339-282c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RyDJAAYbUs3gCFR1WjEyXq9PWqxqm6WX9c%2B2cPHvCFRXba6p23uJ3Sml6cWHgVsXdkv7Y4g9FN9zW%2BrayuxtNRcH3Cz3fhbzLMAZ2nMCTQbVECPqLElpPBsw1XsgcNgOOabMnu3V63z2"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6594142a29a61e47-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK madison-pettis-enjoys-a-night-out-at-the-nice-guy-in-los-angeles-11_thumbnail-160x222.jpg
www.celebzz.com/wp-content/uploads/2021/06/ 10 KB
11 KB 15ms
12ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/uploads/2021/06/madison-pettis-enjoys-a-night-out-at-the-nice-guy-in-los-angeles-11_thumbnail-160x222.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a17a572977bcf2c2bee683b21a12238ea211bac06b9412b5dc5fe61528086ecd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 32964
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 10235
cf-request-id: 0a706aee58000017761c340000000001
last-modified: Wed, 02 Jun 2021 13:09:44 GMT
Server: cloudflare
etag: "60b78318-27fb"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Slc1u9CgETVVe1oxnAlSsjzfEybwaIqJ1uvzjDVUPFxpwlWKhgQ2nT4%2FVvMAfsjB%2BoE0oGEMcqYD56%2F3WX2%2FJbmvisZdPDvNuMo6cOGvQkhdDxAq3JYeoby1n8Tj6WR4gjqnSNu1Jhla"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6594142a286c1776-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK nikita-dragun-anitta-were-seen-arriving-at-the-nice-guy-in-los-angeles-23_thumbnail.jpg
www.celebzz.com/wp-content/uploads/2021/06/ 54 KB
55 KB 20ms
17ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/uploads/2021/06/nikita-dragun-anitta-were-seen-arriving-at-the-nice-guy-in-los-angeles-23_thumbnail.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0254b2b71686a7541889460efc6dde1ecfaa21183aed27d319bbfe7f35fd844

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 33182
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 54979
cf-request-id: 0a706aee5b00006389c405e000000001
Last-Modified: Wed, 02 Jun 2021 13:08:37 GMT
Server: cloudflare
ETag: "60b782d5-d6c3"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2JuHRAMMtu4NzuF4b%2BhDYfEX7vWI6aOAS%2BnJ2wrO%2Bt%2FXD5gO%2BTopalBLiC1w5NkZW7FqXakCe3NFB7oROFcAqjUIpqqYTfqYRVKZZOI%2FZ8TqtfLnRuabv9YXqQvAsX5pTmC2rRFPaC0g"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6594142a2d7d6389-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bethenny-frankel-wears-a-hot-pink-bikini-and-her-enormous-engagement-ring-as-she-hits-the-beach-in-miami-26_thumbnail.jpg
www.celebzz.com/wp-content/uploads/2021/06/ 58 KB
59 KB 18ms
15ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/uploads/2021/06/bethenny-frankel-wears-a-hot-pink-bikini-and-her-enormous-engagement-ring-as-she-hits-the-beach-in-miami-26_thumbnail.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 122414edb525f8cd33da89ee623d931dd73aea86ec96120944bf98f1c426cecf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 33680
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 59588
cf-request-id: 0a706aee590000d72d09120000000001
Last-Modified: Wed, 02 Jun 2021 13:00:18 GMT
Server: cloudflare
ETag: "60b780e2-e8c4"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2t%2FXyemA47DnVDoo9MZEg5HLwcNYYpqcvmOU1vYmArFd%2FUrcIH%2FnA%2FHQ70E3T%2FSeWL3y0Ynd1gJCKs%2B2ervj3QsYkBVSkEMMshL%2FeLzIGLalkvO3ga8OICWp52HrL3lrEn0N2HRIDGjc"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6594142a28e2d72d-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK demi-frankie-sims-seen-at-novikov-and-tape-nightclub-in-london-22_thumbnail.jpg
www.celebzz.com/wp-content/uploads/2021/06/ 56 KB
57 KB 18ms
15ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/uploads/2021/06/demi-frankie-sims-seen-at-novikov-and-tape-nightclub-in-london-22_thumbnail.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e307466d7334ad26c306cd691b40edc5e234e30ab1a85e8e82787e749eef871

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 33873
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 57566
cf-request-id: 0a706aee5900002c264d874000000001
Last-Modified: Wed, 02 Jun 2021 12:57:09 GMT
Server: cloudflare
ETag: "60b78025-e0de"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7gfo9BXB3dN7afwFT7IkOvTejKLNPvU6w37O0wo0j2ztRk4WnKIOWDEGP7P%2F9WFykkiN%2FqvqZg7qzZyA6GhH7WTj7tCoHUIETvm%2Fp8A54ajKJfGfvLvt4Ly3QcN%2Bt6NCrMrWvCLCIjhM"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6594142a28602c26-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jess-eve-gale-enjoy-a-night-out-with-demi-jones-as-they-are-seen-at-madisons-roof-bar-in-london-22_thumbnail-160x222.jpg
www.celebzz.com/wp-content/uploads/2021/06/ 6 KB
7 KB 16ms
14ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/uploads/2021/06/jess-eve-gale-enjoy-a-night-out-with-demi-jones-as-they-are-seen-at-madisons-roof-bar-in-london-22_thumbnail-160x222.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afa16e6021272e8b9cb8affa4e56e59782095d7d45681cfb621e78d7cf3741c2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 33562
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 6497
cf-request-id: 0a706aee590000c2febc291000000001
Last-Modified: Wed, 02 Jun 2021 12:57:01 GMT
Server: cloudflare
ETag: "60b7801d-1961"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ukXqYby1iQ9a%2FKRkdAsLjLki8sAIIMKCrr9EBvDXEDqlD3E8sSgSOVkf1M7I8PAIKMKAplmTszrA1FCAwEXZuS4e08fHpNSWCoGF%2FspwKA3A%2B0zK6cCNzHIqGb2%2FzEimr2%2FZzrnEiNma"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6594142a2e9bc2fe-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK naomi-osaka-arrives-back-home-in-los-angeles-after-dropping-out-of-the-french-open-tournament-12_thumbnail-160x222.jpg
www.celebzz.com/wp-content/uploads/2021/06/ 12 KB
13 KB 20ms
16ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/uploads/2021/06/naomi-osaka-arrives-back-home-in-los-angeles-after-dropping-out-of-the-french-open-tournament-12_thumbnail-160x222.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f2730371e10cf59bd1dd71b2f8cdde6f289bfc8480e6c322cc2b21ea97a4289

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 33563
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 12215
cf-request-id: 0a706aee6d0000c2febf31e000000001
Last-Modified: Wed, 02 Jun 2021 12:54:35 GMT
Server: cloudflare
ETag: "60b77f8b-2fb7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pYe5sIg1s2eCDNFqab%2FxuHMjBW7uu6TN%2B8d%2FbMqKyJh74OXOBcQt5HKOpSamkdcedWDTGUWwiD%2FZn9mW9wXqGfwauxrCKxxTuRjuj5QSZpDNy270zdbs1EMz7%2FTuImuoLPlqUCtX8zni"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6594142a4eccc2fe-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK olivia-attwood-fran-parman-nicole-bass-clelia-theodorou-lystra-adams-filming-for-series-2-of-olivia-meets-her-match-in-manchester-18_thumbnail.jpg
www.celebzz.com/wp-content/uploads/2021/06/ 56 KB
57 KB 18ms
14ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/uploads/2021/06/olivia-attwood-fran-parman-nicole-bass-clelia-theodorou-lystra-adams-filming-for-series-2-of-olivia-meets-her-match-in-manchester-18_thumbnail.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3a7762189d8e69850fd0983f4a4a0ce634ccb6221b62c9408d79e3740e0a1be

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 34084
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 57012
cf-request-id: 0a706aee6e00001e4775356000000001
Last-Modified: Wed, 02 Jun 2021 12:53:42 GMT
Server: cloudflare
ETag: "60b77f56-deb4"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ubp9%2FSi2jvmrXCNi58Mi9TiwzPD0XunzNofWgBIuboEEy3krNSBCAek1O32Q%2B4XdP8j0yBmgU%2BNynFOJCpDgeto79MhoRdvMPCsAvYfToiumN4BADWDj1Z5dE%2Bny3YkQm6F7WSM0tiQs"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6594142a49dd1e47-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK srpthumb-p3759389-160x240-no.jpg
www.celebzz.com/wp-content/plugins/special-recent-posts/cache/ 9 KB
10 KB 15ms
12ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/plugins/special-recent-posts/cache/srpthumb-p3759389-160x240-no.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cc6a758fa033a81c26108238395ab193e279147214a4513945c14f295546547

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 32965
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 9359
cf-request-id: 0a706aee6f00002c2663abc000000001
Last-Modified: Wed, 02 Jun 2021 13:12:36 GMT
Server: cloudflare
ETag: "60b783c4-248f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=H5AaiRYjD9eg3b7t%2FrjJdO9Yv8c6FRUK%2BCetmV9miYC5wySq3wPpBZxl5Qcn75aWgX3BZynfOFKgN7BNtPlyirccne8SpO9xODd2h6%2FA0hmmUXNOCQKsct7x4tnrqMwMnaDzyX3%2BJTlG"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6594142a48a52c26-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK srpthumb-p3759370-160x240-no.jpg
www.celebzz.com/wp-content/plugins/special-recent-posts/cache/ 10 KB
11 KB 15ms
14ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/plugins/special-recent-posts/cache/srpthumb-p3759370-160x240-no.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9648ae7af07c2fc43af3856a42307f0c90e967b16424984ea28061729631ee78

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 33052
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 10732
cf-request-id: 0a706aee6f0000d72d2ca2c000000001
Last-Modified: Wed, 02 Jun 2021 13:11:07 GMT
Server: cloudflare
ETag: "60b7836b-29ec"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BBqJStMJcV0fS4%2BmKZEgQSOpArJ4cEk4RlNu6mIqj04scJThXKoMELRW7D2C6b7KgdkBHVK2Nd2SqG7QzEyOXExIafmggypuFFsYoHz3ZhKGm%2BaopKp4pJ1hvw%2B1nwvEmPUt55a1Trfm"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6594142a4922d72d-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK srpthumb-p3759351-160x240-no.jpg
www.celebzz.com/wp-content/plugins/special-recent-posts/cache/ 10 KB
11 KB 21ms
20ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/plugins/special-recent-posts/cache/srpthumb-p3759351-160x240-no.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 347ad8ef86aeedd009a336f41ded4f8385cc795c8a25895230f222b601892fdb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 33052
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 10263
cf-request-id: 0a706aee7400001776f89ae000000001
Last-Modified: Wed, 02 Jun 2021 13:10:38 GMT
Server: cloudflare
ETag: "60b7834e-2817"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=M5f%2BamJdyFgertcrw3farsdpnRebWNCH1vzpdKSU%2Fms6%2Fb1J0Y%2FH8o0oZFO%2B%2F7JTtjX7hn6cmPbYbL%2F0uPtjm4wKSPPmcTPZA0mm%2Bp0p9tpBFZ616103EXr4QDfTplLfZUtoqtLzqxlE"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6594142a48991776-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK srpthumb-p3759332-160x240-no.jpg
www.celebzz.com/wp-content/plugins/special-recent-posts/cache/ 7 KB
8 KB 20ms
19ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/plugins/special-recent-posts/cache/srpthumb-p3759332-160x240-no.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28e70fa9e94b5c4f9bf9c371c21b2f51fdb8144dfa9960b5c2c3d3763a1d382c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 33127
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 7248
cf-request-id: 0a706aee7300006389dda6e000000001
Last-Modified: Wed, 02 Jun 2021 13:09:56 GMT
Server: cloudflare
ETag: "60b78324-1c50"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FtKM94%2BkBTzivLIX9Eka4OUKCoaz0aLbTecqPfwP2WLZuiJjwb9lMXFXE7mPU%2F5%2BXUYmb%2BcagLYhdbJVaUwTcafBXT9KzC5bWl43NXr%2FwWrPMvFe4vh6zZMTh2Xu9paIPKO7YaAjnOgM"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6594142a5d826389-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK srpthumb-p3759299-160x240-no.jpg
www.celebzz.com/wp-content/plugins/special-recent-posts/cache/ 7 KB
8 KB 18ms
13ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/plugins/special-recent-posts/cache/srpthumb-p3759299-160x240-no.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 921b5fa9751cba7b923b534824c7996608cf89dbb161355af6c83b589ffc6269

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 33171
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 7320
cf-request-id: 0a706aee8100001e478d3c7000000001
Last-Modified: Wed, 02 Jun 2021 13:09:15 GMT
Server: cloudflare
ETag: "60b782fb-1c98"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PHYBy7Tsou8m9J5HO2W2liIRlEA52HEPsqhzrzTTVvMgSExWDIeWD03AedCHD7vpqcHMCR7ozq2yVPP9mZitJs%2BVsEoyf7pvTxxhgVt1a%2FF5PuwGX6PiaxsIknmnbdDcfSYuFHQpRybH"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6594142a6a071e47-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK srpthumb-p3759276-160x240-no.jpg
www.celebzz.com/wp-content/plugins/special-recent-posts/cache/ 12 KB
13 KB 17ms
14ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/plugins/special-recent-posts/cache/srpthumb-p3759276-160x240-no.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3e60c10e1a6babbb010b69b642118ab9291d60f257fa7a9281b84afad45e9c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 33563
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 12013
cf-request-id: 0a706aee830000d72d5da4c000000001
Last-Modified: Wed, 02 Jun 2021 13:01:57 GMT
Server: cloudflare
ETag: "60b78145-2eed"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Vfn0PS3%2FObiK1ypZwB4c7pLBbPz72FFsyMG8t%2BcTpLD8JjKx%2BMbRnZBhPinW%2FVIl2ZpYka2kJvDKNVHE%2FKakzDhwrLel2AuewWBjcQZ5rkgPiwWxcwj6xTqQVzUQCVZrjd%2Bx7jmskBun"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6594142a6956d72d-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK srpthumb-p3759243-160x240-no.jpg
www.celebzz.com/wp-content/plugins/special-recent-posts/cache/ 9 KB
10 KB 18ms
17ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/plugins/special-recent-posts/cache/srpthumb-p3759243-160x240-no.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 336689f242ff538a29176f815875baf9a26b9e01dc180dabaacabbc6cf87d61f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 33849
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 9144
cf-request-id: 0a706aee830000c2fea1213000000001
Last-Modified: Wed, 02 Jun 2021 12:57:37 GMT
Server: cloudflare
ETag: "60b78041-23b8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KT3wkwxFOfGgH4KrUoymx5XiQqG49zrMFaxzVYDUC3szZMVG9KxzItUPJMuG68QJVIDUWBxyYHIG4hAdfirDQ4hMXzPA82njLUN0JFtsQAcsL35NRpQlKQUz3OxAcpi1Chi5GuOMghsJ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6594142a6efbc2fe-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK srpthumb-p3759212-160x240-no.jpg
www.celebzz.com/wp-content/plugins/special-recent-posts/cache/ 9 KB
9 KB 15ms
14ms Image
image/jpeg 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.celebzz.com/wp-content/plugins/special-recent-posts/cache/srpthumb-p3759212-160x240-no.jpg
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d97fe18f84e32f7a567c9035b4ec89f77777f678a957839fa8f96df679681dc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 33849
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 8796
cf-request-id: 0a706aee8300002c268f92d000000001
Last-Modified: Wed, 02 Jun 2021 12:57:29 GMT
Server: cloudflare
ETag: "60b78039-225c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=b0YdJe%2F%2B%2FZvE8MR%2BrA7uM8azE80HNnoxAqnufJmlbJZ8BaEbzW294SVaoo8bl%2BZeIWJzW0CrHR2B6I6Ohbwelka5B2aFs3ywqmsA6HQTGF1CCS2v%2FNOm2Vd%2BI4RDNnuByjU7G1Gg9rz%2B"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 6594142a68e62c26-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK email-decode.min.js Show response
www.celebzz.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 11ms
11ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.celebzz.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cf-request-id: 0a706aed5000001e4788290000000001
Last-Modified: Fri, 28 May 2021 10:23:11 GMT
Server: cloudflare
ETag: W/"60b0c48f-4d7"
X-Frame-Options: DENY
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HV0Ug4uTBylAXyMdg4FN3nyJFyGCJia0FRnKWVfQ3Re0W6UikaUGihtJ0N%2B4DXc16r1%2FbekeVpulKG53Vwwc9HUc5I2hYKW8IaiUrKZRNWGfqC8Fgs%2FTWAzvXHUU8KYPBMplhEMtBOsy"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=172800 public
CF-RAY: 659414287f211e47-FRA
Expires: Fri, 04 Jun 2021 22:22:08 GMT

GET
H/1.1 200
OK 14409 Show response
hosupshunk.com/t8VdWtsSUPQFQ3k/ 0
0 43ms
37ms Script
text/html 172.255.6.251
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://hosupshunk.com/t8VdWtsSUPQFQ3k/14409
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 172.255.6.251 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://www.celebzz.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H/1.1 200
OK main.js Show response
www.celebzz.com/wp-content/themes/hawtmen/js/ 505 B
1 KB 12ms
12ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/themes/hawtmen/js/main.js
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032b19d131b735f2ffb20bed03574dc1a05b3413cdc9f9ab0a9efd5bfb2353dd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3517625
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aed8600001e475a3c6000000001
Last-Modified: Thu, 25 Jan 2018 16:10:10 GMT
Server: cloudflare
ETag: W/"5a6a0162-1f9"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xKW%2F7cnJ4UL3pMA1hUfGViO%2FX3KzB9MicZ44Ktx%2BFSkl2rP7IOLFoILenUFQgnNT2vzzE6xYh%2B0Sn53XshAEg%2FCpyDzNXr3kMROvTvKg9DFad1GimDXTo5w2cM2zh3%2Fkt8bdUKLOUFbe"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=315360000
CF-RAY: 65941428dfb31e47-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found template.js
www.celebzz.com/wp-content/themes/hawtmen/js/ 0
0 15ms
14ms Script
text/html 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/themes/hawtmen/js/template.js
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 31
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MLQAUjz6TqwVHz8koZOV70fYYWEVUkly3M0gj8tRKW%2BAvCXzqsXRdlymcGZ0mxGO%2FQtd0y8ohrCMlgtjyJKuCpsqiePdWANUBDhxWEkLXKLyRL%2F6E0CzJNrownTlrNWgHzq3W1kd5UYc"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 65941428efc61e47-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aed9300001e4796b62000000001

GET
H/1.1 200
OK spt Show response
tg1.aniview.com//api/adserver/ 0
542 B 167ms
144ms Script
text/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.aniview.com//api/adserver/spt?AV_TAGID=5fb51f6a392877685a3bfa19&AV_PUBLISHERID=5fb51ce9c8b6ef66d03644b4
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 20
Expires: Wed, 02 Jun 2021 22:27:09 GMT

GET
H/1.1 200
OK ssba.js Show response
www.celebzz.com/wp-content/plugins/simple-share-buttons-adder/js/ 2 KB
2 KB 14ms
14ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=5.4.2
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3517625
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aeda300001e477d90d000000001
Last-Modified: Mon, 25 May 2020 08:27:44 GMT
Server: cloudflare
ETag: W/"5ecb8180-792"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=r3Ltrx1UABWzgawZWnjzZ7S0059cd8pE58aSGAhiaUq0t6Qrk2WA1TZ3xa7L35Eqkpc5J1yQ%2B0wjcyQ%2Fs%2FIIHg9VGsb%2BICAs8zBMZt4Q4IKSBPRSDCrreXY3Aqp1DNHs8v2TEU5HeEfC"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=315360000
CF-RAY: 659414290fe71e47-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK detectmobilebrowser.js Show response
www.celebzz.com/wp-content/plugins/mystickysidebar/js/ 2 KB
2 KB 11ms
11ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/plugins/mystickysidebar/js/detectmobilebrowser.js?ver=1.2.3
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a258fa2108c7a4579876f75154378f19e3ee8af7753499bad8bfb18b56cb6dfc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3517473
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aedb200001e4758002000000001
Last-Modified: Thu, 09 Jul 2020 08:39:49 GMT
Server: cloudflare
ETag: W/"5f06d7d5-8a9"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SKIGTcxQXnp9efuLM53aRR%2BSk49Jx0aPp57pJR%2FetqpjrJ3ILH6UD1G%2BLvwzIHb%2Be6%2FbOr1VVPoOqLpGmB15I9dER%2FFzYggwe5jIvh8K2MgIEh575YuUUiHWXQMsq8S8qnTrvCvio9uF"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=315360000
CF-RAY: 65941429180a1e47-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK theia-sticky-sidebar.js Show response
www.celebzz.com/wp-content/plugins/mystickysidebar/js/ 17 KB
5 KB 23ms
23ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/plugins/mystickysidebar/js/theia-sticky-sidebar.js?ver=1.2.3
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7a66c0cb964ac30903ab4db3f91847f5ce265c9f5aaed47c00d8154a9eab121

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3517473
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aedc500001e47853d2000000001
Last-Modified: Thu, 09 Jul 2020 08:39:49 GMT
Server: cloudflare
ETag: W/"5f06d7d5-45ef"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=p3SoTMhFBy79Y18gGCjoG0zMLWjUbQW7%2F5KybjUI67nEHHF2GsNX%2F9vwChXqJLhUjoFsbPy4YMAfgWPTISd74gOrhZd82rbjtiXcwebzHnfffyAKzQQJem6BYO7lz3QdHeFR7zvk4bvG"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=315360000
CF-RAY: 65941429383e1e47-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
www.celebzz.com/wp-includes/js/ 1 KB
2 KB 18ms
17ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-includes/js/wp-embed.min.js?ver=5.4.2
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3517625
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aedd900001e476291b000000001
Last-Modified: Sat, 26 Oct 2019 00:17:07 GMT
Server: cloudflare
ETag: W/"5db39083-59a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nLhDT%2BByBlFJPJy14btFr%2Bxr%2FDicL7ZYJFoAx8tNq2Xhl7RXP3uS%2FloNhxemtP8GlmAk4FrxBTfoIihEmDQZIMUmzvREbMZr0v8jfMvIRQ1uO1B0OqfWYPrt4k2J66Rdcbk1WSA%2FuNFR"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=315360000
CF-RAY: 6594142958691e47-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK d.js Show response
waust.at/ 13 KB
8 KB 26ms
12ms Script
application/x-javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://waust.at/d.js
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 706
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0a706aee6500000eaf65156000000001
last-modified: Mon, 03 May 2021 17:48:14 GMT
Server: cloudflare
etag: W/"6090375e-3444"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pAOw8imZ8V%2BpLovQfNw6oPLbZQHTO8pwuvr8YXLJVwz%2FrkMs2oiDxX5adzva%2BedTmih1smdlm0v5Td71aW%2BFftWBmFGgzoqyV21FNdaLjXJhslcSVB%2F59IMKN0aq9s4C4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
CF-RAY: 6594142a3a840eaf-FRA
expires: Thu, 03 Jun 2021 22:10:23 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
19 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4246
date: Wed, 02 Jun 2021 21:11:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 02 Jun 2021 23:11:23 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2

200

sdk.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/sdk.js
https://connect.facebook.net/en_US/sdk.js

3 KB
2 KB

6ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ff6e5ee472b7de6d14d56bd57712033525cbd3749fd621e86110d33a83dda42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: n+DoAA/PQ92X05M1nLsM6A==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: +gkC2JEKC0WQC/ZGtiM7W8dbruA4sEWLWFV88bXWoyH4+PM7Pk31PCFPnsJuP3JwDzWY2s9ITNn8oP0JfOUgsQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 10f9778c71d0143a4ffe9accd55706cf
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 02 Jun 2021 22:22:09 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ff893dc8326d740231b37c3406970ecf"
timing-allow-origin: *
expires: Wed, 02 Jun 2021 22:40:11 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.6
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.celebzz.com/wp-includes/js/ 14 KB
5 KB 14ms
13ms Script
application/javascript 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3517474
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aee8400001776deb4f000000001
Last-Modified: Tue, 05 Nov 2019 22:04:02 GMT
Server: cloudflare
ETag: W/"5dc1f1d2-364d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MF42lXQLKf5Yq%2BBO%2FhTdHsGjKxneT0aAyVcf%2Bg6IQ3mNAIF91w4FuYRj9YINVWEXXFGtOHh%2FuPHux8p6YV1PVUroMR5rHmY7GzuNKhAzUDSxLK%2FwdqvNYARpG9J%2FVPvvUhpLU9P0wCLb"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=315360000
CF-RAY: 6594142a68c21776-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202105270101/ 232 KB
86 KB 45ms
28ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202105270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8340352295618934&plah=www.celebzz.com&amaexp=1&bust=exp%3D31060975

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

249915f7b82c05aa6ba47ebe36f3b2e3588a1eaeb8940a72e34bf17ad4631562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87681
x-xss-protection: 0
server: cafe
etag: 11991492052702188139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 02 Jun 2021 22:22:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/ Frame DE44 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210525/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 02 Jun 2021 01:21:09 GMT
expires: Wed, 16 Jun 2021 01:21:09 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 75659
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 404
Not Found classie.js
www.celebzz.com/wp-content/themes/hawtmen/js/ 0
0 17ms
16ms Script
text/html 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/themes/hawtmen/js/classie.js
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:08 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 32
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rcmg7wzhX5jcN7RjLhrV%2BI26wddM%2BPd%2B0j1VPuNt4tOBdu0VTs0YFcI8bplsLF7BGEaEJEdidmKeApIBbq8uzaVEwjN9llz0bw%2BY7G4A5ZFWif%2B8f0VqD2S9r5qrudw8dhbTZD0mB2CM"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6594142a097c1e47-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aee4400001e475122f000000001

