URL: https://www.hawtcelebs.com/
Submission: On December 18 via manual from JP — Scanned from JP

Summary

This website contacted 193 IPs in 15 countries across 169 domains to perform 1030 HTTP transactions. The main IP is 2606:4700:3036::ac43:b893, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hawtcelebs.com. The Cisco Umbrella rank of the primary domain is 345929.
TLS certificate: Issued by GTS CA 1P5 on October 30th 2023. Valid for: 3 months.
This is the only time www.hawtcelebs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 23 2606:4700:303... 13335 (CLOUDFLAR...)
4 2404:6800:400... 15169 (GOOGLE)
43 2606:4700::68... 13335 (CLOUDFLAR...)
7 2404:6800:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 3.18.237.172 16509 (AMAZON-02)
9 65.9.42.20 16509 (AMAZON-02)
2 2a02:6ea0:d30... 60068 (CDN77 ^_^)
2 3.136.237.229 16509 (AMAZON-02)
6 3.130.244.5 16509 (AMAZON-02)
30 2404:6800:400... 15169 (GOOGLE)
12 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
13 2404:6800:400... 15169 (GOOGLE)
2 104.18.35.167 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
10 2406:2600:4::1 55569 (CRITEO-AS...)
1 2600:9000:26a... 16509 (AMAZON-02)
2 2a04:4e42:600... 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2600:9000:21e... 16509 (AMAZON-02)
14 13.35.49.117 16509 (AMAZON-02)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
28 18.140.225.254 16509 (AMAZON-02)
15 23 141.95.98.65 16276 (OVH)
4 2404:6800:400... 15169 (GOOGLE)
3 6 35.244.159.8 396982 (GOOGLE-CL...)
15 2404:6800:400... 15169 (GOOGLE)
8 2404:6800:400... 15169 (GOOGLE)
20 2607:f8b0:400... 15169 (GOOGLE)
24 2404:6800:400... 15169 (GOOGLE)
3 173.194.174.155 15169 (GOOGLE)
3 3 2404:6800:400... 15169 (GOOGLE)
6 2404:6800:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 45.156.19.151 39572 (ADVANCEDH...)
3 2606:4700:21:... 13335 (CLOUDFLAR...)
10 23.40.192.188 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
25 54.70.250.75 16509 (AMAZON-02)
1 15 51.79.154.9 16276 (OVH)
3 2404:6800:400... 15169 (GOOGLE)
1 43 172.66.41.9 13335 (CLOUDFLAR...)
11 2a02:6ea0:d30... 60068 (CDN77 ^_^)
18 172.217.161.66 15169 (GOOGLE)
3 22 2404:6800:400... 15169 (GOOGLE)
3 172.217.175.66 15169 (GOOGLE)
2 2 202.233.84.8 131957 (MICROAD M...)
21 35 142.250.198.2 15169 (GOOGLE)
4 74.118.186.106 6336 (TURN-US-ASN)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
3 103.132.192.30 138552 (RTBHOUSE-...)
2 23.108.98.2 59253 (LEASEWEB-...)
5 2406:2600:4::12 55569 (CRITEO-AS...)
29 38 103.43.90.21 29990 (ASN-APPNEX)
15 131.153.206.103 59210 (PHOENIXNA...)
2 13.251.173.5 16509 (AMAZON-02)
22 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700:440... 13335 (CLOUDFLAR...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
1 54.39.128.117 16276 (OVH)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 2404:6800:400... 15169 (GOOGLE)
1 2405:dc00:ef0... 4804 (MPX-AS Mi...)
1 3.5.133.140 16509 (AMAZON-02)
2 54.38.64.100 16276 (OVH)
1 23.216.153.76 20940 (AKAMAI-ASN1)
5 9 2406:2600:4::b 55569 (CRITEO-AS...)
1 145.239.192.166 16276 (OVH)
5 7 2620:116:800e... 16509 (AMAZON-02)
1 52.50.140.7 16509 (AMAZON-02)
1 52.18.155.110 16509 (AMAZON-02)
1 104.18.34.83 13335 (CLOUDFLAR...)
2 2404:6800:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 185.98.53.29 39572 (ADVANCEDH...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 4 64.120.110.138 59253 (LEASEWEB-...)
19 19 74.118.186.107 6336 (TURN-US-ASN)
6 6 2001:df2:a300... 6336 (TURN-US-ASN)
1 6 67.202.105.32 32748 (STEADFAST)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
20 24 35.213.12.39 15169 (GOOGLE)
2 2 35.213.93.179 15169 (GOOGLE)
6 9 2406:da18:929... 16509 (AMAZON-02)
17 31 8.39.36.141 26667 (RUBICONPR...)
1 1 54.199.74.241 16509 (AMAZON-02)
1 1 184.27.185.21 20940 (AKAMAI-ASN1)
1 2600:9000:206... 16509 (AMAZON-02)
5 2600:9000:221... 16509 (AMAZON-02)
1 13.33.88.124 16509 (AMAZON-02)
4 25 104.18.36.155 13335 (CLOUDFLAR...)
2 4 207.65.34.77 62713 (AS-PUBMATIC)
4 11 52.220.199.193 16509 (AMAZON-02)
1 1 2600:1f18:765... 14618 (AMAZON-AES)
3 5 23.106.127.38 59253 (LEASEWEB-...)
15 17 13.228.126.19 16509 (AMAZON-02)
7 11 34.111.113.62 396982 (GOOGLE-CL...)
19 20 52.223.40.198 16509 (AMAZON-02)
10 10 64.202.112.31 22075 (AS-OUTBRAIN)
3 26 52.223.2.229 16509 (AMAZON-02)
2 2 72.34.250.75 27630 (AS-XFERNET)
5 10 18.141.75.199 16509 (AMAZON-02)
1 1 18.143.106.89 16509 (AMAZON-02)
2 15 216.130.169.24 27257 (WEBAIR-IN...)
5 5 139.99.123.110 16276 (OVH)
7 8 209.191.163.208 32475 (SINGLEHOP...)
1 1 59.151.138.103 20940 (AKAMAI-ASN1)
1 1 8.2.110.161 46636 (NATCOWEB)
4 4 198.8.71.130 54312