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
15 KB 15ms
8ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.celebzz.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 11:31:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 May 2021 21:21:19 GMT
Server: sffe
Age: 125411
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14440
X-XSS-Protection: 0
Expires: Wed, 01 Jun 2022 11:31:57 GMT

GET
H2 200 tag.js Show response
ad.impactify.io/static/ad/ 2 KB
1 KB 46ms
22ms Script
application/javascript 2606:4700::6812:f13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.impactify.io/static/ad/tag.js
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cb0887e4f51d7c8b208fa335e628731d75573ed55e05a1f9bd0922d4e0645dc

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 870
x-amz-request-id: JS02AY34CSS124C9
x-amz-id-2: nD/yN7+uhlupHLBtgHm/g6UpVo2WwB4Q8TqQc5VXeSVRFMjWDsaHGrLuZLQuqPjk2RuBQitm9i8=
last-modified: Tue, 20 Apr 2021 10:41:54 GMT
server: cloudflare
etag: W/"0360d48a094e4031d6a82e1946f9ce07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-version-id: MCts9LqDD.LOjdjV9.feeN0kV_Ei20zx
cf-request-id: 0a706aee9000001f2d7f2dc000000001
cf-ray: 6594142a7ac71f2d-FRA
expires: Wed, 02 Jun 2021 23:22:09 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 13ms
8ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.celebzz.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 19:47:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 May 2021 21:21:50 GMT
Server: sffe
Age: 95694
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15112
X-XSS-Protection: 0
Expires: Wed, 01 Jun 2022 19:47:14 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 12ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.celebzz.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 17:27:27 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 May 2021 21:21:24 GMT
Server: sffe
Age: 104081
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14992
X-XSS-Protection: 0
Expires: Wed, 01 Jun 2022 17:27:27 GMT

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame 1CF5 2 KB
1 KB 68ms
23ms Document
text/html 2600:9000:218d:6800:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:6800:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Wed, 02 Jun 2021 21:25:19 GMT
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04a0003b41de711e6a8b7432e24f89a5.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P2
x-amz-cf-id: YdKO7oIcAtnt9Kf0qBJhAmiLxRL_0vGOBg38Z14XUx3vUAhvG1fqkw==
age: 3410

GET
H/1.1 200
OK ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 36ms
7ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:21:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 17:56:53 GMT
Server: NetDNA-cache/2.2
ETag: W/"14f4-179cddefae5"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: https://lockerdome.com
Content-Length: 2348

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 55 KB
56 KB 24ms
12ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.4.2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: http://www.celebzz.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.4.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 3515173
cdn-cachedat: 2021-04-23 07:32:05
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 56780
cf-request-id: 0a706aee890000314051270000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 22a46b0693a96fe84faec44d475d14c8
accept-ranges: bytes
cf-ray: 6594142a7edc3140-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 / Show response
services.vlitag.com/uv/ 13 B
747 B 274ms
258ms XHR
application/json 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/uv/?page_url=http%3A%2F%2Fwww.celebzz.com%2F&mtk=91

Requested by

Host: services.vlitag.com
URL: http://services.vlitag.com/adv1/?q=54e09c31ad7d306ae43be19b235e354f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13
cf-request-id: 0a706aeed500002ba13da48000000001
pragma: no-cache
last-modified: Wed, 2 Jun 2021 22:22:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IzSdD6EwM10JPyQ%2BU2f5FD3LcLL%2FHdRt7tCtTCpJoccqA3YINRTlf%2FoyHJRrfXY0G31DsxHUvl1FbCM64xMQ5BWx3sjqe9JyyhJdWh9ZqmTRtAxFvxH7xS9OUgy%2BSRt9VzGB1GXzbHmvgBU%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: http://www.celebzz.com
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 6594142aebe62ba1-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 54e09c31ad7d306ae43be19b235e354f.js Show response
tag.vlitag.com/v1/1622654666/ 478 KB
124 KB 28ms
15ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js

Requested by

Host: services.vlitag.com
URL: http://services.vlitag.com/adv1/?q=54e09c31ad7d306ae43be19b235e354f

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

949ee152421c4d0a3983808435477bd9e9a405deb80cab790373e8dc00fd1ff3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 17644
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aeed200004ed429848000000001
Cf-Bgj: minify
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5YMLGzuOMxjS8abhtsvgPTSDsSd4WauWiek9ijulOOZXma3pryxbMK6aZi%2FxfqHq3uyTeToe3UXPo899%2FDhCVTRrEnoTn8ThpeVh0gmZm28oXPYAlwt5LoRHIU5yjfREvv4U1l33nA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, immutable
CF-RAY: 6594142aecb74ed4-FRA

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 218 KB
64 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7f39a71bde343f3f814ef3918241557a&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3886a7c28a4cd03b7b16c0e01312750a910ef1ab08b195f0c72e18fb1b6dd24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://www.celebzz.com
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: GfXOhf9ji64zhhngJI7jtQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65769
x-fb-rlafr: 0
x-fb-debug: HLubgYrqDYV4UbyPGY2iq+lt/ziMysqGxdx51iuP8+AuzmgZgxJAswkntqKI+6zcWkI6IijhOHh0kZRf8kY+zg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 1a29979bb61d8052eafcd02480adb695
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 02 Jun 2021 22:22:09 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "9e05bef168267ecdb207fa1898c0fab9"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 20:29:09 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1219619320&t=pageview&_s=1&dl=http%3A%2F%2Fwww.celebzz.com%2F&ul=en-us&de=UTF-8&dt=Celebzz%20-%20Daily%20Celebrities%20Pictures%20-%20Celebzz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=649962226&gjid=1829105669&cid=802403062.1622672529&tid=UA-53583176-1&_gid=460072451.1622672529&_r=1&_slc=1&z=970399041

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.celebzz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 screen.js Show response
ad.impactify.io/static/ad/v5/ 221 KB
72 KB 24ms
23ms Script
application/javascript 2606:4700::6812:f13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.impactify.io/static/ad/v5/screen.js?v=5r85
Requested by: Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d681b45f2bd08bed4eb23d7d1749bfd1c6aac7c63dbb2b061915a497f8c46693

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 860
x-amz-request-id: JS0144V2PX00WQFG
x-amz-id-2: SBYEC7AjMio8hYFJxvxISTHnWpVDGtqnUxsZTKZFmhCq6Ccy8nE79lf3swrf4DvMLbj9fKAaKDE=
last-modified: Tue, 20 Apr 2021 10:41:58 GMT
server: cloudflare
etag: W/"4897a32e4efd6dc03871076d8aeb5ec6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-version-id: 4jCpyNa30KueX3oTZaKjt7qrHpuUATcM
cf-request-id: 0a706aeeda00001f2d9014b000000001
cf-ray: 6594142afb661f2d-FRA
expires: Wed, 02 Jun 2021 23:22:09 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
640 B 63ms
40ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.celebzz.com&callback=_gfp_s_&client=ca-pub-8340352295618934

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202105270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8340352295618934&plah=www.celebzz.com&amaexp=1&bust=exp%3D31060975

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

d856823555e20dc1823ca0689ed28bc304f382df1b07bc8b9624b842cf102b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 35ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.celebzz.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Jun 2021 22:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 36ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.celebzz.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Jun 2021 22:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 647A 603 B
68 B 39ms
25ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8340352295618934&output=html&adk=1812271804&adf=3025194257&lmt=1622672529&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.celebzz.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1622672528953&bpp=33&bdt=378&idt=169&shv=r20210525&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7222319549661&frm=20&pv=2&ga_vid=802403062.1622672529&ga_sid=1622672529&ga_hid=1219619320&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C31060975&oid=3&pvsid=1722314050101086&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=190

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8340352295618934&output=html&adk=1812271804&adf=3025194257&lmt=1622672529&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.celebzz.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1622672528953&bpp=33&bdt=378&idt=169&shv=r20210525&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7222319549661&frm=20&pv=2&ga_vid=802403062.1622672529&ga_sid=1622672529&ga_hid=1219619320&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C31060975&oid=3&pvsid=1722314050101086&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=190
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 02 Jun 2021 22:22:09 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 02-Jun-2021 22:37:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Jun 2021 22:22:09 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622028727180027"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Wed, 02 Jun 2021 22:22:09 GMT

GET
H/1.1 200
OK 13235904936384614 Show response
lockerdome.com/lad/ Frame A6BF 1 KB
2 KB 459ms
119ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/13235904936384614?pubid=ld-7310-7070&pubo=http%3A%2F%2Fwww.celebzz.com&rid=&width=538
Requested by: Host: cdn2.lockerdomecdn.com
URL: http://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.celebzz.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Wed, 02 Jun 2021 22:22:09 GMT

GET
H/1.1 404
Not Found template.js
www.celebzz.com/wp-content/themes/hawtmen/js/ 0
0 13ms
12ms Script
text/html 2606:4700:3031::ac43:c8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.celebzz.com/wp-content/themes/hawtmen/js/template.js
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:c8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.celebzz.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.celebzz.com/
Cookie: _ga=GA1.2.802403062.1622672529; _gid=GA1.2.460072451.1622672529; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 32
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3cL6ZStov6Hcq7JM0i9%2FRaEhbaOZFjEncnExA6cKDB8PjuswAgmKn4q2VzbwQKHX2HGL9eEKRxPCXKGCb3h8eg09KkDiyAGSUyHr3kFhKagdI7z%2F4OY4MmOOB60zy0OuscFSK5Ai0XER"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6594142b3802c2fe-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aef020000c2fe6b977000000001

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
336 B 60ms
15ms XHR
text/plain 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1622672528931.85890&hostname=www.celebzz.com&location=%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&bsamesite=true&consent_cookie_duration=234&consent_duration=234&gdpr_domain=.consensu.org&gdpr_method=cookie&url=http%3A%2F%2Fwww.celebzz.com%2F&title=Celebzz%20-%20Daily%20Celebrities%20Pictures%20-%20Celebzz&sop=false&description=Daily%20Celebrities%20Pictures%2C%20hollywood%2C%20pics%2C%20candid%2C%20famous%2C%20actresses%2C%20celebzz%2C%20celebrity%2C%20los%20angeles%2C%20pictures%2C%20pretty%2C%20actress%2C%20model%2C%20sexy
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: http://www.celebzz.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 loader.json Show response
dvr.impactify.io/celebzz.com/ 4 KB
2 KB 56ms
31ms XHR
application/json 2606:4700::6812:f13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dvr.impactify.io/celebzz.com/loader.json?v=5r85
Requested by: Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5/screen.js?v=5r85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 002c7038bcab10a8b618a655984729abe996fc39f412ae07df5a37641985a3c4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 466
content-type: application/json; charset=utf-8
x-amz-request-id: FD3VS4EFF19SEQBF
x-amz-id-2: XfA2E2LgNenJIJELqEN8Lx6CS9+BPakwZKeTYvoEBeJe5+oYROu0A0Q0qsxO0W1tRff5oof9pSw=
last-modified: Fri, 21 May 2021 14:01:04 GMT
server: cloudflare
etag: W/"b422d4bb8ca363751cbea43d884e6819"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-language: en
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-request-id: 0a706aef380000c2a40c17b000000001
cf-ray: 6594142b8960c2a4-FRA
expires: Wed, 02 Jun 2021 22:52:09 GMT

GET
H2 200 cmp-v2.0.1.js Show response
assets.vlitag.com/plugins/cmptcf2/ 267 KB
68 KB 40ms
22ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 867363
cf-polished: origSize=489839
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aef5300004eb0252e5000000001
x-robots-tag: noindex, nofollow
last-modified: Tue, 29 Dec 2020 02:18:12 GMT
server: cloudflare
etag: W/"5fea91e4-7796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=G4w5kwHioXGpNnDJ02mN4ArrqmGYIe5jXTMS7gRy0yLtrEe9isytVpjmL1hx8n0C2y%2BGWAFOiNDjWjuzT1EVg4a%2BCoG9Ga88%2FTcNpRH7aJICtg4u7xyxlUcPOIwXxbHu4%2FOetO%2BPHJg2kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 6594142bbba44eb0-FRA
expires: Sun, 23 May 2021 21:56:06 GMT

GET
H/1.1 200
OK prebid-v4.38.0.js Show response
assets.vlitag.com/prebid/default/ 411 KB
129 KB 28ms
22ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58694600a9bb19ab424e8752ab649f1365563963d2541becd627f15045a107aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2033811
Cf-Polished: origSize=421400
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 10 May 2021 09:25:11 GMT
Server: cloudflare
ETag: W/"6098fbf7-66e18"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8ZT8DNqYiqh5OIdu9rh1Wi8jPJL2w1x%2B%2FV8s524%2BNAN%2BijVvtujqmK9iU6Rz5P94y5yevzU5zKijoxhjIS8gQxIhT5oxzNBjLe4xvf5yicdsBeq1wTalXMZLVQDj4qpFLoDtU2wUDKk48A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Expires: Mon, 10 May 2021 09:55:18 GMT
Cache-Control: max-age=16070400
cf-request-id: 0a706aef4700001f5149351000000001
CF-RAY: 6594142baa8c1f51-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 61 KB
21 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a603eac48b2a94338eb03a6909eea4cfe5d4ae62ccd2aee92f77163ca6fbe36c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "891 / 803 of 1000 / last-modified: 1622668262"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 21317
X-XSS-Protection: 0
Expires: Wed, 02 Jun 2021 22:22:09 GMT

GET
H/1.1 200
OK viPlayer_v42.min.js Show response
assets.vlitag.com/plugins/vlPlayer/ 13 KB
6 KB 19ms
12ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/vlPlayer/viPlayer_v42.min.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 868815
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aef4800002c3ab295f000000001
Last-Modified: Thu, 26 Nov 2020 03:46:23 GMT
Server: cloudflare
ETag: W/"5fbf250f-33d4"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eydgEanDWhU4hsY9azNwNRZkz3bTeOV%2FFuc3TpX9de301bZ0Fes%2BStUxPak06jq2mDWLSYbU8paSQ1%2F69GKQoOtEG6Hn4qkAT8wfekKGksHm0ZqFaJ5T3jSN9%2BHPt%2BwLOZNwVsooedBHfw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=16070400
CF-RAY: 6594142bacea2c3a-FRA
Expires: Sun, 23 May 2021 21:31:54 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 337 KB
116 KB 20ms
13ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be3b48dbe04f652fba8973decb94e84bf9e06fd3b0d0beddfe8859d11ccd7576

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 117995
X-XSS-Protection: 0
Expires: Wed, 02 Jun 2021 22:22:09 GMT

GET
H/1.1 200
OK sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
19 KB 30ms
24ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 868815
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706aef510000dfbbaa8fd000000001
Last-Modified: Fri, 01 Nov 2019 05:04:50 GMT
Server: cloudflare
ETag: W/"5dbbbcf2-9806"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hqhJJPJSOISp7rhki280hSnGJGuLttCVQSranEydb9MfmT1yLwmiFutppYE7D5hE%2FDzyyfZrsiHXKcuuNRATGkVR774KtURbWxP6rKTvHzAq6hAaSa0HrNCk6fmFlEq5%2BoElRP98FZhJwA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=16070400
CF-RAY: 6594142ba8fbdfbb-FRA
Expires: Sun, 23 May 2021 21:31:54 GMT

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 30ms
23ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:16:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Apr 2020 10:44:16 GMT
X-CDN-Pop-IP: 51.254.41.128/26
ETag: "-375139978"
X-Cacheable: Matched cache
Vary: Accept-Encoding
X-IPLB-Instance: 28229
Content-Type: text/javascript
X-CDN-Pop: rbx1
Accept-Ranges: bytes
X-IPLB-Request-ID: 59F940AB:7DEC_2E69C9F0:0050_60B80491_42B9B5:A39A
Content-Length: 4547
X-Request-ID: 797180519

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
315 B 16ms
15ms Image
text/plain 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1622672528931.85890&hostname=www.celebzz.com&location=%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&bsamesite=true&consent_cookie_duration=234&consent_duration=234&gdpr_domain=.consensu.org&gdpr_method=cookie&url=http%3A%2F%2Fwww.celebzz.com%2F&title=Celebzz%20-%20Daily%20Celebrities%20Pictures%20-%20Celebzz&sop=false&description=Daily%20Celebrities%20Pictures%2C%20hollywood%2C%20pics%2C%20candid%2C%20famous%2C%20actresses%2C%20celebzz%2C%20celebrity%2C%20los%20angeles%2C%20pictures%2C%20pretty%2C%20actress%2C%20model%2C%20sexy&gdpr_domain=.consensu.org&gdpr_method=cookie&description=Daily%20Celebrities%20Pictures%2C%20hollywood%2C%20pics%2C%20candid%2C%20famous%2C%20actresses%2C%20celebzz%2C%20celebrity%2C%20los%20angeles%2C%20pictures%2C%20pretty%2C%20actress%2C%20model%2C%20sexy&img_pview=true
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3-29

200

/
www.facebook.com/login/ Frame 2EC0
Redirect Chain

https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ab5800b241f38%26d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

106ms
105ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3ab5800b241f38%2526domain%253Dwww.celebzz.com%2526origin%253Dhttp%25253A%25252F%25252Fwww.celebzz.com%25252Ff1518400de44a5c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCelebzz-501754036583664%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=7f39a71bde343f3f814ef3918241557a&ua=modern_es6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3ab5800b241f38%2526domain%253Dwww.celebzz.com%2526origin%253Dhttp%25253A%25252F%25252Fwww.celebzz.com%25252Ff1518400de44a5c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCelebzz-501754036583664%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
cache-control: private, no-cache, no-store, must-revalidate
x-frame-options: DENY
content-encoding: br
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
content-type: text/html; charset="utf-8"
x-fb-debug: xYwP91E+DZuqpfEbTMl38CZeYAw0ShLwfUiXDyylv5duCvcPXbcKHbN3ADsLq0n5KMnecZFqdU7Alt6bpFs/pQ==
date: Wed, 02 Jun 2021 22:22:09 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3ab5800b241f38%2526domain%253Dwww.celebzz.com%2526origin%253Dhttp%25253A%25252F%25252Fwww.celebzz.com%25252Ff1518400de44a5c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCelebzz-501754036583664%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue
x-fb-rlafr: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
facebook-api-version: v3.3
x-content-type-options: nosniff
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
pragma: no-cache
content-type: text/html; charset="utf-8"
x-fb-debug: ekCuxwEmf+UIR2hjPf0pmKWE1tsB8Ff6krovb+VpeTmRk0xA2bk2gW9H2h9CVSorUxF8iI0BOHl4xOWvIn2mwA==
content-length: 0
date: Wed, 02 Jun 2021 22:22:09 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ 29 B
213 B 219ms
211ms Script
text/javascript 67.202.114.214
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=th0m99f4yi&t=Celebzz%20-%20Daily%20Celebrities%20Pictures%20-%20Celebzz&c=d&x=http%3A%2F%2Fwww.celebzz.com%2F&y=&a=0&v=27&r=7826
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Server: 67.202.114.214 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: b0dbc69f7aee59aa94590218ee82f51424d984db50555f1b8477a21faeef431b

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
content-encoding: gzip
transfer-encoding: chunked
content-type: text/javascript;charset=UTF-8

GET
H2 200 pubads_impl_2021052601.js Show response
securepubads.g.doubleclick.net/gpt/ 311 KB
110 KB 38ms
15ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 08:37:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111649
x-xss-protection: 0
expires: Wed, 02 Jun 2021 22:22:09 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 294ms
97ms Script
text/html 192.99.8.34
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?2352469&@f16&@g1&@h1&@i1&@j1622672529309&@k0&@l1&@mCelebzz%20-%20Daily%20Celebrities%20Pictures%20-%20Celebzz&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:114225544&@b3:1622672529&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fwww.celebzz.com%2F&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.34 Villa Park, United States, ASN16276 (OVH, FR),
Reverse DNS: ns501383.ip-192-99-8.net
Software: /
Resource Hash: 72bd113972d5a2c739b2cf7eccac1de81a9b715ec2f97c0b27bc59f03ad61ca4

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 36ms
21ms XHR
application/json 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210603

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

82eb521b12f758dcf66570d77942716359e5d2f2717acf1a2b44a34926c539f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 26420
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 926
etag: W/"6a2-c63mJ0e8QipALRxiMnwGY7k0ZDM"
x-served-by: cache-fra19182-FRA
date: Wed, 02 Jun 2021 22:22:09 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
235 B 275ms
96ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:08 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 10
vary: origin

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 48ms
14ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:09 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
722 B 55ms
17ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:09 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.172.154:80
AN-X-Request-Uuid: 7eaa398e-70c8-46e9-9043-8d2d360e9d6f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
113 B 55ms
17ms XHR
text/plain 3.123.167.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-167-229.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:09 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
654 B 260ms
242ms XHR
text/plain 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: http://www.celebzz.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FqmngalGPYYCBYU34%2Fxkpiay%2Bvo5GXr1Jtsx%2FS0p2RWJo2dfDLR1ALBGVu5silbBfzauqTOY5KS3s%2BeC4ky4vQGXtJKN7otdHpvqyHk%2BiZmkKZEgwT4biUvAY3ZnA%2F%2BLrfPB4o%2BU4tgNysJ%2BIg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6594142cddd84e74-FRA
cf-request-id: 0a706af00700004e7493925000000001

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
722 B 53ms
18ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:09 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.173.109:80
AN-X-Request-Uuid: 0ee04aee-a097-4607-8ffa-6cc760c1ca8d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 67ms
21ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=30575869104
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:08 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?rnd=0.10733838779489302&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=http%3A%2F%2...
https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?ct=1&rnd=0.10733838779489302&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=http%3A...

62 B
383 B

16ms
15ms

XHR
application/json

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?ct=1&rnd=0.10733838779489302&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2F&gdpr=1&gdprcs=
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: be01b23a6ab9ef9dbe693126fe64fcca0b073cbb6fd60f9ceb3a8a5355218855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: http://www.celebzz.com
expires: Wed, 02 Jun 2021 22:22:09 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 62
x-sid: AMS-744

Redirect headers

date: Wed, 02 Jun 2021 22:22:09 GMT
server: openresty
access-control-allow-origin: http://www.celebzz.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/www.celebzz.com/ROS?ct=1&rnd=0.10733838779489302&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2F&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-744

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
722 B 46ms
16ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:09 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.172.156:80
AN-X-Request-Uuid: a183a867-256e-4094-9b99-2e38e8b1ceac
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
364 B 256ms
94ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:08 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 8
vary: origin

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?rnd=0.10733838779489302&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&pbv=4....
https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?ct=1&rnd=0.10733838779489302&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&p...

63 B
384 B

16ms
15ms

XHR
application/json

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?ct=1&rnd=0.10733838779489302&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2F&gdpr=1&gdprcs=
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 58869f44d637b47ec364672d4275b69f7d38b117ab33e0ce6c84d739e192202e

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: http://www.celebzz.com
expires: Wed, 02 Jun 2021 22:22:09 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 63
x-sid: AMS-744

Redirect headers

date: Wed, 02 Jun 2021 22:22:09 GMT
server: openresty
access-control-allow-origin: http://www.celebzz.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/www.celebzz.com/ROS?ct=1&rnd=0.10733838779489302&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2F&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-744

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 30ms
14ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:09 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
114 B 39ms
17ms XHR
text/plain 3.123.167.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-167-229.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:09 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 54ms
21ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=51307302163
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:08 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
390 B 271ms
269ms XHR
text/plain 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: http://www.celebzz.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Pv4xWvtniJPiJFXddKUxvkP5QS%2FjzTRywggsMdH%2BufqMeIqo8hs53sTMunT7xO%2B%2BvXAKJB7AHLWynh1LzXw1tTA2ntTTb0eZQ8x7gCMMTIiCk8o7GZviIg0Wo5XK5a%2FT%2BMCnjMlcKjxM1qjbjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6594142cdddc4e74-FRA
cf-request-id: 0a706af00800004e748c223000000001

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
722 B 45ms
16ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:09 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.172.140:80
AN-X-Request-Uuid: 6e844564-76e9-4a0e-831e-0903b0802ba5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 1572962767.jpg
assets.vlitag.com/widget/2019/11/05/ 46 KB
47 KB 18ms
18ms Image
image/webp 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.vlitag.com/widget/2019/11/05/1572962767.jpg

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94a1096d4ddd1232128b8a52859680031fd1aa9df3bec2a6e25e7cf4ffd95282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 614462
Cf-Polished: qual=85, origFmt=jpeg, origSize=78339
Content-Disposition: inline; filename="1572962767.webp"
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 47174
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 05 Nov 2019 14:06:07 GMT
Server: cloudflare
ETag: "5dc181cf-13203"
X-Robots-Tag: noindex, nofollow
Vary: Accept
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=r5np6BFHjwPMQAu7p1SZQnT2Jk%2BFzwfFKzT2%2Fbr1xVjaep0ju0NA4QxfGtMTL0WbV7%2FgxqNHnQuCqxkLLmEmD2TzJc%2FQJTXnbIyE8kGVj3ByS2f876BligiydW8DF4MKZFBzFI4Vnq2w9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Expires: Wed, 26 May 2021 20:11:07 GMT
Cache-Control: max-age=16070400
cf-request-id: 0a706af02500001f5136bd2000000001
Accept-Ranges: bytes
CF-RAY: 6594142d0cb31f51-FRA
Cf-Bgj: imgq:85,h2pri

GET
H3-29

206

videoplayback
r1---sn-4g5e6ns6.googlevideo.com/
Redirect Chain

http://media.vlitag.com/vid/?id=O5RRxWcXyjc&t=y
https://redirector.googlevideo.com/videoplayback?expire=1622686515&ei=0-a3YMSpOdzXxN8Pr6aikAI&ip=52.210.125.216&id=o-AM8MyXN8z8N6LDezgJGsdLVG3v0w11-_Cbc5KRsA3HXx&itag=22&source=youtube&requiressl=y...
https://r1---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1622686515&ei=0-a3YMSpOdzXxN8Pr6aikAI&ip=52.210.125.216&id=o-AM8MyXN8z8N6LDezgJGsdLVG3v0w11-_Cbc5KRsA3HXx&itag=22&source=youtube&requir...

257 KB
0

16ms
7ms

Media
video/mp4

2a00:1450:4001:60::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1622686515&ei=0-a3YMSpOdzXxN8Pr6aikAI&ip=52.210.125.216&id=o-AM8MyXN8z8N6LDezgJGsdLVG3v0w11-_Cbc5KRsA3HXx&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=Ya2NIqrJ88uOrgyvMZj8VE0F&cnr=14&ratebypass=yes&dur=344.050&lmt=1543248490693149&fexp=24001373%2C24007246&c=WEB&txp=5532432&n=gFVVEDazxdfayOb0&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJh_Cs_Vi6Lqtwg2py4cewAZUSDB2edf7MitLxqru7x-AiEAkxS7oYIGWoQy5UkT2JeDHojsjoj4mxsU9k4D55fWEq0%3D&cms_redirect=yes&mh=gA&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6ns6&ms=au&mt=1622671960&mv=m&mvi=1&pl=50&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMOvJ4wNJINnz-kUzOgjorfMb73FzH4UaGDfoqvUCqmwAiAbXLV3VeXIpmtaHjJweY89U3m-cAaAk7eB7_LdBFnf_g%3D%3D

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:60::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Nov 2018 16:08:10 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-35126480/35126481
client-protocol: quic
cache-control: private, max-age=13686
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 35126481
expires: Wed, 02 Jun 2021 22:22:09 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:09 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1622686515&ei=0-a3YMSpOdzXxN8Pr6aikAI&ip=52.210.125.216&id=o-AM8MyXN8z8N6LDezgJGsdLVG3v0w11-_Cbc5KRsA3HXx&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=Ya2NIqrJ88uOrgyvMZj8VE0F&cnr=14&ratebypass=yes&dur=344.050&lmt=1543248490693149&fexp=24001373%2C24007246&c=WEB&txp=5532432&n=gFVVEDazxdfayOb0&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJh_Cs_Vi6Lqtwg2py4cewAZUSDB2edf7MitLxqru7x-AiEAkxS7oYIGWoQy5UkT2JeDHojsjoj4mxsU9k4D55fWEq0%3D&cms_redirect=yes&mh=gA&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6ns6&ms=au&mt=1622671960&mv=m&mvi=1&pl=50&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMOvJ4wNJINnz-kUzOgjorfMb73FzH4UaGDfoqvUCqmwAiAbXLV3VeXIpmtaHjJweY89U3m-cAaAk7eB7_LdBFnf_g%3D%3D
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
722 B 16ms
16ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:09 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.172.144:80
AN-X-Request-Uuid: b4f4ef76-6e34-442c-afc3-940d1d9f9e01
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
384 B 310ms
310ms XHR
text/plain 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: http://www.celebzz.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nlKY2cRVcwtGYhbToQbLGN8FqFJoW74X90rnWN9HfMxUk8uHMZNHtJOqRzpgoaI8PZce3pLkaWsQAsK9JhT6HUQt8dq%2BDuIPMv2HVRmsBY2tAllf66QhJZBtmH%2FAAYzoevpkaVJ0yWtyD2Epow%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6594142d5eb64e74-FRA
cf-request-id: 0a706af05600004e7428a63000000001

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?rnd=0.10733838779489302&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&pbv=4....
https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?ct=1&rnd=0.10733838779489302&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&p...

63 B
384 B

17ms
16ms

XHR
application/json

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?ct=1&rnd=0.10733838779489302&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2F&gdpr=1&gdprcs=
Requested by: Host: www.celebzz.com
URL: http://www.celebzz.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 58869f44d637b47ec364672d4275b69f7d38b117ab33e0ce6c84d739e192202e

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: http://www.celebzz.com
expires: Wed, 02 Jun 2021 22:22:09 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 63
x-sid: AMS-744

Redirect headers

date: Wed, 02 Jun 2021 22:22:09 GMT
server: openresty
access-control-allow-origin: http://www.celebzz.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/www.celebzz.com/ROS?ct=1&rnd=0.10733838779489302&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2F&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-744

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 21ms
21ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=78664914305
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:09 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
722 B 20ms
20ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:09 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.173.232:80
AN-X-Request-Uuid: 8dba977b-ce20-43e9-baa4-8b9be7163455
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 49ms
48ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:09 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
258 B 181ms
107ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:09 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 21
vary: origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
113 B 16ms
15ms XHR
text/plain 3.123.167.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-167-229.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:09 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
113 B 16ms
16ms XHR
text/plain 3.123.167.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-167-229.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:09 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
234 B 170ms
100ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:08 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 14
vary: origin

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 15ms
15ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:09 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 23ms
22ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=29934666717
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:09 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
386 B 269ms
269ms XHR
text/plain 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: http://www.celebzz.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vOzTkopWaT7pmwE7ItQc6dDAAJ4%2BPzYk6d77ZPqykMaBz%2F4gEd95nLZZcsikWlgOOacl%2Be7PatKZ1g3C7hyptA6LTerZo8Ansed1qsKfqT33VQL7kYnrdKGEoX5v%2FI3%2FJOyGjm2R90Nu93nt3A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6594142d6edd4e74-FRA
cf-request-id: 0a706af06200004e7428a64000000001

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
721 B 16ms
16ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:09 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.172.39:80
AN-X-Request-Uuid: b72a052e-31bf-4781-b6c5-a595efe658e6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ 63 B
384 B 19ms
18ms XHR
application/json 46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?rnd=0.10733838779489302&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2F&gdpr=1&gdprcs=
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 58869f44d637b47ec364672d4275b69f7d38b117ab33e0ce6c84d739e192202e

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: http://www.celebzz.com
expires: Wed, 02 Jun 2021 22:22:09 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 63
x-sid: AMS-744

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
722 B 16ms
16ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:09 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.172.228:80
AN-X-Request-Uuid: f9ae1dfd-20ca-4ba2-a007-aef07c303ac6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame A6BF 45 KB
17 KB 16ms
15ms Script
text/javascript 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/13235904936384614?pubid=ld-7310-7070&pubo=http%3A%2F%2Fwww.celebzz.com&rid=&width=538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6387
date: Wed, 02 Jun 2021 20:35:42 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Wed, 02 Jun 2021 22:35:42 GMT

POST
H2 200 quantumdex Show response
useast.quantumdex.io/auction/ 3 KB
3 KB 236ms
235ms XHR
application/json 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4048d0e94b6e1a66f8b4253a999092c0ee6bf9270581024654d6f135b10c578b

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: http://www.celebzz.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4QEQKcw54YHjXBRru7KANaGKTnak3dHjJn3OY1Bi5xV4H%2FRN%2BmW5yeQhbaIp3A3cf%2B%2BSSEnsUED86mCgMBT84p%2Bs%2F%2FdzyKLQ2WIU7CEi65um%2FpZV0v1fOImv%2Fct9aMXOCLnWiDOrd4%2FXNaRYxg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6594142e68c24e74-FRA
cf-request-id: 0a706af10400004e74222ea000000001

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 21ms
21ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=93936719756
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:09 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ 63 B
384 B 15ms
15ms XHR
application/json 46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?rnd=0.10733838779489302&e=160x600_0%3A160x600%2C120x600&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2F&gdpr=1&gdprcs=
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 0914701ad443e5f9b78f0895e4078e63d3c29764d39fa5770eb62e9937039344

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: http://www.celebzz.com
expires: Wed, 02 Jun 2021 22:22:09 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 63
x-sid: AMS-744

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
722 B 49ms
48ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:09 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.172.155:80
AN-X-Request-Uuid: 94fde29b-9a5f-4b9f-9399-9137bd308bd6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 16ms
16ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:09 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
115 B 90ms
89ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:09 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 3
vary: origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
722 B 38ms
37ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:09 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.173.103:80
AN-X-Request-Uuid: defebef1-fc48-48e8-8b0c-795f28269040
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
tag.vlitag.com/passback/ Frame ED8A 0
834 B 271ms
270ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://tag.vlitag.com/passback/?t=1622654666&d=91&z=19423&divID=vi_9119423_899&w=970&h=250

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DPbs%2FNscNRzn6eeor2hFA6o1IOUPR8zl%2BOVS6gtxBkBj%2B9fOa3WapnHkGBJUDgrGXXy8DRH%2F3kl2gKh5lT%2FK7LAubaKQ7XCGVh6vEoRrv%2FPn%2FR4RkzNNdpeofJKBrK%2F2MTp%2BZu%2BcNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6594142e7b5d4ed4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0
cf-request-id: 0a706af11000004ed4dfb5c000000001

GET
H/1.1 200
OK /
stats.vlitag.com/pi/ Frame ED8A 0
722 B 130ms
118ms Image
image/jpeg 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stats.vlitag.com/pi/?e=zdNYtKetyeU-PKUY-Pyaq-qaTK-reZPaMYrwyqZRzNhqllwqe0RrNaTRmNTaPYBRrtNRcsokty_orN
Requested by: Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NXMlmIC2inU5wXsZK9dsGUMI3kA8Lm8b948%2BQbL7LbHsc6DodE3SZ%2B%2BRsP%2F4hA4Mqn7BaMepwiDg21X2VB7Q91lEcBVYInpl3SudNW8W9oA%2BY44BORQUClnTNnXBnlPkutyU%2FnOmZgg%2B"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 6594142e9cc7dfa5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0
cf-request-id: 0a706af11b0000dfa5662f9000000001

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 189D 89 KB
35 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-29

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43d2e63b5040ecbcda62a4e0aa30375b6c1c2b6c413ba426988cd5b575f49063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35965
x-xss-protection: 0
last-modified: Wed, 02 Jun 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Jun 2021 22:22:09 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
115 B 90ms
90ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:09 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 4
vary: origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
722 B 16ms
16ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:09 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.172.133:80
AN-X-Request-Uuid: 3e419034-11c6-44b8-b937-bf90fb65d520
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 21ms
21ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=67672381592
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:09 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
721 B 25ms
25ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:09 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.172.44:80
AN-X-Request-Uuid: 5f912036-4390-4745-9ad5-618aaba84207
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ 63 B
384 B 19ms
18ms XHR
application/json 46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?rnd=0.10733838779489302&e=300x250_0%3A300x250%2C300x600%2C160x600%2C250x250%2C120x600%2C200x200%2C180x150&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2F&gdpr=1&gdprcs=
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 58869f44d637b47ec364672d4275b69f7d38b117ab33e0ce6c84d739e192202e

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: http://www.celebzz.com
expires: Wed, 02 Jun 2021 22:22:09 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 63
x-sid: AMS-744

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 15ms
15ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:09 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
113 B 15ms
15ms XHR
text/plain 3.123.167.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-167-229.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:09 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
293 B 258ms
258ms XHR
text/plain 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Jun 2021 22:22:09 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: http://www.celebzz.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8T%2FqUcicUTmdSh9Necfc0Pxp5e7qkb5H2V1teHjMreiy9SiorTLBGGCr4NJ%2Fd1mTjtitg%2FexdN%2Fek%2F0WfcOvIorlhrKsSKpZgb%2FfFaYD%2F3%2BXxuYbgfjOVsKs937%2BRiLevV0X884gH1BnrRuMag%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6594142e990d4e74-FRA
cf-request-id: 0a706af11f00004e7451302000000001

GET
H/1.1 200
OK / Show response
tag.vlitag.com/passback/ Frame 944D 0
816 B 268ms
260ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://tag.vlitag.com/passback/?t=1622654666&d=91&z=19424&divID=vi_9119424_429&w=336&h=280

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1yZFun4TVeQ8dzRtX1rhrhr73u723yN9puxZpDDH8KhiOrRn8PkUFZrwA2XCzh1QAVf5OziMXZkTtxI1kuE55Z3BDOC0QhcTbdLkmj%2FAIZuOraKio36N1wgEm9fMqrahukIXBJOtsw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6594142ea99e1e47-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0
cf-request-id: 0a706af12d00001e474d070000000001

GET
H/1.1 200
OK /
stats.vlitag.com/pi/ Frame 944D 0
712 B 124ms
117ms Image
image/jpeg 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stats.vlitag.com/pi/?e=zdNyBqAKBUy-UaYY-PUMM-qKtw-PPaqqUKtyYyZRzNhqllwqe0RrNaTRmNTaPYPRrtNRcsokty_orN
Requested by: Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9NLJr3D8qRXNe9cfkiUfUhxohQ27xpk5x3IUO5XtDC0owf115Vij64inziKkeEqBJcjaFxv%2BkcyqyTjjK0%2BvPbG4YmnYJun7pNYRcbxCZcp9TNqFEDEjSqZ8sKSlC0T6RDmCsFZvT4YD"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 6594142ea8864ab6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0
cf-request-id: 0a706af12c00004ab6089ed000000001

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 189D 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-29

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4246
date: Wed, 02 Jun 2021 21:11:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 02 Jun 2021 23:11:23 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame 189D 1 B
21 B 17ms
17ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1792630626&t=pageview&_s=1&dl=http%3A%2F%2Fwww.celebzz.com%2F&ul=en-us&de=UTF-8&dt=noBid_celebzz.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=celebzz.com&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=706344878&gjid=875244009&cid=802403062.1622672529&tid=UA-128776493-29&_gid=460072451.1622672529&_r=1&gtm=2ou5q1&z=860293020

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.celebzz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ Frame 189D 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1792630626&t=pageview&_s=2&dl=http%3A%2F%2Fwww.celebzz.com%2F&ul=en-us&de=UTF-8&dt=noBid_celebzz.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=celebzz.com&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=802403062.1622672529&tid=UA-128776493-29&_gid=460072451.1622672529&gtm=2ou5q1&z=883330417

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 08:32:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49756
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tag.vlitag.com/passback/ Frame 720A 0
820 B 255ms
249ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://tag.vlitag.com/passback/?t=1622654666&d=91&z=19424&divID=vi_9119424_198&w=336&h=280

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:10 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pa9upMl9DcTOnsj1SM9sPszR058QroyStvjOZbyexMWQlUWgnW7zXUdCb0U3j3HuKok%2BNWSVmokvznrSlKwlnGBlY8%2BwtEF4wg55xALwE%2BGRFwDtX9rdpSmriU1X3cjjzpC5YB1AIw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6594142f2fdcd72d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0
cf-request-id: 0a706af1780000d72d6500f000000001

GET
H/1.1 200
OK /
stats.vlitag.com/pi/ Frame 720A 0
714 B 123ms
117ms Image
image/jpeg 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stats.vlitag.com/pi/?e=zdNaqaYYPZe-qtew-PUYP-wyMw-ZKreeAPPrrUURzNhqllwqe0RrNaTRmNTaPYPRrtNRcsokty_orN
Requested by: Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YiLacbdR5x7NFLJhGjyZ8uTdSvI4QUEr2ihi9tu%2BUnVVTfil4Ikpf8W6d1TUReoTznIab0%2FlSflz11wzH3jN4h98JR3ohwUsv%2B05zsHT0bg4uERgbs9qULZWzXCnP7xriForCsMHXQ1z"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 6594142f2b314e86-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0
cf-request-id: 0a706af17900004e86978a2000000001

GET
H3-29 200 collect
www.google-analytics.com/ Frame 189D 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1792630626&t=pageview&_s=3&dl=http%3A%2F%2Fwww.celebzz.com%2F&ul=en-us&de=UTF-8&dt=noBid_celebzz.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=celebzz.com&cm=noBid&cc=Default&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=802403062.1622672529&tid=UA-128776493-29&_gid=460072451.1622672529&gtm=2ou5q1&z=490045335

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 08:32:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49756
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tag.vlitag.com/passback/ Frame E739 0
826 B 266ms
259ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://tag.vlitag.com/passback/?t=1622654666&d=91&z=19424&divID=vi_9119424_547&w=336&h=280

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:10 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=abZES%2B9VXlr9lzChRFahEMVD123d091FPtE1nlEhca1RMHJ9IC9CW9LOn%2BK%2FKdXPvfWJ1BidH0ndB%2F%2FhRqrtTfS5NDFiKDeN6SL4dLcpCosm8eUtlB2%2FbCVN7ZdU7i9ekTtxyPBtZA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6594142f5be94ee5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0
cf-request-id: 0a706af19700004ee534914000000001

GET
H/1.1 200
OK /
stats.vlitag.com/pi/ Frame E739 0
720 B 117ms
116ms Image
image/jpeg 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stats.vlitag.com/pi/?e=zdNKweKAATt-TMYe-PBZA-aZyw-YZPtrZPyMaPrRzNhqllwqe0RrNaTRmNTaPYPRrtNRcsokty_orN
Requested by: Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bS5Z2JINS9HU%2B%2BAn4CzhlAd1Z6Y3b9HRepWaVqceiMX48e85s76VDMPC2%2F7CL7%2F9J0zw3aviLwp3wrYkrSdmxF8XEC4chD8K%2B3Z2AWFMeCbE97zze5zTYWpRSqetKSJBUG99BGE%2Fqq4D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 6594142f5dc4dfa5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0
cf-request-id: 0a706af1920000dfa5358b0000000001

GET
H3-29 200 collect
www.google-analytics.com/ Frame 189D 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1792630626&t=pageview&_s=4&dl=http%3A%2F%2Fwww.celebzz.com%2F&ul=en-us&de=UTF-8&dt=noBid_celebzz.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=celebzz.com&cm=noBid&cc=Default&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=802403062.1622672529&tid=UA-128776493-29&_gid=460072451.1622672529&gtm=2ou5q1&z=28423101

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 08:32:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49756
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ Frame 189D 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1792630626&t=pageview&_s=5&dl=http%3A%2F%2Fwww.celebzz.com%2F&ul=en-us&de=UTF-8&dt=quantumdex_celebzz.com_0.11322000000000002_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.11322000000000002&cs=celebzz.com&cm=quantumdex&cc=Default&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=802403062.1622672529&tid=UA-128776493-29&_gid=460072451.1622672529&gtm=2ou5q1&z=201820073

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 08:32:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49756
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vi-icon.svg
assets.vlitag.com/media/icon/ 3 KB
2 KB 15ms
15ms Image
image/svg+xml 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.vlitag.com/media/icon/vi-icon.svg

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

647f43cd0cfdbafe354249e2c9831cc97c843fe0e44a726febdfb956bd1d25c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 867331
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706af1f800001f519233d000000001
Last-Modified: Fri, 01 Nov 2019 05:04:49 GMT
Server: cloudflare
ETag: W/"5dbbbcf1-dc6"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XVVqZcPwBVW75hXB942mg0XXuU6zQGYJa58nxRB5BEhOyl7AA%2BS9nNEyLfJB7NWOvFC1%2Bc%2BnO4hTjFgDiUywntXnfm4LSWcZRS%2FIAbFmlw3sITaVpiWVf6M6Blp%2BAZA78BjGCMyOVCwipg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=16070400
CF-RAY: 6594142ff9381f51-FRA

GET
H/1.1 200
OK / Show response
tag.vlitag.com/passback/ Frame 5E51 0
818 B 269ms
269ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://tag.vlitag.com/passback/?t=1622654666&d=91&z=2248&divID=vi_912248_565&w=300&h=600

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:10 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7CU9MVS1srpNjpTSrBvaTnjnURqWeD3DwcMz6G8wpiIyo5Z1wLd1qdmdIuyu%2FwMNpfsIn2raJZ9BNl7v3m%2Bi1u9CEtxGwt9Eg2wNUBCwXt4OSIoTa9WXAjW3dQU4XT1lTEo9osa2xA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 659414303e8f4ed4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0
cf-request-id: 0a706af22700004ed4193ed000000001

GET
H/1.1 200
OK /
stats.vlitag.com/pi/ Frame 5E51 0
716 B 125ms
125ms Image
image/jpeg 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stats.vlitag.com/pi/?e=zdNYeyKaYPq-ereB-PMZa-weUa-aPKAMqaKBwKqRzNhqllwqe0RrNaTRmNYYPMRrtNRcsokty_orN
Requested by: Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:10 GMT
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JkI8aDgeKev9rkL3V%2B9D1JHbz11KjDIfYxpIE0Bcwp%2FEkXssXPlXXhV30tLBO%2FX9SnI1ivTt4pvjhToWMWU6cPM6EKEwiAd1sJKr0VDxZTf0O7gVB9nP7UXvW%2FHvmiGrmsbTdNUtsLs1"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 659414304ee1dfa5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0
cf-request-id: 0a706af2280000dfa53f879000000001

GET
H3-29 200 collect
www.google-analytics.com/ Frame 189D 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1792630626&t=pageview&_s=6&dl=http%3A%2F%2Fwww.celebzz.com%2F&ul=en-us&de=UTF-8&dt=noBid_celebzz.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=celebzz.com&cm=noBid&cc=Default&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=802403062.1622672529&tid=UA-128776493-29&_gid=460072451.1622672529&gtm=2ou5q1&z=557845711

Requested by

Host: www.celebzz.com
URL: http://www.celebzz.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 08:32:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49756
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 30ms
17ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210525&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b52a8dc88c62828c07f17e5e12e88002a7ce5854627e8b997217e9d6d63c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Jun 2021 22:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8270
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 59ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 02 Jun 2021 22:22:10 GMT

GET
H/1.1 200
OK r.html Show response
assets.vlitag.com/plugins/safeframe/src/html/ Frame FBF2 1 KB
1 KB 167ms
166ms Document
text/html 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/safeframe/src/html/r.html

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37d10721d74b0d31034e1819279a456bd11c979f377dc56d678cff8294557fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: assets.vlitag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.celebzz.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

Date: Wed, 02 Jun 2021 22:22:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 01 Nov 2019 05:04:50 GMT
Expires: Wed, 02 Jun 2021 22:52:10 GMT
Cache-Control: max-age=1800
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: noindex, nofollow
CF-Cache-Status: DYNAMIC
cf-request-id: 0a706af36600001f516caf3000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6lYu2IdI2qlu6r7cyYAB7i2YUVwRyDf%2BnZyFcY%2FCMP5SU7aTuPbKnJ9gHoDb47tFUx8FSHhoz%2FMdP7ceVtT1ndLX6BmwoUEKqRpkS9vXUx3Gxxqo%2B5VwePS6Feuv8Mn3zHt6mmJyJLh62A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 659414323c441f51-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7379 12 KB
5 KB 21ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 02 Jun 2021 18:48:11 GMT
expires: Thu, 02 Jun 2022 18:48:11 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12839
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CE0B 783 B
779 B 16ms
15ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8930245cecffde390068e3d6b76e0f8deb0872cb5aa1cebb0d6bb0beec1f7a6f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dPryt0qOdEGBAVTMwwJuDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

expires: Wed, 02 Jun 2021 22:22:10 GMT
date: Wed, 02 Jun 2021 22:22:10 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-dPryt0qOdEGBAVTMwwJuDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 _ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 7379 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 09:18:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 47016
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Thu, 02 Jun 2022 09:18:34 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame FBF2 12 KB
5 KB 28ms
11ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/plugins/safeframe/src/html/r.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0a706af42a00000629cfb3e000000001
last-modified: Fri, 28 May 2021 10:23:11 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60b0c48f-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Xm3fX7GaC%2F5D%2Bjuti0qIblUUpJGJqsRrOXgGCWpWMO7woqqP8iGMv8lYCZO8F63tTHR7FECHkHd1pnCrs5OT6mp1YGZy1QxZrKtF6lvI3T0J%2Bqz862msFAR0TayloFhw2K4nTlc0rY%2BF3cgd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6594143379320629-FRA
expires: Fri, 04 Jun 2021 22:22:10 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210525&jk=1722314050101086&bg=!6Oul66_NAAaMan2LjGo7ACkAdvg8Wu4IYjIxiKijXLqXFHBCGWUD9AQ8MIuz1RdpaV6wY4QH2mJb1gIAAABWUgAAAAtoAQcKAPgRfnFXSFHJGxYtZH_3XI-pflVn0LxYPYAD_k5cxbEunZsfZA2Wl7HTYsi-aNNrxXHbpckFuiQFUO2Jd8XEVAYie_oL2n0-Cc6PlJFM0gcje3Upb8ZOLfYQ6pGvgxaVrt5_K_mR2cg1gKd3R9AaliQetG529qbwSzY_lmzR_bCcux--gsuFSYaM94dCKaYY7-cFFqiDg4-F3N_LR2uEqSxblqPoxeeZVevz4Vzpq5FYAEBcwT9xMqv1GsfLzCUi-Jal3HUfh7xnjXwWFLN0JXXKZJc_DD0fPyt4E1SKEW_CU8IjsEeThYX0k1w-5VTx53gqfhiDz2G6mZkCQIIz7KDWnnqK7xaAwDTCXablSt-ODLEPBqQvfjN93ForUrPz3Efwh4prnVEOgcp6oAZNrjPhsyL5uBZyD48KFn3lNOwrDmSUe35KLwTqJgMuWGAQc-DPD-26m25T8rsVpwPxN1d5qcyYlD6Ia561nU9zh5JN8NGv6rRzfvx-V--E1LUSjubxVJwp5LFSYCBIOH0fCthngY-Q4vZ5zYtikPtvqRI06Dg3PjAaTs8-lx4Wl87nEuQZzGFR1kQMqKtiyKjTOW3XI85UlKzvlLLhGd5myKl4ZIdJV1vsUk__2-_ltQ9edWfRa_P6Q0YF3xCvRTWIlEr_bpRUh3wJ85PO7aF3yHu5Tu0cNz-NL5HxKFa96yXG6t3pT4ltOR4zb_3Q9-rKv5v5YDjTM12ilHrDS4eyRuVeaf3rblAKti0MlHLQQ_AyDkNaCAKHyXPWLq1akPrAD9WatmoLcbaUANfAay_T6VMpoKVGBl4TynRlWyMZG22mZPmQnwgX38pWJZGEmZMDqlXZtmEX26N11daRpUO3UaFj2XIRIHb86h79NLiRvSSnodxpi6KbnF3u88fyIKvTtjre9FTHDxRiopd2y0JdGXwI6ipMbkMoXawBntGoZDUSD10ihHPIbIJVruujpzFr8vmySRE4KpGx60JUZKElYoEtDhPobdH_GqW67SrcmyIsw67eT8TLolJR6zo2pDZsxUHg0N68WEaYyzBaqT3r7erWWPbpatDfgE1jJof7rH26QpYgRnOc0Phcj1566w

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sf_ext.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ Frame FBF2 23 KB
12 KB 27ms
26ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 865965
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706af43b00001f518a2d6000000001
Last-Modified: Fri, 01 Nov 2019 05:04:50 GMT
Server: cloudflare
ETag: W/"5dbbbcf2-5aed"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YrkfBLIzTUwP1rcwYh7Qx8LeNsN7sqxuOvmj7VEh7CuSUV13L%2BpLxJ%2BLAfpy2yeeC9ovBTMHl3VOlNYFBfPwejXW86SlGVAPU0%2FUeWwNO7%2BOlUIhNl9HBLdBSh1dAF4KHNOx4rf6NenUZA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=16070400
CF-RAY: 659414339e491f51-FRA
Expires: Sun, 23 May 2021 22:19:25 GMT

GET
H/1.1 200
OK ab Show response
nym1-ib.adnxs-simple.com/ Frame FBF2 12 KB
7 KB 311ms
98ms Script
application/javascript 68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/ab?an_audit=0&referrer=http%3A%2F%2Fwww.celebzz.com%2F&e=wqT_3QLcF2zcCwAAAwDWAAUBCJGJ4IUGEK2W2bP6upWqOxj_EQF4ASo2CSr_Wl653sI_ET3qkQH--7w_GQAAAMDMzPQ_IRESACkRJNAxAAAA4FG4nj8wnvrSCTi_W0AdSAhQ7uCohgFYy7aOAWAAaPqnpwF44ccDgAEBigEDVVNEkgUG9AICmAGgAaAB2ASoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAgDqAhdodHRwOi8vd3d3LmNlbGVienouY29tL_ICsAEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEpEBaHR0cHM6Ly9waXhlbC5tYXRodGFnLmNvbS9jbGljay9pbWc_bXRfYWlkPTczMTIzNzg1NzIzMDMyNTUzODkmbXRfaWQ9NjYyMjM5MyZtdF9hZGlkPTIxNjUzNiZtdF9zaWQ9NDU2MjMxMiZtdF9leGlkPTEzJm10X2luYXBwPTAmbXRfb3M9JnJlZGlyZWN0PfICGQoUW0JJRF9BVFRSLmdkcHJfZmxhZ10SATHyAh4KFFtBRF9BVFRSLmFkdmVydGlzZXJdEgYyMTY1MzbyAhcKE1tCSURfQVRUUi5nZHByX3N0cl0SAPICHQoSW0FEX0FUVFIuY3JlYXRpdmVdEgc2NjIyMzkz8gIoChFbQklEX0FUVFIuYmlkX2lkXRITNzMxMjM3ODU3MjMwMzI1NTM4OfICGgoTW0JJRF9BVFRSLmV4Y2hhbmdlXRIDYXBu8gImCg9bUkFORE9NX05VTUJFUl0SEzczMTIzNzg1NzIzMDMyNTUzODnyAucJChJbTk9USUZJQ0FUSU9OX1VSSV0S0Ak8aW1nIHNyYz0xnRh0YWdzLm1hOZxUbm90aWZ5L2ltZz9leGNoPWFwbiZzXxUL0GlkPTVhVzk1cTJqTHpJekx5QXZUbnBqZDFscVJtMWFSR04wVFVSQmQwMURNSGROUkVGM1RGBRAQRVFYUk4FEABVERAJIPCwTHpjek1USXpOemcxTnpJek1ETXlOVFV6T0Rrdk5qWXlNak01TXk4ME5UWXlNekV5THpFekwxa3piVXhzU2poWWVFUnJiMngwYnpkRVpVSnpjSEl6TFdWR1JrWmZSbWxxTm01WVlXbFJSblJ0Tm04dk1TOHhNeTh3THpBdk9UVTJPREF6THpBdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRFcgMTXdkMAHYCGRNVhEgAEUFEDroAAxjdk1DCXAJCGbwAPBeYjNKa0x6QXZNVEV5T0M4eEx6azVPUzh6TWpJdk1tRXdNVG8wWmpnNk1Ua3lPalUwTURBNk9pOHdMakF3TUM4eE5qSXlOamN5TlRJNUx6RTJNakkyT0RVeE1qa3ZNVE0BWPBPM01URXYvbms0amgwVWtBWDdXNElfaHl3VlNmQmpqekxzJm5vZGVpZD0yNjkwJmdyb3VwPXVzLWVhc3QmYXVjdGlvbmlkPTczMTIzNzg1NzJ5shBzaWQ9NG2SGGNpZD02NjJhAPCfJmJwPWFfYmVoZWNjJm5meV9hY3Q9TEQ1d2V3JmJmaXA9MjE2LjIwMC4yMzIuOTAmdHlwZT1pbXAmY2xpZW50PWMycyB3aWR0aD0xIGhlaWdodD0xPlx4M0NkaXYgd2lkdGg9JzEnIGhlaWdodD0nMScgc3R5bGU9J2Rpc3BsYXk6bm9uZTsgb3ZlcmZsb3c6aGlkZGVuJz5ceDNDaW1nIA0uNGxlZnQ6LTEwcHg7dG9wDQoQIHBvc2kB8zw6YWJzb2x1dGUnIHNyYz0ncUAMcGl4ZTbdBBBldmVudGVAicIYMTM2ODg3NYGODGFkaWQB7hQ3NjQmdjGBrgh2Mj1O_AQsdjM9NjUxODcxJnY0NVMEdjU1UlBtdF9uc3luYz0xJm5vX2F0dHI9MSdWDAEQLz5ceDNG6AAAORHnAQmC5gBCJgQZ5QB0Ia4obW1JbXBUcmFjayaVKgRiaVomAgB0FdIodGltZT1bSU1QX0GhVAEPAF0ufgJy0wBsL2Rpdj6AAwGIAwCQAwCYAxSgAwGqA4sGCsIFaMm0QrYAAG7-3AT-3ATu3ASJ3IBHc3dTM0pITUVocFFWaHhkVk5HVmxwS2JVMUdTMDB2TVP-3AT-3AT-3ATu3ASN3GhIaGJvWmVXR3RjUHhpTHg0WHJWUkk0YjNsOEUuXgKy3ARUcHJpY2U9JHtBVUNUSU9OX1BSSUNFfTLPBAhmM1VS0AReFwWBSAhhcGmJ8BBidXJsJo3xEHMycxITShcEqBoTNDI3NTEzNjMzMDk4MDU0MzI3NyIJMjgxNjg2MTI2KgYxMDE5MzY6BzapevDtwAOsAsgDANgDt5pU4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQUMmEwMTo0Zjg6MTkyOjU0MTQ6OjKoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAE7uCohgH6BBIJAAAAoJmZSUARAAAAwMzMIkCIBQGYBQCgBcSc_aG8osuYRqoFJGUxYmNhYjFmLWVjMDEtNGYxZS05M2ZhLTZmY2E2MmQwYzgzMcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfnLIfoFBAgAEACQBgCYBgC4BgHBBgAAAAUxJNAG-asB2gYWChABMy4BAFwQABgA4AYB8gYCCACABwGIBwCgBwGqBwapaQi6Bw8d6jC6BkAAyAfhxwPSBw0JEUUBQQjaBwYJJyjgBwDqBwIIAPAHAA..&s=9eac85486d5b86d6efba8185548e5f43663b3378&pp=0.11322000000000002

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

5cb77cae461f90a163640adb82bc6ad3cead5ceb12b77e1d23d13ea685b009b6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:10 GMT
Content-Encoding: gzip
X-Creative-ID: 281686126
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com; 68.67.180.38:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d1c8952e-88d0-4e49-8a3e-9c49edb675c0
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 d99ec277-0cab-406c-b627-de57d7d65ada
quantumsyndication.com/pixel/ Frame FBF2 43 B
631 B 150ms
127ms Image
image/gif 2606:4700:e2::ac40:831e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quantumsyndication.com/pixel/d99ec277-0cab-406c-b627-de57d7d65ada
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:831e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:10 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=byFdznXzTBO7NEzQckzE9OvpUAf0Km7s2YJ6%2Fj0kjJoqIPltIWaLtvsZweFpJOVYKMnnUCoeTmDOiuTGS6%2BfSKAhM59X0sNoXPoC82KHwLtLU0ls8%2B2daR%2FkeIvxk1%2FrI1wlqUgP%2FuPyTuJnbBU6pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941433ee33dfcf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
cf-request-id: 0a706af4730000dfcf5da69000000001

GET
H/1.1 200
OK /
stats.vlitag.com/pi/ Frame FBF2 0
718 B 115ms
113ms Image
image/jpeg 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stats.vlitag.com/pi/?e=zdNeetYZwBw-PYwM-PyPy-wPMZ-rUyatUaqrArBRrNaTRmNPZARwNjxqfzxdrtbRhNAGTTBYYAAAAAAAAAAAYRrtNRcsokty_orN
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:10 GMT
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2ZgpXm%2FgCUWuLVLMtE6pw2dhcTh8vlrbYCI8CP6v9oQY7K2%2B3sVFDCr60UyaPgWokpktIO6JnMbHBdFESCl8kGg%2F0loNAFXaJJ%2BsUGTadPVWJTKoJKvuzbEiaCCrq3TIyf%2Fr0JilYeiK"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 65941433cb94dfa5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0
cf-request-id: 0a706af45d0000dfa518390000000001

GET
H/1.1 200
OK 6cywgeu7gf0e Show response
hal9000.redintelligence.net/zone/ Frame FBF2 10 KB
3 KB 80ms
56ms Script
text/html 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal9000.redintelligence.net/zone/6cywgeu7gf0e?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=7312378572303255389&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7312378572303255389%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 11862faa1e6564554f1e9dd18424992cfd37f5e2730782a5a81c76eee795b86f

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:10 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2800
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ck-confirm
tags.mathtag.com/ Frame FBF2
Redirect Chain

https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTnpjd1lqRm1aRGN0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzczMTIzNzg1NzIzMDMyNTUzODkvNjYyMjM5My80NTYyMzEyLzEzL1kzbU...
https://tags.mathtag.com/ck-confirm?bid_id=7312378572303255389&node_id=2690&exch_id=13

49 B
330 B

260ms
260ms

Image
image/gif

185.29.133.208
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=7312378572303255389&node_id=2690&exch_id=13
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.208 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.199.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:04 GMT
Server: MMBD/3.199.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x75, ord-bidder-x350
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 02 Jun 2021 22:22:03 GMT

Redirect headers

Date: Wed, 02 Jun 2021 22:22:04 GMT
x-mm-bid-request-time: 1622672529
Last-Modified: Wed, 02 Jun 2021 22:22:09 GMT
Server: MMBD/3.199.0
x-mm-latency: 230 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://tags.mathtag.com/ck-confirm?bid_id=7312378572303255389&node_id=2690&exch_id=13
x-mm-dbg: Invalid
Cache-Control: no-cache
x-mm-host: zrh-router-x81, ord-bidder-x350
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Keep-Alive: timeout=360
Content-Length: 86
Expires: Wed, 02 Jun 2021 22:22:03 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame FBF2 43 B
505 B 147ms
56ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=7312378572303255389&v3=651871&v4=4562312&v5=6622393&mt_nsync=1&no_attr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3736 915c305 master cdg-pixel-x7 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:10 GMT
Server: MT3 3736 915c305 master cdg-pixel-x7
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:23:42 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame FBF2 49 B
330 B 394ms
278ms Image
image/gif 185.29.133.208
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=7312378572303255389&st=4562312&time=[IMP_ATTR.time]&nodeid=2690
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.208 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.199.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:04 GMT
Server: MMBD/3.199.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x78, ord-bidder-x350
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 02 Jun 2021 22:22:03 GMT

GET
H/1.1 200
OK it
nym1-ib.adnxs-simple.com/ Frame FBF2 0
673 B 310ms
87ms Image
text/html 68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nym1-ib.adnxs-simple.com/it?an_audit=0&referrer=http%3A%2F%2Fwww.celebzz.com%2F&e=wqT_3QLXCmxXBQAAAwDWAAUBCJGJ4IUGEK2W2bP6upWqOxj_EQHwwgEqNgkghetRuN7CPxF6zEBl_Pu8PxkAAADAzMz0PyE96pEB_vu8Pykq_1peud7CPzEAAADgUbiePzCe-tIJOL9bQB1ICFDu4KiGAVjLto4BYABo-qenAXjhxwOAAQGKAQNVU0SSAQNVU0SYAaABoAHYBKgBAbABALgBAsABBcgBAtABANgBAOABAPABANgCAOACAOoCF2h0dHA6Ly93d3cuY2VsZWJ6ei5jb20vgAMBiAMAkAMAmAMUoAMBqgOLBgrCBQ0tmHRhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzXxUL0GlkPTVhVzk1cTJqTHpJekx5QXZUbnBqZDFscVJtMWFSR04wVFVSQmQwMURNSGROUkVGM1RGBRAQRVFYUk4FEABVERAJIPCwTHpjek1USXpOemcxTnpJek1ETXlOVFV6T0Rrdk5qWXlNak01TXk4ME5UWXlNekV5THpFekwxa3piVXhzU2poWWVFUnJiMngwYnpkRVpVSnpjR3N3UzNKSE1FaHBRVmh4ZFZOR1ZscEtiVTFHUzAwdk1TOHhNeTh3THpBdk9UVTJPREF6THpBdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRFcgMTXdkMAHYCGRNVhEgAEUFEDroAAxjdk1DCXAJCGbwAPBeYjNKa0x6QXZNVEV5T0M4eEx6azVPUzh6TWpJdk1tRXdNVG8wWmpnNk1Ua3lPalUwTURBNk9pOHdMakF3TUM4eE5qSXlOamN5TlRJNUx6RTJNakkyT0RVeE1qa3ZNVE0BWPDXM01URXYvSGhib1plV0d0Y1B4aUx4NFhyVlJJNGIzbDhFJm5vZGVpZD0yNjkwJmdyb3VwPXVzLWVhc3QmYXVjdGlvbmlkPTczMTIzNzg1NzIzMDMyNTUzODkmcHJpY2U9JHtBVUNUSU9OX1BSSUNFfSZuZnlfYWN0PUxENXdmM1UmYmZpcD0yMTYuMjAwLjIzMi45MCZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjM5MyZzcmM9YXBpJnR5cGU9YnVybCZjbGllbnQ9czJzEhM3MzEyMzc4NTcyMzAzCYX0dQEaEzQyNzUxMzYzMzA5ODA1NDMyNzciCTI4MTY4NjEyNioGMTAxOTM2Ogc2NjIyMzkzwAOsAsgDANgDt5pU4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQUMmEwMTo0Zjg6MTkyOjU0MTQ6OjKoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAE7uCohgH6BBIJAAAAoJmZSUARAAAAwMzMIkCIBQGYBQCgBcSc_aG8osuYRqoFJGUxYmNhYjFmLWVjMDEtNGYxZS05M2ZhLTZmY2E2MmQwYzgzMcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfnLIfoFBAgAEACQBgCYBgC4BgHBBgAAAAAAAPA_0Ab5qwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzG6Bw8IABAAGAAgADAAOLoGQADIB-HHA9IHDRWAGBAAGADaBwYJJzDgBwDqBwIIAPAHwvwD&s=717a65bcc46ef7e0a99a8bdca42352e708e4d61c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:11 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com; 68.67.160.177:80
AN-X-Request-Uuid: c36eb853-0c61-473c-85bc-3ca4c993ba82
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

request.php Show response
hal900012.redintelligence.net/ Frame FBF2
Redirect Chain

http://hal900012.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=b320646378&subid=&uid=f0ebea8b6bce3b31&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
http://hal900012.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=b320646378&subid=&uid=f0ebea8b6bce3b31&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

612 B
912 B

83ms
76ms

Script
application/x-javascript

94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal900012.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=b320646378&subid=&uid=f0ebea8b6bce3b31&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7312378572303255389%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=http%3A%2F%2Fwww.celebzz.com%2F&ancestorOrigins=http%3A%2F%2Fwww.celebzz.com&random=5985954677527&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Protocol: HTTP/1.1
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 8a964e69919fe55af29fa4721ba01cd4d70d23754e7f1f58027b0a427b8ef47b

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:11 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 96510500002661300951427011614012
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 329
Expires: Wed, 02 Jun 2021 23:22:11 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:10 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=b320646378&subid=&uid=f0ebea8b6bce3b31&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7312378572303255389%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=http%3A%2F%2Fwww.celebzz.com%2F&ancestorOrigins=http%3A%2F%2Fwww.celebzz.com&random=5985954677527&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 02 Jun 2021 23:22:10 +0200

GET
H/1.1 200
OK request_content.php Show response
hal900012.redintelligence.net/ Frame C0E7 6 KB
2 KB 273ms
17ms Document
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal900012.redintelligence.net/request_content.php?s=96510500002661300951427011614012&a=2eba3715
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 95894070ccfc8d66b7d6a130ac9f30128cbe56d27978bd4223548ab52b306ee7

Request headers

Host: hal900012.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://assets.vlitag.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://assets.vlitag.com/

Response headers

Date: Wed, 02 Jun 2021 22:22:11 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 02 Jun 2021 23:22:11 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2107
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK rd_log Show response
nym1-ib.adnxs-simple.com/ Frame FBF2 0
673 B 148ms
87ms Script
text/html 68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fwww.celebzz.com%2F&e=wqT_3QLSEWzSCAAAAwDWAAUBCJGJ4IUGEK2W2bP6upWqOxj_EQH00wEBKjYJIIXrUbjewj8ResxAZfz7vD8ZAAAAwMzM9D8hPeqRAf77vD8pKv9aXrnewj8xAAAA4FG4nj8wnvrSCTi_W0AdSAhQ7uCohgFYy7aOAWAAaPqnpwF44ccDgAEBigEDVVNEkgEDVVNEmAGgAaAB2ASoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAgDqAhdodHRwOi8vd3d3LmNlbGVienouY29tL_ICsAEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEpEBaHR0cHM6Ly9waXhlbC5tYXRodGFnLmNvbS9jbGljay9pbWc_bXRfYWlkPTczMTIzNzg1NzIzMDMyNTUzODkmbXRfaWQ9NjYyMjM5MyZtdF9hZGlkPTIxNjUzNiZtdF9zaWQ9NDU2MjMxMiZtdF9leGlkPTEzJm10X2luYXBwPTAmbXRfb3M9JnJlZGlyZWN0PfICGQoUW0JJRF9BVFRSLmdkcHJfZmxhZ10SATHyAh4KFFtBRF9BVFRSLmFkdmVydGlzZXJdEgYyMTY1MzbyAhcKE1tCSURfQVRUUi5nZHByX3N0cl0SAPICHQoSW0FEX0FUVFIuY3JlYXRpdmVdEgc2NjIBvCDyAigKEVtCSUQJdyxiaWRfaWRdEhM3MzE-9QAQ8gIaChMZK4BleGNoYW5nZV0SA2FwbvICJgoPW1JBTkRPTV9OVU1CRVJeRgCI5wkKEltOT1RJRklDQVRJT05fVVJJXRLQCTxpbWcgc3JjPWgtnRR0YWdzLm09nChub3RpZnkvaW1nPwF_GD1hcG4mc18VC9BpZD01YVc5NXEyakx6SXpMeUF2VG5wamQxbHFSbTFhUkdOMFRVUkJkMDFETUhkTlJFRjNURgUQEEVRWFJOBRAAVREQCSDwsEx6Y3pNVEl6TnpnMU56SXpNRE15TlRVek9Ea3ZOall5TWpNNU15ODBOVFl5TXpFeUx6RXpMMWt6YlV4c1NqaFllRVJyYjJ4MGJ6ZEVaVUp6Y0hJekxXVkdSa1pmUm1scU5tNVlZV2xSUm5SdE5tOHZNUzh4TXk4d0x6QXZPVFUyT0RBekx6QXZNakUyTlRNMkx6WTFNVGczTVM4eEx6QXZNQzlOUkVGM1RVUkJkMDFFURXIDE13ZDAB2AhkTVYRIABFBRA66AAMY3ZNQwlwCQhm8ADwXmIzSmtMekF2TVRFeU9DOHhMems1T1M4ek1qSXZNbUV3TVRvMFpqZzZNVGt5T2pVME1EQTZPaTh3TGpBd01DOHhOakl5TmpjeU5USTVMekUyTWpJMk9EVXhNamt2TVRNAVjwRjNNVEV2L25rNGpoMFVrQVg3VzRJX2h5d1ZTZkJqanpMcyZub2RlaWQ9MjY5MCZncm91cD11cy1lYXN0JmF1Y3Rpb25pZD03Rr0CGCZzaWQ9NDVpkhhjaWQ9NjYyYQDwnyZicD1hX2JlaGVjYyZuZnlfYWN0PUxENXdldyZiZmlwPTIxNi4yMDAuMjMyLjkwJnR5cGU9aW1wJmNsaWVudD1jMnMgd2lkdGg9MSBoZWlnaHQ9MT5ceDNDZGl2IHdpZHRoPScxJyBoZWlnaHQ9JzEnIHN0eWxlPSdkaXNwbGF5Om5vbmU7IG92ZXJmbG93OmhpZGRlbic-XHgzQ2ltZyANLjRsZWZ0Oi0xMHB4O3RvcA0KECBwb3NpAfMkOmFic29sdXRlJ2U_ACehFyBzOi8vcGl4ZWwyQQMQZXZlbnRlQInCGDEzNjg4NzWBswxhZGlkAe4wNzY0JnYxPTEzJnYyPUoHBDAmdjM9NjUxODcxJnY0NVMEdjU1UlBtdF9uc3luYz0xJm5vX2F0dHI9MSdWDAEQLz5ceDNG6AAAORHnAQmC5gBCJgQZ5QB0Ia4obW1JbXBUcmFjayaVKgRiaVomAgB0FdIodGltZT1bSU1QX0GhVAEPAF0ufgJy0wDwiy9kaXY-gAMBiAMAkAMAmAMUoAMBqgMAwAOsAsgDANgDt5pU4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQUMmEwMTo0Zjg6MTkyOjU0MTQ6OjKoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAE7uCohgH6BBIJAAAAoJmZSUAR6aXwQCJAiAUBmAUAoAXEnP2hvKLLmEaqBSRlMWJjYWIxZi1lYzAxLTRmMWUtOTNmYS02ZmNhNjJkMGM4MzHABQDJBQAAAQIQ8D_SBQkBWgUBcNgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAcEGBSIwAPA_0Ab5qwHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGSV0IugcPAVIN6iy6BkAAyAfhxwPSBw0VgAFBCNoHBgknMOAHAOoHAggA8AfC_AM.&s=8d22f705941f09fd1589e01d689dd2faab7e9e68&bdref=http%3A%2F%2Fwww.celebzz.com%2F&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fwww.celebzz.com%2F,http%3A%2F%2Fassets.vlitag.com%2Fplugins%2Fsafeframe%2Fsrc%2Fhtml%2Fr.html&

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:11 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com; 68.67.160.123:80
AN-X-Request-Uuid: 6b8c69cd-bbdd-4e06-82a7-ad702a5537cd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs-simple.com/v/s/209/ Frame FBF2 87 KB
30 KB 67ms
28ms Script
application/x-javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs-simple.com/v/s/209/trk.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d4f87eb2fd81448ae30cbd4d65fb30d717d22e580ca7d481b8c3f7473318b7cc

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 May 2021 07:54:33 GMT
Server: AkamaiNetStorage
ETag: "6e3cd651011131b57d34070ddf9fc80c:1621410873.256288"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30037
Expires: Thu, 02 Jun 2022 22:22:11 GMT

POST
H/1.1 200
OK vevent
nym1-ib.adnxs-simple.com/ Frame FBF2 0
696 B 93ms
93ms Ping
text/html 68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/vevent?an_audit=0&referrer=http%3A%2F%2Fwww.celebzz.com%2F&e=wqT_3QLXCmxXBQAAAwDWAAUBCJGJ4IUGEK2W2bP6upWqOxj_EQHwwgEqNgkghetRuN7CPxF6zEBl_Pu8PxkAAADAzMz0PyE96pEB_vu8Pykq_1peud7CPzEAAADgUbiePzCe-tIJOL9bQB1ICFDu4KiGAVjLto4BYABo-qenAXjhxwOAAQGKAQNVU0SSAQNVU0SYAaABoAHYBKgBAbABALgBAsABBcgBAtABANgBAOABAPABANgCAOACAOoCF2h0dHA6Ly93d3cuY2VsZWJ6ei5jb20vgAMBiAMAkAMAmAMUoAMBqgOLBgrCBQ0tmHRhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzXxUL0GlkPTVhVzk1cTJqTHpJekx5QXZUbnBqZDFscVJtMWFSR04wVFVSQmQwMURNSGROUkVGM1RGBRAQRVFYUk4FEABVERAJIPCwTHpjek1USXpOemcxTnpJek1ETXlOVFV6T0Rrdk5qWXlNak01TXk4ME5UWXlNekV5THpFekwxa3piVXhzU2poWWVFUnJiMngwYnpkRVpVSnpjR3N3UzNKSE1FaHBRVmh4ZFZOR1ZscEtiVTFHUzAwdk1TOHhNeTh3THpBdk9UVTJPREF6THpBdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRFcgMTXdkMAHYCGRNVhEgAEUFEDroAAxjdk1DCXAJCGbwAPBeYjNKa0x6QXZNVEV5T0M4eEx6azVPUzh6TWpJdk1tRXdNVG8wWmpnNk1Ua3lPalUwTURBNk9pOHdMakF3TUM4eE5qSXlOamN5TlRJNUx6RTJNakkyT0RVeE1qa3ZNVE0BWPDXM01URXYvSGhib1plV0d0Y1B4aUx4NFhyVlJJNGIzbDhFJm5vZGVpZD0yNjkwJmdyb3VwPXVzLWVhc3QmYXVjdGlvbmlkPTczMTIzNzg1NzIzMDMyNTUzODkmcHJpY2U9JHtBVUNUSU9OX1BSSUNFfSZuZnlfYWN0PUxENXdmM1UmYmZpcD0yMTYuMjAwLjIzMi45MCZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjM5MyZzcmM9YXBpJnR5cGU9YnVybCZjbGllbnQ9czJzEhM3MzEyMzc4NTcyMzAzCYX0dQEaEzQyNzUxMzYzMzA5ODA1NDMyNzciCTI4MTY4NjEyNioGMTAxOTM2Ogc2NjIyMzkzwAOsAsgDANgDt5pU4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQUMmEwMTo0Zjg6MTkyOjU0MTQ6OjKoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAE7uCohgH6BBIJAAAAoJmZSUARAAAAwMzMIkCIBQGYBQCgBcSc_aG8osuYRqoFJGUxYmNhYjFmLWVjMDEtNGYxZS05M2ZhLTZmY2E2MmQwYzgzMcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfnLIfoFBAgAEACQBgCYBgC4BgHBBgAAAAAAAPA_0Ab5qwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzG6Bw8IABAAGAAgADAAOLoGQADIB-HHA9IHDRWAGBAAGADaBwYJJzDgBwDqBwIIAPAHwvwD&s=717a65bcc46ef7e0a99a8bdca42352e708e4d61c&type=nv&nvt=5&jm=1140|1141|1143|1003&px=0&py=0&bw=160&bh=600&sid=7315132851469190069&vd=ct~0|rr~0&sv=209&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=20233502&sw=1600&sh=1200&pw=160&ph=600&ww=160&wh=600&ft=3

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/209/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:11 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com; 68.67.161.109:80
AN-X-Request-Uuid: b7404fb5-e009-406d-b33c-d5e671be49fe
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://assets.vlitag.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame C0E7 89 KB
32 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900012.redintelligence.net
URL: http://hal900012.redintelligence.net/request_content.php?s=96510500002661300951427011614012&a=2eba3715

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 01 Jun 2021 13:41:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 117647
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 32245
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 01 Jun 2022 13:41:24 GMT

GET
H/1.1 200
OK S-160x600.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame C0E7 40 KB
40 KB 290ms
12ms Image
image/gif 54.36.108.3
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-160x600.gif
Requested by: Host: hal900012.redintelligence.net
URL: http://hal900012.redintelligence.net/request_content.php?s=96510500002661300951427011614012&a=2eba3715
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3112796.ip-54-36-108.eu
Software: nginx /
Resource Hash: 4f4ed318db35c5f69af7305536516e10419a8a2ce9459ff38149fad2a5602c1c

Request headers

Referer: http://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:21:46 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:29 GMT
Server: nginx
ETag: "5b55f201-9f7f"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 40831

GET
H/1.1 200
OK viewability Show response
hal900012.redintelligence.net/ Frame C0E7 0
150 B 23ms
17ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal900012.redintelligence.net/viewability?s=96510500002661300951427011614012&a=70f62efa&vb=m
Requested by: Host: hal900012.redintelligence.net
URL: http://hal900012.redintelligence.net/request_content.php?s=96510500002661300951427011614012&a=2eba3715
Protocol: HTTP/1.1
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://hal900012.redintelligence.net/request_content.php?s=96510500002661300951427011614012&a=2eba3715
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:11 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame C0E7 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 74ms
25ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:11 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 06:12:34 GMT
server: nginx
etag: W/"60a5fdd2-14a5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 03 Jun 2021 22:22:11 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8321 2 KB
1 KB 73ms
24ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.celebzz.com&gdpr=1&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.celebzz.com&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1978
set-cookie: uid=7915fd62-7630-4450-a55c-23918a4d9fdf; expires=Thu, 02 Jun 2022 22:22:11 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Wed, 02 Jun 2021 22:22:11 GMT
content-length: 1129

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 76ms
29ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:11 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 06:12:34 GMT
server: nginx
etag: W/"60a5fdd2-14a5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 03 Jun 2021 22:22:11 GMT

POST
H/1.1 200
OK vevent
nym1-ib.adnxs-simple.com/ Frame FBF2 0
697 B 115ms
115ms Ping
text/html 68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/vevent?an_audit=0&referrer=http%3A%2F%2Fwww.celebzz.com%2F&e=wqT_3QLXCmxXBQAAAwDWAAUBCJGJ4IUGEK2W2bP6upWqOxj_EQHwwgEqNgkghetRuN7CPxF6zEBl_Pu8PxkAAADAzMz0PyE96pEB_vu8Pykq_1peud7CPzEAAADgUbiePzCe-tIJOL9bQB1ICFDu4KiGAVjLto4BYABo-qenAXjhxwOAAQGKAQNVU0SSAQNVU0SYAaABoAHYBKgBAbABALgBAsABBcgBAtABANgBAOABAPABANgCAOACAOoCF2h0dHA6Ly93d3cuY2VsZWJ6ei5jb20vgAMBiAMAkAMAmAMUoAMBqgOLBgrCBQ0tmHRhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzXxUL0GlkPTVhVzk1cTJqTHpJekx5QXZUbnBqZDFscVJtMWFSR04wVFVSQmQwMURNSGROUkVGM1RGBRAQRVFYUk4FEABVERAJIPCwTHpjek1USXpOemcxTnpJek1ETXlOVFV6T0Rrdk5qWXlNak01TXk4ME5UWXlNekV5THpFekwxa3piVXhzU2poWWVFUnJiMngwYnpkRVpVSnpjR3N3UzNKSE1FaHBRVmh4ZFZOR1ZscEtiVTFHUzAwdk1TOHhNeTh3THpBdk9UVTJPREF6THpBdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRFcgMTXdkMAHYCGRNVhEgAEUFEDroAAxjdk1DCXAJCGbwAPBeYjNKa0x6QXZNVEV5T0M4eEx6azVPUzh6TWpJdk1tRXdNVG8wWmpnNk1Ua3lPalUwTURBNk9pOHdMakF3TUM4eE5qSXlOamN5TlRJNUx6RTJNakkyT0RVeE1qa3ZNVE0BWPDXM01URXYvSGhib1plV0d0Y1B4aUx4NFhyVlJJNGIzbDhFJm5vZGVpZD0yNjkwJmdyb3VwPXVzLWVhc3QmYXVjdGlvbmlkPTczMTIzNzg1NzIzMDMyNTUzODkmcHJpY2U9JHtBVUNUSU9OX1BSSUNFfSZuZnlfYWN0PUxENXdmM1UmYmZpcD0yMTYuMjAwLjIzMi45MCZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjM5MyZzcmM9YXBpJnR5cGU9YnVybCZjbGllbnQ9czJzEhM3MzEyMzc4NTcyMzAzCYX0dQEaEzQyNzUxMzYzMzA5ODA1NDMyNzciCTI4MTY4NjEyNioGMTAxOTM2Ogc2NjIyMzkzwAOsAsgDANgDt5pU4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQUMmEwMTo0Zjg6MTkyOjU0MTQ6OjKoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAE7uCohgH6BBIJAAAAoJmZSUARAAAAwMzMIkCIBQGYBQCgBcSc_aG8osuYRqoFJGUxYmNhYjFmLWVjMDEtNGYxZS05M2ZhLTZmY2E2MmQwYzgzMcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfnLIfoFBAgAEACQBgCYBgC4BgHBBgAAAAAAAPA_0Ab5qwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzG6Bw8IABAAGAAgADAAOLoGQADIB-HHA9IHDRWAGBAAGADaBwYJJzDgBwDqBwIIAPAHwvwD&s=717a65bcc46ef7e0a99a8bdca42352e708e4d61c&type=pv&jm=1140|1141|1143|1003&px=0&py=0&bw=160&bh=600&sf=1&sid=7315132851469190069&vd=ct~0|rr~5&sv=209&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=20233502&ft=3

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/209/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com; 204.13.193.107:80
AN-X-Request-Uuid: 5fdccd9f-e5b7-4b6c-ad8f-2d11b6b39b2a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://assets.vlitag.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
651 B 283ms
270ms XHR
text/plain 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Jun 2021 22:22:12 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: http://www.celebzz.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wF5bnNEr%2FV3%2BATIAhWJjAWIKvBaWwhhGHt7%2FvQNCFb51MuWIUxNGBbTjZ4EaH9Rj7HEhm%2FwcH3KcdBoF9wPKF6SpCskuEX05ZTKfxNUWs5%2BqIAzTw2o4B%2FTWSmvR2ROj5l3NZkoPiz6BZgQ84A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6594143fdd354eb6-FRA
cf-request-id: 0a706afbec00004eb65aa8f000000001

POST
H2 200 cdb Show response
bidder.criteo.com/ 503 B
495 B 79ms
36ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=108&profileId=185&av=33&wv=4.38.0&cb=24999409732
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 07d95bd32c8cdde291cab512cc40939109ed115cc2937821ba901b38ebce0c0c

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Jun 2021 22:22:12 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.celebzz.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 246

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 44ms
16ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:12 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
721 B 43ms
15ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com; 185.33.220.48:80
AN-X-Request-Uuid: 37034a6c-e30f-41d9-84fe-4e280fe0b6c8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ 145 B
468 B 43ms
14ms XHR
application/json 46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/www.celebzz.com/ROS?rnd=0.10733838779489302&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=http%3A%2F%2Fwww.celebzz.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=http%3A%2F%2Fwww.celebzz.com%2F&gdpr=1&gdprcs=
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 9e2427d4416c58ef59d28827b121c83d6588e191797d6eaa1b86ac3e31b1a75c

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Jun 2021 22:22:12 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: http://www.celebzz.com
expires: Wed, 02 Jun 2021 22:22:12 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 145
x-sid: AMS-744

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
247 B 288ms
110ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:12 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 21
vary: origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
722 B 42ms
15ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com; 185.33.223.138:80
AN-X-Request-Uuid: 8ef53b21-6e3e-4a7e-8701-f15fcf71349a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.celebzz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900012.redintelligence.net/ Frame C0E7 0
150 B 20ms
20ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal900012.redintelligence.net/viewability?s=96510500002661300951427011614012&a=70f62efa&vb=v
Requested by: Host: hal900012.redintelligence.net
URL: http://hal900012.redintelligence.net/request_content.php?s=96510500002661300951427011614012&a=2eba3715
Protocol: HTTP/1.1
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://hal900012.redintelligence.net/request_content.php?s=96510500002661300951427011614012&a=2eba3715
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:12 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 204 events
bidder.criteo.com/csm/ 0
187 B 21ms
21ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: http://www.celebzz.com
date: Wed, 02 Jun 2021 22:22:12 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 66E9 4 KB
1 KB 127ms
125ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89d55725df09569004f8c7b30323b53ee5406bc1f96202aeb7f57e3e04ce5b83

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=e1ba9943-f7bf-4180-a3b4-e6b46e08b30c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

date: Wed, 02 Jun 2021 22:22:12 GMT
content-type: text/html
set-cookie: uid=e1ba9943-f7bf-4180-a3b4-e6b46e08b30c; expires=Tue, 22 Jun 2021 22:22:12 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0a706afccb00004eb6ad3ea000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eBKBj%2FxYHVyjYNEFsm9nOxYBwQteWB6JKDeAy%2BdN7kurYh85k55ji%2BqHCefPpWYzf9P0FReI7Yg3DWOruW%2FbTgtdxH3Eb5RtI8t%2F1xy4CTLpoUejENuvTVBEy86Of2oUWHQogLWc5gNOzPc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6594144148044eb6-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame D311 4 KB
1 KB 137ms
136ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5c68d25e4b1011d401e36544d3efed44bb772566ece33b158631a90150b5f31

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=e1ba9943-f7bf-4180-a3b4-e6b46e08b30c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

date: Wed, 02 Jun 2021 22:22:12 GMT
content-type: text/html
set-cookie: uid=e1ba9943-f7bf-4180-a3b4-e6b46e08b30c; expires=Tue, 22 Jun 2021 22:22:12 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0a706afcca00004eb6c4032000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eAkhzSF3ZJ2FfAP8NBwUb8ds%2Bn2R4WTvWz28wkwtS4yDz99FrZcTqxRio1KoJZilhYjgznENuT%2Bl62jbMMhGIq5tXhXTvdL%2FDs0QPhdYxfKODC%2BVq4YMR9E3ilSPIQ8p7QfpBxUS1Utz5TM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6594144148024eb6-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 28BE 4 KB
1 KB 125ms
125ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ed8efa4bdbb85c116201f6618f1f70b54454ac8e52ccaec8625e0edfc238930

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=e1ba9943-f7bf-4180-a3b4-e6b46e08b30c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

date: Wed, 02 Jun 2021 22:22:12 GMT
content-type: text/html
set-cookie: uid=e1ba9943-f7bf-4180-a3b4-e6b46e08b30c; expires=Tue, 22 Jun 2021 22:22:12 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0a706afccb00004eb6529c1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bdxLffdiBgWPle7tZxK8fx0%2FyTrod0VkYwVPCJb0g5W9hD4QyP62ehZRsNryi%2FeEnMQutWBodCUFkOCJbso1Yr4f5G5OXGUumEp0IeArudtB9OYhLnm6j04I4WRocrZVzUyGbRuPL84VUN0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6594144148064eb6-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 1EBC 4 KB
1 KB 126ms
126ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aa2dfc9cba24213ef1297e5f4a0a5064b28ba4b3f36f25ce0aec9d6aee5c560

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=e1ba9943-f7bf-4180-a3b4-e6b46e08b30c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

date: Wed, 02 Jun 2021 22:22:12 GMT
content-type: text/html
set-cookie: uid=e1ba9943-f7bf-4180-a3b4-e6b46e08b30c; expires=Tue, 22 Jun 2021 22:22:12 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0a706afccb00004eb6a3078000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gojsMea2p68lNp2CREmakTLTb%2FWzD0ERzcYzIRIXO3G8O27LbLkODrI9COlXAV8L%2BAiQAMCLoGNTId%2B2SJA02J4s9flNULE2mefE%2FVmaoiRWSRq7QxgB%2FTa0YpJkNZH7eNTkaXt6hZz%2Batk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65941441480a4eb6-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame DC74 4 KB
1 KB 128ms
128ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f538b0d80b53a9d86d81b37e0f8029b8e133e74ea6eb80c9f0c4fa106b1847c

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=e1ba9943-f7bf-4180-a3b4-e6b46e08b30c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

date: Wed, 02 Jun 2021 22:22:12 GMT
content-type: text/html
set-cookie: uid=e1ba9943-f7bf-4180-a3b4-e6b46e08b30c; expires=Tue, 22 Jun 2021 22:22:12 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0a706afccc00004eb6bc98e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XvccB2zvemLx0yPylE%2Br4ehXfligLRDFHjRLEvRX0qktOl8%2FPiEHIWYI5F7moJElW%2FpC3tkpu2ezOkQ3dct99eMk8w3tLzTI61bGifEsktpiwzGE%2FdcVjfB1G3okFcr%2B8mWd2GFhL%2BihXGo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6594144148114eb6-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 897B 4 KB
1023 B 151ms
151ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5b87ae21523dc88a5ed22203d4d16b74179dbb9ae92d31acdb23d2d224e1621

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.celebzz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=e1ba9943-f7bf-4180-a3b4-e6b46e08b30c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.celebzz.com/

Response headers

date: Wed, 02 Jun 2021 22:22:12 GMT
content-type: text/html
set-cookie: uid=e1ba9943-f7bf-4180-a3b4-e6b46e08b30c; expires=Tue, 22 Jun 2021 22:22:12 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0a706afcd500004eb6840d7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bpPg4l0sBz4CsiYZKfB9NcJ3i0aXhwPPnIZbLneIvpuX%2BILWESRjw6jZ5vvhKIt0Ld6gx5nXhCM5iUjfBmMp%2BTfzKdSnIQ%2FOa%2FmeqnsJTONLhadAi4MbvZe6yo6YLCPqTuQPNNg7tsrYtx0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65941441482c4eb6-FRA
content-encoding: br

GET
H/1.1 200
OK vi-logo.svg
assets.vlitag.com/media/icon/ 11 KB
4 KB 19ms
12ms Image
image/svg+xml 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.vlitag.com/media/icon/vi-logo.svg

Protocol

HTTP/1.1

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.celebzz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1696806
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a706afd0f000018e5808df000000001
Last-Modified: Fri, 01 Nov 2019 05:04:49 GMT
Server: cloudflare
ETag: W/"5dbbbcf1-2c34"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qpwOb7zKIdoOuezn2kAvH0usjur2o8gSZANsGPh0AX40Cbxlj77iRJivy00UvJNsXejK0OIfHdfLFIPHzVl51Ton%2BaYe0i4d993QGI1109T7ry3A%2BUYMQIoUb6b1vyfHP6QKAwvl5xVyqA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=16070400
CF-RAY: 65941441bbf218e5-FRA

GET
H2

200

setuid
sync.quantumdex.io/ Frame 66E9
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-16712853-d90b-411d-a680-a42f6448feeb

43 B
486 B

141ms
140ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-16712853-d90b-411d-a680-a42f6448feeb
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=B92Kk%2Fjg89c4HX68%2Fe6X3pBcAnlr9DJQX%2FYMjndsA6%2F1skQMBVy4DrLeInDCgqBzbmH9FJaz2AGvFHBs6ndWYBc3XRuv288pK%2BQlDZAsjlUj1BSt%2BAq5kxEGLb%2FFnjqWziVsy2UJneNCa%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414440da84eb6-FRA
content-length: 43
cf-request-id: 0a706afe8100004eb6bf19d000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-16712853-d90b-411d-a680-a42f6448feeb
date: Wed, 02 Jun 2021 22:22:13 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 66E9
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=30674a586dc8d0c53d922622

43 B
356 B

130ms
129ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=30674a586dc8d0c53d922622
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=h5ll6UlKD88moS4l787KT%2F7B%2FwIDpj2arRtj%2FukvvNz4GB6cXFfyHhmLrisv6Cg0gX4ukRBHPJCV9ub6VJLhQOvV6QeysbFD8aXmEP5cc88COGzajawJg6Pd7Arv4urLT8FlZKjAP%2FH9%2FlU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941442cad44eb6-FRA
content-length: 43
cf-request-id: 0a706afdb900004eb6a8317000000001

Redirect headers

Date: Wed, 02 Jun 2021 22:22:12 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=30674a586dc8d0c53d922622
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 66E9
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4353693542060510119

43 B
369 B

131ms
131ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4353693542060510119
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bqHNMTU3el%2BZ7fyQiNLFadq6eqq5VyhQlVMt0u77FfarV7ee1SGfpmbTkhIyuh%2FXnrRWuyNxy6upkiym%2FQT2FpmyV8qyTsAFdIP4BSlM1P%2FcZ6ROxPleFxyoGfj7jIWsIl%2Flp%2F3jpskXro8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941442daee4eb6-FRA
content-length: 43
cf-request-id: 0a706afdc200004eb66a837000000001

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.140:80
AN-X-Request-Uuid: 016b63e9-f4eb-41d3-b0bf-0a128106b304
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4353693542060510119
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 66E9
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0

43 B
343 B

239ms
239ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fyLc62JeOMylKyzZ%2FaU6s9lwbsh0h%2F4fBv52OudVxFz9tIDmVvuHCKVChCHqWfnqni5PzjrI4DD%2Bg1LteAgAsS6OmOBZvOxyvyEenYs0YUGXAFotocolFFQZA5FsdieOY9qkoqjWAVw%2Bgxk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414437c534eb6-FRA
content-length: 43
cf-request-id: 0a706afe2800004eb6840f1000000001

Redirect headers

Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 66E9
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5

43 B
348 B

127ms
126ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=w2YANbQdoXwUrqkLwcfXPXo8W6U8U6OPmyUg7us50YNdKhLFR%2FKW2EpZKW5Hp%2BrkK1re5LUuyAG2wlJMUm3R3e1%2BSCIJ7CN%2FmWpchiqNrNnAfQH%2FGVagxqXibCNIrdgkBkz4ZlbwOn%2FFNJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941442db034eb6-FRA
content-length: 43
cf-request-id: 0a706afdcc00004eb6632ea000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 66E9
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c9ae5af5-60c0-40bd-9982-28753f7402d4

43 B
348 B

246ms
245ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c9ae5af5-60c0-40bd-9982-28753f7402d4
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FzjZe%2FHSjQKMjYlhRcvK9P3UEAQBwU1NOAOVVmg4J4q5FKtZk3oFh5kOyYX5%2Bw9SwsHQawpqDx7AufBPpxu63MvaDv74mq08unoF2tqzq9%2Bf4cxxAYMIlXg4NTi%2FYUH%2FieVxdyLq7RqUw7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414439c9d4eb6-FRA
content-length: 43
cf-request-id: 0a706afe3e00004eb646bf4000000001

Redirect headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zy5q%2F9Oq3lPbIzwti4cx5xy7rLUui3YGpKw1uaQJAS%2FzF4EVR6OeSjO%2F%2FLEqS6u5s7ak4T5WqVTdHZjYodOaKZsJsgfHNawEsPW9bv%2Bbc%2FDS189kVJn3kqguPMIKjGbU1X9zJ8OZnX8%2B"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c9ae5af5-60c0-40bd-9982-28753f7402d4
cf-ray: 6594144229b74eb6-FRA
content-length: 0
cf-request-id: 0a706afd5b00004eb646011000000001

GET
H2

200

setuid
sync.quantumdex.io/ Frame 66E9
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-LZ_yuddE2uEtsigLaOEZ_Y87U8YwqAHA28PZmI4-~A

43 B
354 B

130ms
130ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-LZ_yuddE2uEtsigLaOEZ_Y87U8YwqAHA28PZmI4-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0x65nNwtlHXz%2B31wMfTx0AJaPVhwoFm%2BJJ6vLWayygw9euGjur3qy3Gbk%2FzqkbQP27o7gjBX%2B6cYDa2%2B1%2FfhxkuLmQnYniv%2FMBK8LZLRc9%2BL65d5xoUHTsdorN6WibKDGMZt34%2Bz%2FRMXB%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414430b7b4eb6-FRA
content-length: 43
cf-request-id: 0a706afde400004eb64910a000000001

Redirect headers

Date: Wed, 02 Jun 2021 22:22:12 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-LZ_yuddE2uEtsigLaOEZ_Y87U8YwqAHA28PZmI4-~A
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 66E9 0
474 B 3118ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:15 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 66E9
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5893037069907662909

43 B
348 B

124ms
124ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5893037069907662909
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FXWAxrn3fWQA7ZwdfWD6cDV%2B6TwCajY9GhRaxH1hOPxe7UNnkK8ujS7Ivw26wowTCFTPH8P%2BoIJ0tIb9QQqdUxgqJV%2FMnnZnTPQGo16f%2F38b8tm%2Fn%2BQYX3fy2FolrXrEgZhq2auasTTKVhc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941442eb1b4eb6-FRA
content-length: 43
cf-request-id: 0a706afdd000004eb64f0c6000000001

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.82:80
AN-X-Request-Uuid: badc3617-72ab-491c-8643-5e6915ebbb7c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5893037069907662909
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 66E9
Redirect Chain

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263

43 B
347 B

131ms
130ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:16 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AHvrDqcKD9BUv502tWIRcoNW%2B%2FSVrKLfz8VkOlMKoKAdtrX8epyH0zeL00wEpnzOqBigfaj%2BElCUtVVcnRD8g5V%2FQ6UAIGv%2F49uPJhq%2F%2B1QxVpYBs4bzGkBf4uyVahH9uago4w7tDnyTNa8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941456cc604eb6-FRA
content-length: 43
cf-request-id: 0a706b0a3f00004eb6831f3000000001

Redirect headers

Location: https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

setuid
sync.quantumdex.io/ Frame 66E9
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1282552310298438237

43 B
348 B

125ms
124ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1282552310298438237
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=R7K9kmRRkJvnKKXSlhC7hOoQGkSHbWvFOz0JIm2fKaa0TE0oYgl%2BSRy5MLB6eck77UKR%2BQWw%2BBaVvmYQqgJ4Wat1HcVS%2BxGudKCSsLWAuMt8lvVLCXCFKFhhK5Q0%2BAV2DLRLqWr%2FfJqSmhc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941443acb84eb6-FRA
content-length: 43
cf-request-id: 0a706afe4a00004eb69b22c000000001

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.153:80
AN-X-Request-Uuid: 0ad81c9d-e22f-4ca0-b0b5-2cc4be16d8fc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1282552310298438237
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 1D80
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

166ms
27ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6d0b8090728453b408fca5462fb8f3bb8152c60f96793b869c9f0ae21c43d543

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YLgElLfO5XHkX3qqrE7QBwAA; CMPS=5182
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|39|241|230|5|4|57|218
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1643
Expires: Wed, 02 Jun 2021 22:22:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Connection: keep-alive
Set-Cookie: CMID=YLgElLfO5XHkX3qqrE7QBwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 22:22:13 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 22:22:13 GMT CMPRO=1142;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 22:22:13 GMT CMRUM3=0560b8049505a0&da60b804952760&0460b8049505a0&f160b8049505a0&e660b804952760&3960b8049505a0&2760b804950b40&2d60b8049505a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 22:22:13 GMT CMST=YLgElWC4BJUA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 03 Jun 2021 22:22:13 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 02 Jun 2021 22:22:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
Connection: keep-alive
Set-Cookie: CMID=YLgElLfO5XHkX3qqrE7QBwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 22:22:12 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 22:22:12 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 6CB0 2 KB
818 B 1063ms
10ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 4684 0
0 1359ms
110ms Document
text/plain 67.202.110.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-110.static.steadfastdns.net
Software: 33XP001 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

x-33x-status: 200000000000000002000208
server: 33XP001
date: Wed, 02 Jun 2021 22:22:13 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame F2E6 43 B
555 B 3097ms
14ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Wed, 02 Jun 2021 22:22:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YLgEm; path=/; domain=.go.sonobi.com

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1B39 8 KB
3 KB 1085ms
19ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=30776
expires: Thu, 03 Jun 2021 06:55:09 GMT
date: Wed, 02 Jun 2021 22:22:13 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 28BE 0
474 B 3114ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:15 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 28BE
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4353693542060510119

43 B
352 B

129ms
129ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4353693542060510119
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=P7epH3aECRYLU9MrfCgFXFdTsy3oPlXjLJPmp32H0GEQqovgrCUmeWz7Qc9A5Arki7iE8by0Zrf4mJjMsfj8SuFEcRTl8lFxf%2BoAgfa2IjiUU3JFqh2r%2BT5N%2BCOtebq29kpgQ8EnGoizZvU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941442dafe4eb6-FRA
content-length: 43
cf-request-id: 0a706afdc900004eb6a099c000000001

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.148:80
AN-X-Request-Uuid: 037e1ba1-3d17-446b-92fe-8cd76e4a8e91
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4353693542060510119
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 28BE
Redirect Chain

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263

43 B
367 B

127ms
127ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:16 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sHCDcbDazr5bzRkM1hns1Rwg1BXFNub1Mw7J0FiIsW26aNPokN%2Btte58dsuz0QeIvPwwKJ2z%2FmXYRWQPUcGsClMoul0m3wQNoIBYJol5FBXoFXqcpR%2FxiJ%2F%2Bn%2By7kdL9ptA5zqY1Cm1TH8M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941456cc6b4eb6-FRA
content-length: 43
cf-request-id: 0a706b0a4000004eb6ac2dc000000001

Redirect headers

Location: https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

setuid
sync.quantumdex.io/ Frame 28BE
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4353693542060510119

43 B
346 B

127ms
127ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4353693542060510119
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LXHFUbbo0zCwZuCMbJvVq9UZyVGvTxbhUxkT%2FxmJuM6%2Bu6kptmcIPeZFsi8fvaWj%2BLX6pdYiEY3OLm9Jx8ZnAFOVBvHweff1BJKLCOh60cGUuL%2F0zI6moI90%2BLrw2wrMaqxqZqHR2rhgtVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941442eb104eb6-FRA
content-length: 43
cf-request-id: 0a706afdcd00004eb665864000000001

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.154:80
AN-X-Request-Uuid: ec217589-fb42-4009-9def-749f6371b833
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4353693542060510119
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 28BE
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6669380213495963260

43 B
343 B

132ms
132ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6669380213495963260
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yL4HPDtF9jXvycVQkgXhbRD9UvMLuiI7wNlJKnonqHlgt2YrsabgR0SdGQdTq7XcllFTxvJe47pLDRAOeK%2FrFqgT8hr3kbj5%2FZAiNgcFQyyfy9lugv4BRKxGhkjivz05Hh%2FqTItzPEYAzaM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941442fb614eb6-FRA
content-length: 43
cf-request-id: 0a706afdde00004eb6540aa000000001

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.140:80
AN-X-Request-Uuid: 62f031ac-9c31-471d-bd7d-368e46ccf5ca
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6669380213495963260
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 28BE
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-95124d05-730a-4277-9e4c-d8c4b53b148f

43 B
340 B

128ms
127ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-95124d05-730a-4277-9e4c-d8c4b53b148f
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wJH92OcVbEv%2FvXTAs%2B4qA4libvltjaqU6BJJ39Et99Msno3NxFfz8AonL7cdsZ8YHlLjw4YCgqzS7smANsjcFWRkq77aX2gUKlvdw8Ha6HdoWka59OAznzhvEYUCVU%2FlcYHlWBwdCcHPEPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414440daa4eb6-FRA
content-length: 43
cf-request-id: 0a706afe8200004eb6ac1e9000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-95124d05-730a-4277-9e4c-d8c4b53b148f
date: Wed, 02 Jun 2021 22:22:13 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 28BE
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3d0f050847bfad77fb905ca2

43 B
338 B

130ms
129ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3d0f050847bfad77fb905ca2
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DoCQEqHEtfi0RluIENoecZlxM3vt9%2FeDN0VN8ow1f8DQfZNiZyIVN2h2cdfWhyFjFhAZnMPicnvsslQ3TN0ESOOQeE32v2z5OJOCGNnwNhaK0ev9blNis7O4MULEcq8SwpVGgLGB16Ue2qE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941442cad74eb6-FRA
content-length: 43
cf-request-id: 0a706afdbb00004eb6ad3fa000000001

Redirect headers

Date: Wed, 02 Jun 2021 22:22:12 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3d0f050847bfad77fb905ca2
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 28BE
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfa96dbc7-c3f0-11eb-9c26-06e3bec5009e
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa96dbc7-c3f0-11eb-9c26-06e3bec5009e

43 B
341 B

133ms
132ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa96dbc7-c3f0-11eb-9c26-06e3bec5009e
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NRrUdYIM936sAms9RUWN2uI0RdNcYbtyHlefW%2FYBDHt2rb1%2BnoGNYJY6LXToAyH%2F7zfDFb8fxvoHUskqnBvpVZJ5A2xlWnrK8pPBHgNCmNlXFtrusLfKAxwx9s23nHF6bKE3VnRWUscuadA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414433bec4eb6-FRA
content-length: 43
cf-request-id: 0a706afe0600004eb6a831e000000001

Redirect headers

Date: Wed, 02 Jun 2021 22:22:12 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa96dbc7-c3f0-11eb-9c26-06e3bec5009e
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 28BE
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5

43 B
341 B

134ms
134ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=s9rcmpb5KAqe1oTumULgb7cJdDDWLgQsURPCT3J5ynvspkAMN4D%2FPMssTkXCBemAQneqVzifG4TXaurtdlT88acoca%2FSuzS1aEnyK3%2BgxQ4IFJVX1%2BlkuEiL1mRWHJm6aerD38BGf8gbX68%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941442eb064eb6-FRA
content-length: 43
cf-request-id: 0a706afdcc00004eb6ad3fb000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 28BE
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=bfd7cdab-19fc-44e8-9a59-14bb54b4e409

43 B
351 B

126ms
125ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=bfd7cdab-19fc-44e8-9a59-14bb54b4e409
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Nm%2B%2B2DHnIKQaUrCqixNBimuUVYf6jmEssyZxxgw%2B7nH0zVRSmIzGQE4hTqpsn1Hh6Llui%2FvQf%2FzOw%2BoV7mt6Hg7IhMQXP0zngjKg%2FeVnxxnM3v7HPSVGE9dk%2F1qmmF8yOB%2FhuxbZOiuzgmg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414438c864eb6-FRA
content-length: 43
cf-request-id: 0a706afe3500004eb6a9944000000001

Redirect headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BEw7kmfh%2BrK99w5B6E57C95drd%2BNU9C1%2FzwPM4tqjWAR51Czops%2FTchpW3hWorClj5NG7dT8WKyKm9snvxGiAnmESAEMBJBLfskfV%2F84uNWEQomXNpCexAhv8tVIUbM5QcW%2BDYtvCy88"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=bfd7cdab-19fc-44e8-9a59-14bb54b4e409
cf-ray: 6594144229b84eb6-FRA
content-length: 0
cf-request-id: 0a706afd5c00004eb6a9933000000001

GET
H2

200

setuid
sync.quantumdex.io/ Frame 28BE
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-YK1iNKZE2uFBmH0qTKgqvn_d17vRskX3gUz4zpQ-~A

43 B
349 B

123ms
123ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-YK1iNKZE2uFBmH0qTKgqvn_d17vRskX3gUz4zpQ-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eWLO%2FqS7tfHcu%2FXBNs6RLQJvPj5jOpdo6h8LdV9WnrXCkV1BjFyrUQYxrJkp2JIn1ixZyEwjqOD3vNmQkRNSZq6wvgTiHRIVZUmPK%2By%2B%2BtlHG3Ki6rx4elNCzfE0G7%2FxoD6dIFeGX5j2F2I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414443e0b4eb6-FRA
content-length: 43
cf-request-id: 0a706afe9f00004eb6c4a67000000001

Redirect headers

Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-YK1iNKZE2uFBmH0qTKgqvn_d17vRskX3gUz4zpQ-~A
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame BAE7 43 B
555 B 3091ms
13ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Wed, 02 Jun 2021 22:22:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YLgEm; path=/; domain=.go.sonobi.com

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 847D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

157ms
27ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8bbfcf9e327205adc97778320cfbffbe2dea45f2c48b2113027950c244dd35eb

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=5182; CMID=YLgElD0bVbHSLFmP7IiYegAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|39|230|241|90|51|47|152
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1754
Expires: Wed, 02 Jun 2021 22:22:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Connection: keep-alive
Set-Cookie: CMID=YLgElD0bVbHSLFmP7IiYegAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 22:22:13 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 22:22:13 GMT CMPRO=1216;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 22:22:13 GMT CMST=YLgElWC4BJUA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 03 Jun 2021 22:22:13 GMT CMRUM3=2f60b8049505a0&5a60b8049505a0&9860b8049505a00&2d60b8049505a0&3360b8049505a0&f160b8049505a0&2760b804950b40&e660b804952760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 22:22:13 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 02 Jun 2021 22:22:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
Connection: keep-alive
Set-Cookie: CMID=YLgElD0bVbHSLFmP7IiYegAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 22:22:12 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 22:22:12 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 62C4 8 KB
3 KB 1081ms
20ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=30776
expires: Thu, 03 Jun 2021 06:55:09 GMT
date: Wed, 02 Jun 2021 22:22:13 GMT
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 5E6C 2 KB
818 B 1048ms
10ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame E086 0
0 1346ms
110ms Document
text/plain 67.202.110.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-110.static.steadfastdns.net
Software: 33XP002 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

x-33x-status: 2000208
server: 33XP002
date: Wed, 02 Jun 2021 22:22:13 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1EBC
Redirect Chain

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263

43 B
349 B

127ms
126ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:16 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tiU%2B5JOPDkjkWYtDJuJeOm%2BPDrDyyJpFSgMqVBZToZf8zAcCumZO4giUrgHYm75eXKQ%2FODKAFJ%2BmpaphF4%2B%2BdobQnEN7satXpau7Y5TJKCQBvnkLD6lHobmw3c5QKArfDRzzbyJoAuXV%2FJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941456fcb64eb6-FRA
content-length: 43
cf-request-id: 0a706b0a5700004eb6ad0f4000000001

Redirect headers

Location: https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1EBC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1218005942203340466

43 B
351 B

130ms
129ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1218005942203340466
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uReQavDcSgcixc1KOInuNvI0JL9LRDXqz0TGbOz64kw3cdeojSI2uheAV0CqrKl8qq1JXRatvUoyvC9v8si%2Fo%2FeyWoJRZAqTC66UGrZP23dv1IXJknQxiXwRoOiBX5kdsYRGF1v6Z6TbhyE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941442fb574eb6-FRA
content-length: 43
cf-request-id: 0a706afddc00004eb6568ba000000001

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.119:80
AN-X-Request-Uuid: 41c0c28e-9c8d-4c8e-9d90-2cba0318f794
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1218005942203340466
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1EBC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6669380213495963260

43 B
343 B

125ms
125ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6669380213495963260
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yShsMY2ThPQa9QAwuhQNOiY58ugbqk6vN5veDwo70GK7uTmhnU%2Fn7oCAWCxVnsFh6uKz3cFZi1TD%2FfCT26ZzTVoXxOJXKdd1y8%2FkgQ9E7EktHHrwPmuXqSXgxHPuxuJjqP879Qb3nbem8BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414430b7f4eb6-FRA
content-length: 43
cf-request-id: 0a706afde600004eb6529d5000000001

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.46:80
AN-X-Request-Uuid: 0c368206-874a-4d4c-a980-309a1cbe486b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6669380213495963260
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1EBC
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-e975d827-9adc-4f54-9423-421395d5760f

43 B
354 B

128ms
127ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-e975d827-9adc-4f54-9423-421395d5760f
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=t%2Bfp75tF3WpN9TBLWTtzUCBrk4W86N1xk8E%2FuVtc8nO%2Bd9n8h%2FSUxhB1DWa0qEIuZNLglwdBh3dxopbHmlXgeA%2BBLUxqSp%2FP%2FrWqLBR4%2BG0Ep%2BbhX1MEzRPo%2F8U4rHEDM5zYt7hh1wy4%2BW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414440da94eb6-FRA
content-length: 43
cf-request-id: 0a706afe8200004eb6c4a62000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-e975d827-9adc-4f54-9423-421395d5760f
date: Wed, 02 Jun 2021 22:22:13 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1EBC
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=26427a1cea461eafcae78e6c

43 B
481 B

131ms
130ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=26427a1cea461eafcae78e6c
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7e7i5R%2FBTwV66b59mocNTvK7ZdqxNCNYZQHherZaC8BBo%2BdPmjfS11kv5q%2B22rB302fMKTeg2DnzqHfUcV4SPTRFilySzzhc%2B00N3BXHYqMICtKiS9upgh0k1C4HsaHFXA%2Fby9rLcstDjzE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941442daf94eb6-FRA
content-length: 43
cf-request-id: 0a706afdc700004eb69b222000000001

Redirect headers

Date: Wed, 02 Jun 2021 22:22:12 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=26427a1cea461eafcae78e6c
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1EBC
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfa96dbc7-c3f0-11eb-9c26-06e3bec5009e
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa96dbc7-c3f0-11eb-9c26-06e3bec5009e

43 B
343 B

237ms
237ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa96dbc7-c3f0-11eb-9c26-06e3bec5009e
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VFPKoVhESl3m%2BLUwJN%2BtPCor9NFs8kw77U3CmcmMgRWPVsB6DsWI92V0ywlNpq%2BjM9Z5VlmaoqjZanXZKP6SbGy4UdSqShsYZuT036PEMXIPqMCw6HKfeBc4BGm16g9XGvitAf2vXfidGk0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414432baf4eb6-FRA
content-length: 43
cf-request-id: 0a706afdf500004eb6b1b4b000000001

Redirect headers

Date: Wed, 02 Jun 2021 22:22:12 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa96dbc7-c3f0-11eb-9c26-06e3bec5009e
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1EBC
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5

43 B
340 B

129ms
129ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=x6UmPAY5xKXTp0dXdEeaAjpRIvRIcNRAnQ1SNxoz%2F9K3DBUDwEH2RxqweYQ7sTOzdahho6s5deiK4R8S5cwiQV%2B3z8Rkh6VeerEWAy2JeL6f0HMhdb59CzFp51NTwyeXpkqttVv4R7HhzRw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941442eb0d4eb6-FRA
content-length: 43
cf-request-id: 0a706afdcd00004eb66c8ee000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1EBC
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=ce5a23d9-d3b9-4012-930b-07154de487c6

43 B
344 B

242ms
242ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=ce5a23d9-d3b9-4012-930b-07154de487c6
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nULzVz2WWsOu%2Fbr81RZzn1D5YaG6HiSH%2BdJ0Tl9rXBDWrL5mnN2x8T%2Fgj4sXjFfmQ5aQiIvCwUOmLkbtODd42u3ObN7UkPthY5rE5%2FeGi1xakTc83UsgWmdrzYZv6H8zXvTTje%2Bsnh9Bi4U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414439c964eb6-FRA
content-length: 43
cf-request-id: 0a706afe3b00004eb67a2cb000000001

Redirect headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hgEfLkAKj6ZGV9HHNmF4Cpa4%2FTc6qsA%2FC6zEUwoF1OJVnHEqIgRV4yDSYF3axlzCLRZgvCibkag7Y7MopwyLl%2FqTPrFgo6Rbqk8LAVyvBAcMnRtP%2FenjQ9rhPoBH2BC8WvM64Bv7yGBV"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=ce5a23d9-d3b9-4012-930b-07154de487c6
cf-ray: 6594144239cd4eb6-FRA
content-length: 0
cf-request-id: 0a706afd6100004eb646be3000000001

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1EBC
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-YK1iNKZE2uFBmH0qTKgqvn_d17vRskX3gUz4zpQ-~A

43 B
355 B

249ms
248ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-YK1iNKZE2uFBmH0qTKgqvn_d17vRskX3gUz4zpQ-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DuY2JLpESOyLORoqoEjNTPBPWBemlO7Hs4NNbU9JBasVzsD5wjY%2B9IuDhMVLeoJ3JmcFKXkMYo5Qm5erM%2BoS2XVlVNHXe0T0up7gXqKCr6MSNCczWfDdWhxB9tiQYM3aQ%2B1BSTOv2Y%2BwpoY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414435c1c4eb6-FRA
content-length: 43
cf-request-id: 0a706afe1800004eb696b2b000000001

Redirect headers

Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-YK1iNKZE2uFBmH0qTKgqvn_d17vRskX3gUz4zpQ-~A
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 1EBC 0
478 B 3102ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:15 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1EBC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1282552310298438237

43 B
339 B

130ms
130ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1282552310298438237
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GsUFRTL203rS1aVxevqH0UVozbwhgWJXqxejrKEKlsOrf927lq1YvdiXlsOy2o%2BdAKp5nLU8wqpKYBvd7qUItXjdIQHteOds6TBYbxHd4wMKjE8rRauQD3t2cwMTAqZ9FUjALQYdhz3K6NY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941443cd0c4eb6-FRA
content-length: 43
cf-request-id: 0a706afe5c00004eb67d218000000001

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.236:80
AN-X-Request-Uuid: eadedc72-0a75-40e0-a099-668f6c84e298
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1282552310298438237
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame A0F8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

176ms
49ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f3cfdc20243f0cc384bc924e14fd7327bf58e4aa697f71d5a35c3a0d794ff666

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=5182; CMID=YLgElD0bVbHSLFmP7IiYewAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|39|241|230|3|81|90|4
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1792
Expires: Wed, 02 Jun 2021 22:22:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Connection: keep-alive
Set-Cookie: CMID=YLgElD0bVbHSLFmP7IiYewAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 22:22:13 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 22:22:13 GMT CMPRO=1174;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 22:22:13 GMT CMST=YLgElWC4BJUA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 03 Jun 2021 22:22:13 GMT CMRUM3=f160b8049505a0&0460b8049505a0&2760b804950b40&e660b804952760&2d60b8049505a0&5a60b8049505a0&0360b8049505a0&5160b8049505a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 22:22:13 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 02 Jun 2021 22:22:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
Connection: keep-alive
Set-Cookie: CMID=YLgElD0bVbHSLFmP7IiYewAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 22:22:12 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 22:22:12 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 9BC0 2 KB
818 B 1044ms
10ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 77C1 0
0 1341ms
110ms Document
text/plain 67.202.110.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-110.static.steadfastdns.net
Software: 33XP005 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

x-33x-status: 2000208
server: 33XP005
date: Wed, 02 Jun 2021 22:22:13 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 78E3 43 B
555 B 3079ms
14ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Wed, 02 Jun 2021 22:22:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YLgEm; path=/; domain=.go.sonobi.com

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 40CC 8 KB
3 KB 1069ms
22ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=30776
expires: Thu, 03 Jun 2021 06:55:09 GMT
date: Wed, 02 Jun 2021 22:22:13 GMT
vary: Accept-Encoding

GET
H2

200

setuid
sync.quantumdex.io/ Frame DC74
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1218005942203340466

43 B
346 B

138ms
137ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1218005942203340466
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ncKwTdFYhoPePvK2zSBDhvv%2FhKBx2RzqfRVLbWQ6w1mjTAHC4WzAs72miv%2FQ3qymeAoEofX%2B8vzcGN6g9SBzccx1xpo%2FN%2BJ7T6Q970mRJ6F%2BW8W06zJsLTbPsvo5B9B5vGtPCuYmyM5GMdo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941442fb3c4eb6-FRA
content-length: 43
cf-request-id: 0a706afdd800004eb673b32000000001

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.136:80
AN-X-Request-Uuid: 63845ed6-9c44-4be0-aa5d-0e0d0da0f213
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1218005942203340466
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame DC74
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-259a0dbd-481d-49f2-8036-aade61c23636

43 B
346 B

128ms
127ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-259a0dbd-481d-49f2-8036-aade61c23636
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Rt6bXkZizvGYrDYn7UFb%2BCyLSkTSJnScqvnbs8v9ZyTUm0eBOSjVwxywmKhG8YdBWelCMG82vBipDz%2Bb%2FOrjlNCZopBNYBJ3KRLVt9t%2FVSz4R9ezsaWBl6c%2F06wpGNmBEfBV9uY1qWL0VsE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414440dad4eb6-FRA
content-length: 43
cf-request-id: 0a706afe8200004eb683106000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-259a0dbd-481d-49f2-8036-aade61c23636
date: Wed, 02 Jun 2021 22:22:13 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame DC74
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=d1607f8f905c86236f7a8699

43 B
345 B

135ms
134ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=d1607f8f905c86236f7a8699
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bpqK%2FdVlchFwP5tNkC6fc%2FFqEvSKkd8d45gO9vgZfpBOTUsJ4hIZxql%2BhrDvfXe0gziBLjy3yEgjIK8jhoJPynfqx2C7aR1xemhGRJdcAJw9T389hMfeG5tpmOSW%2F76Igc%2F1yPwY7YRxLPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941442db004eb6-FRA
content-length: 43
cf-request-id: 0a706afdca00004eb679940000000001

Redirect headers

Date: Wed, 02 Jun 2021 22:22:12 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=d1607f8f905c86236f7a8699
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame DC74
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0

43 B
347 B

137ms
137ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=d0vvd%2FEErNstyx9W2xBtf%2BwNlRXE5U%2FTiwp2zhQwyZY%2Fh89dalrQsDWcuPYL2ifqA5Ma4xF7TqSYJojBaRTnSj5Lsd7xFineidWbyK%2BRr5ElWzZbWGJNwXwTTFKu%2Fl5EAFqkTELAbvNFbnI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941443cd134eb6-FRA
content-length: 43
cf-request-id: 0a706afe5c00004eb6b1b54000000001

Redirect headers

Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame DC74
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5

43 B
366 B

134ms
133ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Y2jXKhuqPi0eARYZtlbvS3k2J2DecNYANiBvg4AL10l6hSBpj%2BR%2FYd9gfmpKh2Q1joVoxnEH8IYtd7LytpwXzX03MFc7S7BKZ1dtd8QDAz%2FkobF0RCpDXOI3epU%2FGU2mrsFuI6P04%2F6EHD8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941442eb094eb6-FRA
content-length: 43
cf-request-id: 0a706afdcc00004eb6830f5000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame DC74
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=0776fae3-ac97-4033-9866-91b9c92d29ac

43 B
371 B

133ms
133ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=0776fae3-ac97-4033-9866-91b9c92d29ac
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6wRmZ09UWy4xpKpa3kAyMXbTttJKDwUk5h1U%2F1FqxgGB7pkwfjSQAd%2BpCJxVkZn5CLLF0WTJ0t4QgIy8p8eGT3A7u%2Bzj%2F%2FzdesASQTrk5w2cPVbK%2FW%2FaHcI4kovABt0MB6RDhIYI8vUJ7hE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414430b734eb6-FRA
content-length: 43
cf-request-id: 0a706afde300004eb67d20a000000001

Redirect headers

date: Wed, 02 Jun 2021 22:22:12 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zh5d5bwQpCU38stHzxdMSQIABCwauOqbVkeRvmfDcb6K%2FjAgjBg%2FW7th7UZ0%2BsyPhCnKf%2FWqzC24yPL1NsYbFk15fTvUzZBTG55lO8brKjuXGZ%2Fd2uKnp%2FsO2NRO%2BqIkj5zCWpdZcsDK"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=0776fae3-ac97-4033-9866-91b9c92d29ac
cf-ray: 6594144249ee4eb6-FRA
content-length: 0
cf-request-id: 0a706afd6c00004eb6c0a94000000001

GET
H2

200

setuid
sync.quantumdex.io/ Frame DC74
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-dPciszdE2uGXSysFNB8O9is6_uf3_BH9ed6ZV4A-~A

43 B
486 B

127ms
127ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-dPciszdE2uGXSysFNB8O9is6_uf3_BH9ed6ZV4A-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cRccdsUVWdvL%2B4yLs9T7uueSimubJfhjsr%2FDk01ZZJhvQY4L%2FjudX4yQbhJTakM%2BgxubYLHNZy%2B051rKuhvTvNjxnEUCEvp7%2F7xfQYeisTXmoZ1Demf6%2BM%2FB0wjsjLCiA7YSQPJtJZPa9gc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941443ed6a4eb6-FRA
content-length: 43
cf-request-id: 0a706afe6e00004eb6bc9b1000000001

Redirect headers

Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-dPciszdE2uGXSysFNB8O9is6_uf3_BH9ed6ZV4A-~A
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame DC74 0
478 B 3096ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:15 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame DC74
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5401949794470317928

43 B
342 B

243ms
243ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5401949794470317928
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WfjILWqeRmWRrd%2FCHnLySoESeXmCUcqbwkJmqBMxmf%2Faa4YCaiMASF2gfuVuZEeKpTytIEygWqiSY13PleHBCOabJOI0kJ5ZJD%2Bauk27iC3BpcZodiNpu30tDbkArsRIyYKPBpbEJfzFyrg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414432bb14eb6-FRA
content-length: 43
cf-request-id: 0a706afdf500004eb679379000000001

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.57:80
AN-X-Request-Uuid: 2e55de90-5eb3-41d4-a056-1571cafb9297
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5401949794470317928
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame DC74
Redirect Chain

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263

43 B
346 B

125ms
125ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:16 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=07Ap6RAOeeE%2F5YfdNpXDU5kU2B%2F1lZ4VqampXG%2BcfCBTSPSzKWRtvaFZIKlsLOlcwd2egKusD2orNL%2B3uHMY5%2BseEYK3Kh0T%2B2vt4kNnVqCS3hEk%2Bas8XPCZ1ES9zfa98a6lpZEWRtks010%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941456fcb34eb6-FRA
content-length: 43
cf-request-id: 0a706b0a5600004eb69b332000000001

Redirect headers

Location: https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

setuid
sync.quantumdex.io/ Frame DC74
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1282552310298438237

43 B
367 B

136ms
136ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1282552310298438237
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iX%2BWwVvVcEXGQBRmyQ6dSCvCO3lUQj9MIOM22KLHXm8%2BhmFPpuMkzBbLeWlRLE0vTcbM46tz5kFfCQXEcAbHy9%2FEh02plOfwfdLPxpBTGpT0ZLupEM8t0ngHaqk7fdIiJzfXJp9mSOjOnQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941443cd264eb6-FRA
content-length: 43
cf-request-id: 0a706afe6100004eb696b32000000001

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.51:80
AN-X-Request-Uuid: b8abcfa3-674e-41b2-b4b1-42e5d3088c8b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1282552310298438237
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 536C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

185ms
30ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1318d558aa5d0dbf78bba6ed9b4f2388e0f5dab061b2871a1e1c09edcb897c40

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=5182; CMID=YLgElLfO5XHkX3qqrE7QCwAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|45|241|230|31|4|90|130
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1748
Expires: Wed, 02 Jun 2021 22:22:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Connection: keep-alive
Set-Cookie: CMID=YLgElLfO5XHkX3qqrE7QCwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 22:22:13 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 22:22:13 GMT CMPRO=1112;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 22:22:13 GMT CMRUM3=e660b804952760&1f60b8049505a00&2760b804950b40&f160b8049505a0&0460b8049505a0&8260b80495a8c0&5a60b8049505a0&2d60b8049505a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 22:22:13 GMT CMST=YLgElWC4BJUA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 03 Jun 2021 22:22:13 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 02 Jun 2021 22:22:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
Connection: keep-alive
Set-Cookie: CMID=YLgElLfO5XHkX3qqrE7QCwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 22:22:12 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 22:22:12 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame CA5F 2 KB
818 B 1034ms
9ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 1E7D 0
0 1334ms
109ms Document
text/plain 67.202.110.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-110.static.steadfastdns.net
Software: 33XP004 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

x-33x-status: 2000208
server: 33XP004
date: Wed, 02 Jun 2021 22:22:13 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame AE7C 43 B
551 B 3072ms
13ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Wed, 02 Jun 2021 22:22:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YLgEm; path=/; domain=.go.sonobi.com

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C4EF 8 KB
3 KB 1064ms
25ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=30776
expires: Thu, 03 Jun 2021 06:55:09 GMT
date: Wed, 02 Jun 2021 22:22:13 GMT
vary: Accept-Encoding

GET
H2

200

setuid
sync.quantumdex.io/ Frame D311
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c7a59960-cbb2-4dca-91df-5d03b815252f

43 B
480 B

129ms
129ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c7a59960-cbb2-4dca-91df-5d03b815252f
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fHF0xZnQi96Vdb2QnMdHumRfHBCrsXUQBAKOF5jZbmVck%2BSfSbbKvX6hr5ma%2FNu%2B%2FS4nucuBf5C2vhszM5unc0umu7EF4GTasqJb74Uzi43hRpESG5gZQCo5D69FSWEOnt7YzkmAwhD7WE8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941443acae4eb6-FRA
content-length: 43
cf-request-id: 0a706afe4600004eb6a9945000000001

Redirect headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=E6y6ZUAVwuXjkwiUxHPk07AADHNLuYLpZFmjmavgTDBoqZRSQXPjYkfvGWa2MyTAv5htrsP248NNVMpjR8qQte1gUnPl7lQ660Wl14z4uyAmWQy4%2FvzVdTyi7nulGTPyIuQvHcTpePtD"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c7a59960-cbb2-4dca-91df-5d03b815252f
cf-ray: 6594144249fc4eb6-FRA
content-length: 0
cf-request-id: 0a706afd6d00004eb696b1f000000001

GET
H2

200

setuid
sync.quantumdex.io/ Frame D311
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-CreGmUxE2uE1tbwaMmZESDdphnJzIblqvdFZcro-~A

43 B
346 B

128ms
128ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-CreGmUxE2uE1tbwaMmZESDdphnJzIblqvdFZcro-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OKNCKj69BOtxoGdVL2FVjSLMp%2FRfgZLLUGoNeOtgjYCc4eCF7JKYhDl8U%2FPkewR8cvu8dGmvHy56jUUzdapQv0ya%2Fj%2Fi3EMi%2BTM60Jjajw7HNh7VDTo7hjzImoEQOR5MSiyLwugmPPRFxb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941443fd9b4eb6-FRA
content-length: 43
cf-request-id: 0a706afe7e00004eb69b233000000001

Redirect headers

Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-CreGmUxE2uE1tbwaMmZESDdphnJzIblqvdFZcro-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame D311
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6792495588117786117

43 B
343 B

243ms
242ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6792495588117786117
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tCmR6AihY7wbnyIaanEo8xbbhqb4TbNkASHFPlXJvUuaP5QwjbTGSIW8suFxOJEyZlHcYoYnjHcWx6XQk%2BA7wk3D1%2FFG2Qp07TL0juB4jGcYFrpBKBYvGT3nsCD331JwZ9MNcTztntK%2BJpg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414430b8f4eb6-FRA
content-length: 43
cf-request-id: 0a706afde900004eb67a2c5000000001

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.231:80
AN-X-Request-Uuid: 07b71661-869d-4372-9fa7-59dcd7130caf
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6792495588117786117
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame D311 0
474 B 3088ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:15 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame D311
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4971641737903619009

43 B
355 B

133ms
133ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4971641737903619009
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BOpq%2Bvp%2BT4fqWejz3NkQkpovd3dSE5GFWvlequL7f3lXu9LDzPN5E9iZv93QkHdAEBvCHM3V9HWkPWbxetKOfqTL1up4l%2FLNVghoExbP67e3PKCshGSwwORuUAY09oZ5QdMlOobUoflBvko%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414431b934eb6-FRA
content-length: 43
cf-request-id: 0a706afdeb00004eb646bee000000001

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.46:80
AN-X-Request-Uuid: fefacca4-8e7a-4239-ae2a-5731c6d96c83
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4971641737903619009
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame D311
Redirect Chain

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263

43 B
485 B

134ms
134ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:16 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sIl0JiF%2BsvEVe6xeX57FHXDKVwA2fBfk1AocfuvLo6%2BBa5%2Buw1qtyLl9UoyzYALIhUoSM%2BGfc%2B9ImqafCHGwr7%2FZtBo%2FKxdHZMkdQ1JD6PINXvnfHCVPuvEiILlBIVTTSEWsnxL4htP0080%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414575d804eb6-FRA
content-length: 43
cf-request-id: 0a706b0a9500004eb6831fa000000001

Redirect headers

Location: https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

setuid
sync.quantumdex.io/ Frame D311
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1941530558077917170

43 B
345 B

124ms
124ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1941530558077917170
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pzxd%2BHkav0wgXaWw9c838GDQk6z8A%2Fz63Z9RVQuc9IDeyZIerzsAbiAg4QR6dn5%2FBovb314y2epT0gRIEREbvluV2QAiN7yxSuSby%2BttnF9e%2B%2By9jsDxyfNsiLC6eM3ZURR4sd6R8EZ73B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414432bbd4eb6-FRA
content-length: 43
cf-request-id: 0a706afdf800004eb6b7bce000000001

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.68:80
AN-X-Request-Uuid: 2c855a56-28c4-43c8-a2fe-7bc650a1d89c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1941530558077917170
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame D311
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a5c3fa6b-57a1-486f-acea-149d663a8488

43 B
351 B

126ms
126ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a5c3fa6b-57a1-486f-acea-149d663a8488
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9WKwqTCem3fSRhY67R6foTSTvlMvPWOUT7UfwR%2Bb%2BPGC%2FmZqPhMc%2FNSwJw2lBGgp5aD4%2F5ksQNmzOfjhZINT1n0RANROpaHmvyKDpuqoBJpR%2BLSeAEyeR5BKhEt%2Fu9uYeUZuncMBE%2BMEqI0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414440dae4eb6-FRA
content-length: 43
cf-request-id: 0a706afe8200004eb6ad00d000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a5c3fa6b-57a1-486f-acea-149d663a8488
date: Wed, 02 Jun 2021 22:22:13 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame D311
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=cb09e3b3fd35c96214f0f6d6

43 B
346 B

132ms
132ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=cb09e3b3fd35c96214f0f6d6
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yjvMkoMsU8vyof%2B%2FDw21NElbJSvMW8d%2F5YuZGmLst1xAbEIBiVNL7YOqRLgIC1RzExfwG%2BWCXmlXlgfKp2lmwQdCved3MCDrMXNaNto6k7vj8E9YSHfPL5K0Klq09ot%2BmASXZ7FvzsgqGN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941442fb454eb6-FRA
content-length: 43
cf-request-id: 0a706afdd900004eb67d209000000001

Redirect headers

Date: Wed, 02 Jun 2021 22:22:12 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=cb09e3b3fd35c96214f0f6d6
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame D311
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0

43 B
350 B

131ms
129ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uyE0nHYYqkN2Qt%2BbtqoOF55IbNcNsTutorPVEdqlNKiFtPiVrVQaAYQ8qXfwG6WzYvjgClsrGuBxYbkscmQaMB2hyG1jcAhSyiHFgUZh3c%2B7NuJ2WslPzwnp8fqf8rjq5ySoDrWve8TCMkY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941443acc24eb6-FRA
content-length: 43
cf-request-id: 0a706afe4c00004eb6c0aa3000000001

Redirect headers

Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame D311
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5

43 B
343 B

134ms
134ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=V2RFIEmDLfMzkBviGF94ueXc8NiXohOZx32t7DbPhC3AErrFuJRT1xzSegpGYxpXeYzT3RPI5zCAmbSTus49KeClw1MNkTKOP6%2BjZq7JOfQ%2Fd2nYRlsAaaZRTl2bPq%2FrsIpUzVcMxn6vCF8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941443fd974eb6-FRA
content-length: 43
cf-request-id: 0a706afe7c00004eb679384000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 9D78
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

193ms
34ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6d7cb732a3ca5666137b734f7c4b7460ffd0bd75da5df7d81e55719d49b12141

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=5182; CMID=YLgElbfO5XHkX3qqrE7QDgAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|39|45|31|90|13|109
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1894
Expires: Wed, 02 Jun 2021 22:22:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Connection: keep-alive
Set-Cookie: CMID=YLgElbfO5XHkX3qqrE7QDgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 22:22:13 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 22:22:13 GMT CMPRO=1109;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 22:22:13 GMT CMST=YLgElWC4BJUA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 03 Jun 2021 22:22:13 GMT CMRUM3=2760b804950b40&1f60b8049505a00&e660b804952760&f160b8049505a0&0d60b8049505a0&2d60b8049505a0&5a60b8049505a0&6d60b8049505a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 22:22:13 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 02 Jun 2021 22:22:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Connection: keep-alive
Set-Cookie: CMID=YLgElbfO5XHkX3qqrE7QDgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 22:22:13 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 22:22:13 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame F065 43 B
555 B 3066ms
13ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Wed, 02 Jun 2021 22:22:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YLgEm; path=/; domain=.go.sonobi.com

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 54AA 8 KB
3 KB 1079ms
44ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=30776
expires: Thu, 03 Jun 2021 06:55:09 GMT
date: Wed, 02 Jun 2021 22:22:13 GMT
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame D8C8 2 KB
818 B 1024ms
9ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 02D9 0
0 1323ms
110ms Document
text/plain 67.202.110.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-110.static.steadfastdns.net
Software: 33XP003 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

x-33x-status: 2000208
server: 33XP003
date: Wed, 02 Jun 2021 22:22:13 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 897B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-cD2BwtFE2uHnEmoOTi8kF4crOEo0_azcr3mhv8I-~A

43 B
344 B

140ms
140ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-cD2BwtFE2uHnEmoOTi8kF4crOEo0_azcr3mhv8I-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9S433v9dZQgMNrrVpvnJwSqACaRtynoBtQmh%2BOoWYwgtL91m%2B38GWwX1hfQoe7yZB9Knp98G%2BewDyVN0wHXazf12kJoiyABleiNy9TERi8%2Frra3u2IoP7%2FvSrWyH7rELwtjrsBKHP2lMII8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414441ddf4eb6-FRA
content-length: 43
cf-request-id: 0a706afe8f00004eb679951000000001

Redirect headers

Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-cD2BwtFE2uHnEmoOTi8kF4crOEo0_azcr3mhv8I-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 897B
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6582740012973749551

43 B
352 B

244ms
243ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6582740012973749551
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2NgzoHfVtcdoGZgEe90T5xOwHwtfGwPT2oH4s0cglpVZEdJoVT%2FAVyLr92VggFr0ZoScUvRoVzHRv7Og0PbTdKyrTbymwvWZgjf%2Bppuua0FTn%2F8j29w6VMxYc9NwheLeKKEbJH6j2MAvyA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414432bca4eb6-FRA
content-length: 43
cf-request-id: 0a706afdfb00004eb6bf192000000001

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.149:80
AN-X-Request-Uuid: cd8c66e0-e65e-4613-902a-366c5bac3b6c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6582740012973749551
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 897B
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=de24406b-25a7-48ce-a0e2-0e8dfaf3957f

43 B
343 B

250ms
250ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=de24406b-25a7-48ce-a0e2-0e8dfaf3957f
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rV5jKJq51CfeJsnxMtJYF7AmO4WFBADYM7NVWJ5zJMrUe1GaX4Zzg6D9jo5Wee3CO3qV7IM4Z83ivpzUdIJkq0eqLT7qNXf%2Bi5YHZIuhQ7KQYnCZR%2FN9lT0e2A3ZTwvfccWlgUZXPaV%2BBS8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941443dd4b4eb6-FRA
content-length: 43
cf-request-id: 0a706afe6a00004eb67a2d0000000001

Redirect headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lDBcx3yojEYptNaV8IhG8cAFVl8eJZ8oY%2B1KpOtZMjdc42%2FBmqIBh%2FEOFrY1JlGPCwUS8RR4r9UYKaGuuTwMxj5rh5JbHExjMzbD1I2aRgA0oE4600x4bizovDKa%2F1o4PCnPM5lVvMbP"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=de24406b-25a7-48ce-a0e2-0e8dfaf3957f
cf-ray: 659414426a484eb6-FRA
content-length: 0
cf-request-id: 0a706afd8300004eb6540a3000000001

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 897B 0
474 B 3072ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:15 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 897B
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1282552310298438237

43 B
342 B

143ms
143ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1282552310298438237
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nrO64%2BMxV441XClX16WA8Mv5cLb56DD3xVdVlic11RHSRlRAX1V1XfVmuQjDxo2dZpXaeD%2Btd9bZrK8xmIapSqjbAmrABlCQOS6h7I076kbW%2FUED1oAm9gxq2DwC%2BGcbQIfSO51rYUiliow%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414436c354eb6-FRA
content-length: 43
cf-request-id: 0a706afe2300004eb6b1b4e000000001

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.232:80
AN-X-Request-Uuid: 1f349a02-e22d-434d-bf79-cf4b17d45f39
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1282552310298438237
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 897B
Redirect Chain

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263

43 B
347 B

128ms
128ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:16 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xtOD40k%2FvZ%2B8FvbugJrGOeHW2kn2%2BXLTV49RSQpSp37OH3XwnU4nV42fuyvUmowEwcsJcuytwgrMGIbtX5DXDdJi2%2F47AbplZPx5CycQHhEPulITTWDTVh%2FOgHKVRN6UClIQtqY4yEIOTSI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414575d894eb6-FRA
content-length: 43
cf-request-id: 0a706b0a9700004eb649214000000001

Redirect headers

Location: https://sync.quantumdex.io/setuid?bidder=adman&uid=61c065ec1696f79439e719708577bce141ab5263
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

setuid
sync.quantumdex.io/ Frame 897B
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6684565876476211312

43 B
346 B

130ms
129ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6684565876476211312
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dJ%2Bmghw9uYxB67CxVQuTxK4j0LTeX6EHu%2F5Eg%2BRlR5YZvBjKTNs9yL928CYqvcBipZ63LTE0vlZYlldmgs8YOOb7NuDTYXLFNXQQo73z7Mj3B6oS5hwZEqOeLNslH5%2FrhNn9XxTdZPDdaJo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414433bdd4eb6-FRA
content-length: 43
cf-request-id: 0a706afe0600004eb663883000000001

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.43:80
AN-X-Request-Uuid: 3b34de7f-a977-44aa-89bd-ecc759062804
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6684565876476211312
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 897B
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-2dea8693-a402-42c7-a811-2bc59451fa5c

43 B
369 B

128ms
127ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-2dea8693-a402-42c7-a811-2bc59451fa5c
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tUjAftDIKPhwgWptminUBcje5V5Rnog9PPyl9g0jEpF6wISJUu3FpPVFy9GCBJZyEf7penn8cz1poIL2pkgL1i%2F0SiLCx%2FKpMMyQKIZEj8GoPlL%2BWz3jQTJnJXpiSCs%2F%2F%2FiK33ulhl74i9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414440db04eb6-FRA
content-length: 43
cf-request-id: 0a706afe8200004eb6c4057000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-2dea8693-a402-42c7-a811-2bc59451fa5c
date: Wed, 02 Jun 2021 22:22:13 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 897B
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=cb09e3b3fd35c96214f0f6d6

43 B
344 B

128ms
127ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=cb09e3b3fd35c96214f0f6d6
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mkt5XkSL10%2Fx29rqQZj4RItZuGINfWsOWChz2WtdADlV2mzC%2BhlYiJ4PIRcpFCbcT71n6G%2FkfgsDJyGIAXlXmd0L%2BHlwhkjTHGAcVLohmjsYrlj%2B9e2rxOmgpMMgfosrE4JGhSObLY2EqAU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941442fb374eb6-FRA
content-length: 43
cf-request-id: 0a706afdd800004eb646bec000000001

Redirect headers

Date: Wed, 02 Jun 2021 22:22:12 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=cb09e3b3fd35c96214f0f6d6
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 897B
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0

43 B
362 B

126ms
126ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SYlGZmwLvNnsHCtQGJJTztaMNZ7qQrIeDygkwRLNuJtPDQv3zBGZ5YnFMWRlTkBuB99XUSPYire9OrDT8Pu06fc7UUEhwmuslnaETTlIsUXQmpSrmuhRP4vuMvm0fwv2w6Pxh8r2xcS1ZxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414439c944eb6-FRA
content-length: 43
cf-request-id: 0a706afe3a00004eb6ad005000000001

Redirect headers

Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfa9729f8-c3f0-11eb-a98c-06b8bfaf6aa0
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 897B
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5

43 B
482 B

137ms
136ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AWyqH14RxbeC%2FoU6R2YL2lG%2F8trveZs0KxVBrCo%2FF5B2wG8nG4sSoi3qeosDFS%2Bed4wBOTh2pMZdpsIzWfmA8W7uV2EgAjEXoqVqN2CYfWBbEXjmtCkTHB7sr%2BOYBCx7eFgjPsTbr2QR3%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941442eb0f4eb6-FRA
content-length: 43
cf-request-id: 0a706afdd800004eb6c4a51000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=b5d42d37-2542-529a-a25c-8b31c2e48fa5
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame DF10 0
0 1313ms
109ms Document
text/plain 67.202.110.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-110.static.steadfastdns.net
Software: 33XP002 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

x-33x-status: 2000208
server: 33XP002
date: Wed, 02 Jun 2021 22:22:13 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 16EB 43 B
555 B 3054ms
14ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Wed, 02 Jun 2021 22:22:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YLgEm; path=/; domain=.go.sonobi.com

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 0D6C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

201ms
29ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2d0fafbef7bae216425f493aff7604e449b8d063f5457e0e51954bfba670a0af

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=5182; CMID=YLgElbfO5XHkX3qqrE7QDwAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|45|39|47|40|130|195
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1864
Expires: Wed, 02 Jun 2021 22:22:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Connection: keep-alive
Set-Cookie: CMID=YLgElbfO5XHkX3qqrE7QDwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 22:22:13 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 22:22:13 GMT CMPRO=1169;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 22:22:13 GMT CMST=YLgElWC4BJUA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 03 Jun 2021 22:22:13 GMT CMRUM3=2d60b8049505a0&2f60b8049505a0&2860b8049505a00&e660b804952760&2760b804950b40&c360b8049505a00&8260b80495a8c0&f160b8049505a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 22:22:13 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 02 Jun 2021 22:22:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Connection: keep-alive
Set-Cookie: CMID=YLgElbfO5XHkX3qqrE7QDwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 22:22:13 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 22:22:13 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 96CB 8 KB
3 KB 1067ms
46ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=30776
expires: Thu, 03 Jun 2021 06:55:09 GMT
date: Wed, 02 Jun 2021 22:22:13 GMT
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 5A27 2 KB
818 B 1010ms
9ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1D80
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLgElLfO5XHkX3qqrE7QBwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1

43 B
1 KB

52ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1D80 70 B
265 B 93ms
30ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YLgElLfO5XHkX3qqrE7QBwAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1D80
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElLfO5XHkX3qqrE7QBwAABHYAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElLfO5XHkX3qqrE7QBwAABHYAAAAB&dcc=t

43 B
433 B

254ms
104ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElLfO5XHkX3qqrE7QBwAABHYAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElLfO5XHkX3qqrE7QBwAABHYAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 1D80
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLgElLfO5XHkX3qqrE7QBwAABHYAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEomsHH1XpCAruJjdo8zrfo&google_cver=1

43 B
315 B

151ms
21ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEomsHH1XpCAruJjdo8zrfo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEomsHH1XpCAruJjdo8zrfo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 1D80 0
0 34ms
17ms Image
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1D80
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2443503384313108326

43 B
1007 B

62ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2443503384313108326
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2443503384313108326
pragma: no-cache
date: Wed, 02 Jun 2021 22:22:12 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1D80
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739027279884314

43 B
1 KB

26ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739027279884314
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:14 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739027279884314
Date: Wed, 02 Jun 2021 22:22:14 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YLgElLfO5XHkX3qqrE7QBwAA%261142
dpm.demdex.net/ Frame 1D80 0
0 1130ms
31ms Image
application/json 52.211.113.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YLgElLfO5XHkX3qqrE7QBwAA%261142?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.113.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-113-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 setuid
sync.quantumdex.io/ Frame 1D80 43 B
347 B 127ms
127ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YLgElLfO5XHkX3qqrE7QBwAABHYAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VYhVSZ2XZy1vNZuAAMgfBgi0qddz5a2c44YypWsP4CJxw1Y%2FoKREMc2WZgDwYGw%2BDnYRMLgw95H94XlPiquI0cD0o0HwnSfmyvsk2SeS8%2Fl%2B%2FAazzUdFc%2BBixeTV8qEZ39ixn%2BJi5uOMKK8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941443dd434eb6-FRA
content-length: 43
cf-request-id: 0a706afe6600004eb6568c6000000001

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 847D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLgElD0bVbHSLFmP7IiYegAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1

43 B
1 KB

59ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 847D 70 B
264 B 66ms
30ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YLgElD0bVbHSLFmP7IiYegAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 847D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLgElD0bVbHSLFmP7IiYegAABMAAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1

43 B
315 B

168ms
22ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 847D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElD0bVbHSLFmP7IiYegAABMAAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElD0bVbHSLFmP7IiYegAABMAAAAAB&dcc=t

43 B
433 B

234ms
105ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElD0bVbHSLFmP7IiYegAABMAAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElD0bVbHSLFmP7IiYegAABMAAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 847D
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1606E040AD645DFA1DE69E3DD4B203B&gdpr=1

43 B
1 KB

26ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1606E040AD645DFA1DE69E3DD4B203B&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:16 GMT

Redirect headers

date: Wed, 02 Jun 2021 22:22:16 GMT
x-content-type-options: nosniff
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1606E040AD645DFA1DE69E3DD4B203B&gdpr=1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 01 Jun 2021 22:22:16 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 847D 43 B
146 B 7353ms
19ms Image
image/gif 3.121.66.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.66.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 847D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=CSmnMrRT1LOzfD5&gdpr=1

43 B
1 KB

23ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=CSmnMrRT1LOzfD5&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-06dc1c09a183d011e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=CSmnMrRT1LOzfD5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 847D
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=2af6bc9a-59dd-42e4-bef3-bb55c2fd8f4b

43 B
1 KB

25ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=2af6bc9a-59dd-42e4-bef3-bb55c2fd8f4b
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:14 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:14 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=2af6bc9a-59dd-42e4-bef3-bb55c2fd8f4b
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame 847D 43 B
359 B 256ms
255ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YLgElD0bVbHSLFmP7IiYegAABMAAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=j8C%2BC%2FXa%2FzmVdzqU%2FrWDnbwxX6Nd0EUkDGlVTrGk4QcUXYzUwIjdcu%2Bn2Jvf2iVEhUQazRX4gE7briuK5FnPeo8YPr6YWBBXbNug6ekurFvfUtTGyU8SiPJUyHEpYgqDHuaY2GsHG%2FBxr1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414440da54eb6-FRA
content-length: 43
cf-request-id: 0a706afe8100004eb696b36000000001

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A0F8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLgElD0bVbHSLFmP7IiYewAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1

43 B
999 B

54ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame A0F8 70 B
264 B 33ms
31ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YLgElD0bVbHSLFmP7IiYewAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame A0F8
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElD0bVbHSLFmP7IiYewAABJYAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElD0bVbHSLFmP7IiYewAABJYAAAIB&dcc=t

43 B
433 B

204ms
100ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElD0bVbHSLFmP7IiYewAABJYAAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElD0bVbHSLFmP7IiYewAABJYAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame A0F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLgElD0bVbHSLFmP7IiYewAABJYAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1

43 B
315 B

122ms
21ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A0F8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=80c660b8-0493-4901-a256-dafd7737bcef&gdpr=1&gdpr_consent=

43 B
1 KB

26ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=80c660b8-0493-4901-a256-dafd7737bcef&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

Date: Wed, 02 Jun 2021 22:23:59 GMT
Server: MT3 3736 915c305 master cdg-pixel-x8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=80c660b8-0493-4901-a256-dafd7737bcef&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 02 Jun 2021 22:23:58 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A0F8
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=8tj5c_Tcon7p2v4p9o62KvXd_yjpjfp7_I7rOAxf

43 B
1 KB

33ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=8tj5c_Tcon7p2v4p9o62KvXd_yjpjfp7_I7rOAxf
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=8tj5c_Tcon7p2v4p9o62KvXd_yjpjfp7_I7rOAxf
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A0F8
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B19B147D28C34B359353A47A642D3D89&gdpr=1

43 B
1 KB

26ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B19B147D28C34B359353A47A642D3D89&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:16 GMT

Redirect headers

date: Wed, 02 Jun 2021 22:22:16 GMT
x-content-type-options: nosniff
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B19B147D28C34B359353A47A642D3D89&gdpr=1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 01 Jun 2021 22:22:16 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A0F8
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2443503384313108326

43 B
991 B

61ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2443503384313108326
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2443503384313108326
pragma: no-cache
date: Wed, 02 Jun 2021 22:22:12 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 setuid
sync.quantumdex.io/ Frame A0F8 43 B
350 B 245ms
243ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YLgElD0bVbHSLFmP7IiYewAABJYAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VKcPRNX%2BJLn2Jtu0y3baqW0dFe%2FqAY5q8mcEZpgbR2jQl9nM5ah2%2FhyLPyfT1zbRWSj8Uldz%2FGX56MGpgt%2BBexv1ldLHUB72DNuiuq7Lb6%2FzaqRNMxw1Z%2BNiPfjO%2FMiJf4Jab7NB%2BUlBL5M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414445e4d4eb6-FRA
content-length: 43
cf-request-id: 0a706afeb400004eb6723d3000000001

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 536C 70 B
264 B 35ms
35ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YLgElLfO5XHkX3qqrE7QCwAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 536C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLgElLfO5XHkX3qqrE7QCwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1

43 B
1 KB

45ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 536C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElLfO5XHkX3qqrE7QCwAABFgAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElLfO5XHkX3qqrE7QCwAABFgAAAAB&dcc=t

43 B
433 B

209ms
104ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElLfO5XHkX3qqrE7QCwAABFgAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElLfO5XHkX3qqrE7QCwAABFgAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 536C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLgElLfO5XHkX3qqrE7QCwAABFgAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1

43 B
315 B

126ms
21ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 536C
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6759589331685250420&uid=Q6759589331685250420&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

35ms
17ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 536C
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2443503384313108326

43 B
991 B

46ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2443503384313108326
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2443503384313108326
pragma: no-cache
date: Wed, 02 Jun 2021 22:22:12 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 536C
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F5331FD3D5744F8590DD38F95747DEB0&gdpr=1

43 B
1 KB

27ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F5331FD3D5744F8590DD38F95747DEB0&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:16 GMT

Redirect headers

date: Wed, 02 Jun 2021 22:22:16 GMT
x-content-type-options: nosniff
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F5331FD3D5744F8590DD38F95747DEB0&gdpr=1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 01 Jun 2021 22:22:16 GMT

GET
H/1.1 503
Service Unavailable: Back-end server is at capacity ie
match.prod.bidr.io/cookie-sync/ Frame 536C 0
111 B 2741ms
1399ms Image
text/plain 52.210.44.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.44.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0

GET
H2 200 setuid
sync.quantumdex.io/ Frame 536C 43 B
371 B 135ms
133ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YLgElLfO5XHkX3qqrE7QCwAABFgAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QOD52SohjPi4FEEytzLp%2FTcIyJVmSIOANUst1csnk%2BzebTv9uSlFB%2FP2Xcp6zQx2IK9gSU08%2Br57pfApm%2FEfZmwwj%2BVSqXX1as7%2FD5S7oz4ES%2FiDGVmtVNirs81ydxdLl6YPdZpNCi1rahg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659414448ea14eb6-FRA
content-length: 43
cf-request-id: 0a706afed200004eb67938b000000001

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9D78
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElbfO5XHkX3qqrE7QDgAABFUAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElbfO5XHkX3qqrE7QDgAABFUAAAAB&dcc=t

43 B
433 B

210ms
104ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElbfO5XHkX3qqrE7QDgAABFUAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElbfO5XHkX3qqrE7QDgAABFUAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 9D78
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLgElbfO5XHkX3qqrE7QDgAABFUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1

43 B
315 B

118ms
21ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9D78 70 B
264 B 104ms
102ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YLgElbfO5XHkX3qqrE7QDgAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9D78
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLgElbfO5XHkX3qqrE7QDgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1

43 B
1 KB

23ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 9D78
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6759589361079538517&uid=Q6759589361079538517&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

41ms
25ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9D78
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=7AD5FFAFED674B368750C922E33BF289&gdpr=1

43 B
1 KB

51ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=7AD5FFAFED674B368750C922E33BF289&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:16 GMT

Redirect headers

date: Wed, 02 Jun 2021 22:22:16 GMT
x-content-type-options: nosniff
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=7AD5FFAFED674B368750C922E33BF289&gdpr=1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 01 Jun 2021 22:22:16 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9D78
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=064d220402c8a3445ffde32f&expiration=[EXPIRATION]&gdpr=1

43 B
1 KB

24ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=064d220402c8a3445ffde32f&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:14 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=064d220402c8a3445ffde32f&expiration=[EXPIRATION]&gdpr=1
Date: Wed, 02 Jun 2021 22:22:14 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9D78
Redirect Chain

https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=65da3c2d26c54f5a95dfb3d6db6f21c2&expiration=1625264534

43 B
1 KB

25ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=65da3c2d26c54f5a95dfb3d6db6f21c2&expiration=1625264534
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:14 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=65da3c2d26c54f5a95dfb3d6db6f21c2&expiration=1625264534
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame 9D78 43 B
478 B 129ms
128ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YLgElbfO5XHkX3qqrE7QDgAABFUAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=11xGO4BqsKgLUQjlKVb9AZIm%2BtZPpvVmxQpSHiv7tcmK0ptmP1dewJpF5YImvEvyCmCS2UkBz7MclXuZzpvDPHUjHYJrPwMXJLpJYdykrr3570Z17TPjA3WyQlqGUqJ14kN6wFHAFON0Rt4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941444bf074eb6-FRA
content-length: 43
cf-request-id: 0a706afef500004eb64f0dc000000001

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 0D6C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElbfO5XHkX3qqrE7QDwAABJEAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElbfO5XHkX3qqrE7QDwAABJEAAAAB&dcc=t

43 B
433 B

201ms
100ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElbfO5XHkX3qqrE7QDwAABJEAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:16 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLgElbfO5XHkX3qqrE7QDwAABJEAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 0D6C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLgElbfO5XHkX3qqrE7QDwAABJEAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1

43 B
315 B

108ms
20ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFN46j6j3d7k1xXu-GeP24I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 0D6C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLgElD0bVbHSLFmP7IiYegAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1

43 B
1 KB

23ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBflNuwEy-GU3vp29PVbdv4&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 0D6C 70 B
264 B 31ms
29ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YLgElbfO5XHkX3qqrE7QDwAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 22:22:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 0D6C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=db62PSiz1LOzfD5&gdpr=1

43 B
1 KB

25ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=db62PSiz1LOzfD5&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:12 GMT
Server: PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-077182e85f3323570@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=db62PSiz1LOzfD5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 503
Service Unavailable: Back-end server is at capacity ie
match.prod.bidr.io/cookie-sync/ Frame 0D6C 0
111 B 2705ms
29ms Image
text/plain 52.210.44.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.44.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 0D6C
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-87914b96-82b0-4259-bedc-3f1ef9ec38c2

43 B
1 KB

24ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-87914b96-82b0-4259-bedc-3f1ef9ec38c2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-87914b96-82b0-4259-bedc-3f1ef9ec38c2
date: Wed, 02 Jun 2021 22:22:13 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2 200 setuid
sync.quantumdex.io/ Frame 0D6C 43 B
344 B 129ms
128ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YLgElbfO5XHkX3qqrE7QDwAABJEAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8g4dMv8kbyB%2FdgXDlhU3DFdHT%2BrBo1EovYFwCDDwr7RmwkohKEd73kP97zhaeZ6pBcIC0WB4xin0bYp2vaD8WYaxbCP6AGPIa%2FeIIO63uAM7s5m3o%2BlukRA1Yax1%2Bd9AHzdYZKYaiXE7mYM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 65941444ef544eb6-FRA
content-length: 43
cf-request-id: 0a706aff1400004eb6c0ab4000000001

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame C979
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

102ms
101ms

Document
text/html

54.204.142.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.142.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 642f1ded11edcff3a7878aa590d23b479c362d8135189f24aee645ffcdfd1367

Request headers

:method: GET
:authority: um2.eqads.com
:scheme: https
:path: /um/cs&eq_cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssum-sec.casalemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: EQUser=UID=0adf86f9-7d0f-4cc2-a70f-4842b921af36
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Wed, 02 Jun 2021 22:22:13 GMT
pragma: no-cache

Redirect headers

date: Wed, 02 Jun 2021 22:22:13 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1
set-cookie: EQUser=UID=0adf86f9-7d0f-4cc2-a70f-4842b921af36; Path=/; Domain=eqads.com; Expires=Thu, 02 Sep 2021 22:22:13 GMT; Secure; SameSite=None

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 4F54 38 KB
14 KB 19ms
18ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=80576
expires: Thu, 03 Jun 2021 20:45:09 GMT
date: Wed, 02 Jun 2021 22:22:13 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 8780 38 KB
14 KB 20ms
19ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=80576
expires: Thu, 03 Jun 2021 20:45:09 GMT
date: Wed, 02 Jun 2021 22:22:13 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B4CA 38 KB
14 KB 19ms
19ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=80576
expires: Thu, 03 Jun 2021 20:45:09 GMT
date: Wed, 02 Jun 2021 22:22:13 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 13AB 38 KB
14 KB 19ms
18ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=80576
expires: Thu, 03 Jun 2021 20:45:09 GMT
date: Wed, 02 Jun 2021 22:22:13 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame C979 43 B
1 KB 27ms
27ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=0adf86f9-7d0f-4cc2-a70f-4842b921af36&expiration=1630621333
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 22:22:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 22:22:13 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 3329 38 KB
14 KB 20ms
19ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=80576
expires: Thu, 03 Jun 2021 20:45:09 GMT
date: Wed, 02 Jun 2021 22:22:13 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 146A 38 KB
14 KB 19ms
18ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=80576
expires: Thu, 03 Jun 2021 20:45:09 GMT
date: Wed, 02 Jun 2021 22:22:13 GMT
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 4F54 0
42 B 98ms
43ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93231500&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 22:22:13 GMT
content-length: 0

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 18:44:33	Name: test_cookie Value: CheckForPermission
www.celebzz.com/	1970-01-20 03:30:08	Name: _pubcid Value: 17972030-d40a-4a05-a18f-3523280d90f9
www.celebzz.com/	1970-01-19 19:27:44	Name: _pbjs_userid_consent_data Value: 6115677930566742
.celebzz.com/	1970-01-20 12:15:44	Name: _ga Value: GA1.2.802403062.1622672529
www.celebzz.com/	1970-01-20 03:30:08	Name: HstCnv2352469 Value: 1
.celebzz.com/	1970-01-19 18:44:32	Name: _gat Value: 1
www.celebzz.com/	1970-01-20 03:30:08	Name: HstPn2352469 Value: 1
www.celebzz.com/	1970-01-20 03:30:08	Name: HstCns2352469 Value: 1
.celebzz.com/	1970-01-20 04:06:08	Name: __gads Value: ID=0c914842899066b8-22d56ffd3ac80039:T=1622672529:RT=1622672529:S=ALNI_MYoyME2gGNsq_eviZmWSSkSB-EMPw
www.celebzz.com/	1970-01-20 03:30:08	Name: HstPt2352469 Value: 1
www.celebzz.com/	1970-01-19 18:44:39	Name: __vliIPL Value: {"value":["2a01:4f8:192:5414::2"],"expiredAt":1622679729198}
www.celebzz.com/	1970-01-20 03:30:08	Name: HstCmu2352469 Value: 1622672529309
.celebzz.com/	1970-01-19 18:45:58	Name: _gid Value: GA1.2.460072451.1622672529
www.celebzz.com/	1970-01-20 03:30:08	Name: HstCla2352469 Value: 1622672529309
.celebzz.com/	1970-01-19 18:44:32	Name: _gat_gtag_UA_128776493_29 Value: 1
www.celebzz.com/	1970-01-20 03:30:08	Name: HstCfa2352469 Value: 1622672529309

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://www.celebzz.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	warning	URL: http://assets.vlitag.com/prebid/default/prebid-v4.38.0.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	error	URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: http://tag.vlitag.com/v1/1622654666/54e09c31ad7d306ae43be19b235e354f.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.impactify.io
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ajax.cloudflare.com
ajax.googleapis.com
ap.lijit.com
assets.vlitag.com
bidder.criteo.com
btlr.sharethrough.com
c.sharethis.mgr.consensu.org
cdn.adnxs-simple.com
cdn.contentspread.net
cdn.jsdelivr.net
cdn2.lockerdomecdn.com
celebs.gallery
celebzz.com
cm.ctnsnet.com
cm.g.doubleclick.net
connect.facebook.net
cs.admanmedia.com
dpm.demdex.net
dsum-sec.casalemedia.com
dvr.impactify.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900012.redintelligence.net
hosupshunk.com
ib.adnxs-simple.com
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
l.sharethis.com
lockerdome.com
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
media.vlitag.com
ms.quantumdex.io
nep.advangelists.com
nym1-ib.adnxs-simple.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pm.w55c.net
prebid-eu.creativecdn.com
prebid.a-mo.net
px.owneriq.net
quantumsyndication.com
r1---sn-4g5e6ns6.googlevideo.com
redirector.googlevideo.com
s.amazon-adsystem.com
s10.histats.com
s4.histats.com
securepubads.g.doubleclick.net
services.vlitag.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
stats.vlitag.com
sync.adotmob.com
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
tag.vlitag.com
tags.mathtag.com
tg1.aniview.com
tpc.googlesyndication.com
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
useast.quantumdex.io
w.sharethis.com
waust.at
whos.amung.us
www.celebzz.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.111.242.53
104.154.142.214
136.144.59.88
138.201.84.244
142.250.186.162
151.139.242.29
159.253.128.188
172.255.6.251
178.162.133.149
178.250.0.165
18.156.0.31
18.184.153.186
18.198.109.212
18.215.128.143
185.183.112.148
185.184.8.65
185.29.133.208
185.29.135.226
185.33.221.11
185.33.221.13
185.64.190.78
188.42.196.115
192.99.8.34
193.0.160.128
2.18.232.130
2.18.233.180
2.18.233.201
2.18.234.21
2001:678:cb4:bbbb::11
216.52.2.48
216.58.212.162
2600:9000:218d:6800:c:a9b7:ddc0:93a1
2600:9000:218e:5400:3:c04e:c780:93a1
2606:4700:20::681a:34e
2606:4700:20::681a:ad1
2606:4700:20::681a:eee
2606:4700:20::681a:fee
2606:4700:20::ac43:4597
2606:4700:20::ac43:4739
2606:4700:20::ac43:47f1
2606:4700:3031::ac43:c8b2
2606:4700:3034::6815:550d
2606:4700::6810:a723
2606:4700::6812:acf
2606:4700::6812:f13
2606:4700:e2::ac40:831e
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:60::6
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:801::200e
2a00:1450:4001:802::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2008
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9c
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00:2ab::2c79
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::621
3.121.66.166
3.123.167.229
3.66.135.160
34.231.105.138
35.186.193.173
37.252.172.250
46.105.201.240
46.249.52.249
51.89.9.254
52.210.44.111
52.211.113.33
52.94.232.32
54.204.142.198
54.236.220.178
54.36.108.3
67.202.110.23
67.202.114.214
68.67.160.75
76.223.111.131
88.214.206.142
94.130.102.164
002c7038bcab10a8b618a655984729abe996fc39f412ae07df5a37641985a3c4
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
032b19d131b735f2ffb20bed03574dc1a05b3413cdc9f9ab0a9efd5bfb2353dd
07d95bd32c8cdde291cab512cc40939109ed115cc2937821ba901b38ebce0c0c
0914701ad443e5f9b78f0895e4078e63d3c29764d39fa5770eb62e9937039344
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0cc6a758fa033a81c26108238395ab193e279147214a4513945c14f295546547
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
11862faa1e6564554f1e9dd18424992cfd37f5e2730782a5a81c76eee795b86f
118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140
122414edb525f8cd33da89ee623d931dd73aea86ec96120944bf98f1c426cecf
1318d558aa5d0dbf78bba6ed9b4f2388e0f5dab061b2871a1e1c09edcb897c40
16f6b703c7b8096758daaab8c05b314d0d6dce03fb09671880c3de2b6121035c
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1cb0887e4f51d7c8b208fa335e628731d75573ed55e05a1f9bd0922d4e0645dc
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ed8efa4bdbb85c116201f6618f1f70b54454ac8e52ccaec8625e0edfc238930
1ff6e5ee472b7de6d14d56bd57712033525cbd3749fd621e86110d33a83dda42
249915f7b82c05aa6ba47ebe36f3b2e3588a1eaeb8940a72e34bf17ad4631562
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28e70fa9e94b5c4f9bf9c371c21b2f51fdb8144dfa9960b5c2c3d3763a1d382c
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d0fafbef7bae216425f493aff7604e449b8d063f5457e0e51954bfba670a0af
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
336689f242ff538a29176f815875baf9a26b9e01dc180dabaacabbc6cf87d61f
347ad8ef86aeedd009a336f41ded4f8385cc795c8a25895230f222b601892fdb
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37d10721d74b0d31034e1819279a456bd11c979f377dc56d678cff8294557fc5
3886a7c28a4cd03b7b16c0e01312750a910ef1ab08b195f0c72e18fb1b6dd24d
3aa2dfc9cba24213ef1297e5f4a0a5064b28ba4b3f36f25ce0aec9d6aee5c560
4048d0e94b6e1a66f8b4253a999092c0ee6bf9270581024654d6f135b10c578b
43d2e63b5040ecbcda62a4e0aa30375b6c1c2b6c413ba426988cd5b575f49063
46b52a8dc88c62828c07f17e5e12e88002a7ce5854627e8b997217e9d6d63c06
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a8f3db1c3450a0672a5f8482d715668e13fc62d4c8e14dc17902f86cc87a891
4f2730371e10cf59bd1dd71b2f8cdde6f289bfc8480e6c322cc2b21ea97a4289
4f3e60c10e1a6babbb010b69b642118ab9291d60f257fa7a9281b84afad45e9c
4f4ed318db35c5f69af7305536516e10419a8a2ce9459ff38149fad2a5602c1c
53711afd86ecc21dff5318d62d32ff928991f77181a845d3ec99b2fd2b844c0a
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58694600a9bb19ab424e8752ab649f1365563963d2541becd627f15045a107aa
58869f44d637b47ec364672d4275b69f7d38b117ab33e0ce6c84d739e192202e
5cb77cae461f90a163640adb82bc6ad3cead5ceb12b77e1d23d13ea685b009b6
5f538b0d80b53a9d86d81b37e0f8029b8e133e74ea6eb80c9f0c4fa106b1847c
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
631a14305b79d9763d09570f3fdad0478484b27b0cf61f5196b3b954b8bc0db0
642f1ded11edcff3a7878aa590d23b479c362d8135189f24aee645ffcdfd1367
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
647f43cd0cfdbafe354249e2c9831cc97c843fe0e44a726febdfb956bd1d25c5
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d0b8090728453b408fca5462fb8f3bb8152c60f96793b869c9f0ae21c43d543
6d7cb732a3ca5666137b734f7c4b7460ffd0bd75da5df7d81e55719d49b12141
6e307466d7334ad26c306cd691b40edc5e234e30ab1a85e8e82787e749eef871
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
72bd113972d5a2c739b2cf7eccac1de81a9b715ec2f97c0b27bc59f03ad61ca4
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
7d97fe18f84e32f7a567c9035b4ec89f77777f678a957839fa8f96df679681dc
82eb521b12f758dcf66570d77942716359e5d2f2717acf1a2b44a34926c539f8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8930245cecffde390068e3d6b76e0f8deb0872cb5aa1cebb0d6bb0beec1f7a6f
89d55725df09569004f8c7b30323b53ee5406bc1f96202aeb7f57e3e04ce5b83
8a964e69919fe55af29fa4721ba01cd4d70d23754e7f1f58027b0a427b8ef47b
8bbfcf9e327205adc97778320cfbffbe2dea45f2c48b2113027950c244dd35eb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
921b5fa9751cba7b923b534824c7996608cf89dbb161355af6c83b589ffc6269
949ee152421c4d0a3983808435477bd9e9a405deb80cab790373e8dc00fd1ff3
94a1096d4ddd1232128b8a52859680031fd1aa9df3bec2a6e25e7cf4ffd95282
95894070ccfc8d66b7d6a130ac9f30128cbe56d27978bd4223548ab52b306ee7
9648ae7af07c2fc43af3856a42307f0c90e967b16424984ea28061729631ee78
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee
988e2f112b2d3368d356884ff7cbdf6bedfa0df7c2ab9f1b01b88a7cf4e95c33
9e2427d4416c58ef59d28827b121c83d6588e191797d6eaa1b86ac3e31b1a75c
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a17a572977bcf2c2bee683b21a12238ea211bac06b9412b5dc5fe61528086ecd
a258fa2108c7a4579876f75154378f19e3ee8af7753499bad8bfb18b56cb6dfc
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a603eac48b2a94338eb03a6909eea4cfe5d4ae62ccd2aee92f77163ca6fbe36c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b
aedf443654dc81c3d47487a64d2a9e9e39b1ecde3595814b658be0f159335a22
afa16e6021272e8b9cb8affa4e56e59782095d7d45681cfb621e78d7cf3741c2
b0254b2b71686a7541889460efc6dde1ecfaa21183aed27d319bbfe7f35fd844
b0dbc69f7aee59aa94590218ee82f51424d984db50555f1b8477a21faeef431b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a7762189d8e69850fd0983f4a4a0ce634ccb6221b62c9408d79e3740e0a1be
b5b87ae21523dc88a5ed22203d4d16b74179dbb9ae92d31acdb23d2d224e1621
b7a66c0cb964ac30903ab4db3f91847f5ce265c9f5aaed47c00d8154a9eab121
b98b47a282eb415846fd2d98effe2eb604c9462c0670858b988f6aebbe35f0a3
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
be01b23a6ab9ef9dbe693126fe64fcca0b073cbb6fd60f9ceb3a8a5355218855
be3b48dbe04f652fba8973decb94e84bf9e06fd3b0d0beddfe8859d11ccd7576
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c5c68d25e4b1011d401e36544d3efed44bb772566ece33b158631a90150b5f31
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cfc0aca46ecc842c804d8ef338a14a953d284fdf34e940ef292324935a1fb3aa
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d4f87eb2fd81448ae30cbd4d65fb30d717d22e580ca7d481b8c3f7473318b7cc
d681b45f2bd08bed4eb23d7d1749bfd1c6aac7c63dbb2b061915a497f8c46693
d856823555e20dc1823ca0689ed28bc304f382df1b07bc8b9624b842cf102b65
d9229ffd4bddfc818931c2566611b3a967cf2426e6e0f285e8a9a11c9023f256
dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112
e1971551ad2f9c0153c5f5adb3fa68243fce078f1b721f83d0a49dead642afac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eff83843d16fa63e43218363cdb002c9aa52e531ab3d4532f43ac890f5497fab
f0b92945f599cd606acb1d5bf60b30d1f6a6b4cee0ff6cb8ea0a29e6903a8cae
f3cfdc20243f0cc384bc924e14fd7327bf58e4aa697f71d5a35c3a0d794ff666
f8284365ba340253ee9c71cfb5efcc37f10a23e8b8b5dd134ec7bbab05073845
fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43

www.celebzz.com Open in urlscan Pro 2606:4700:3031::ac43:c8b2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

358 Requests

78 %HTTPS

43 %IPv6

69 Domains

95 Subdomains

72 IPs

8 Countries

2135 kBTransfer

5086 kBSize

16 Cookies

6 Outgoing links

Page URL History

Redirected requests

358 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.celebzz.com Open in urlscan Pro
2606:4700:3031::ac43:c8b2 Public Scan

Screenshot
Live screenshot

Full Image

358
Requests

78 %
HTTPS

43 %
IPv6

69
Domains

95
Subdomains

72
IPs

8
Countries

2135 kB
Transfer

5086 kB
Size

16
Cookies

358 HTTP transactions
2 data transactions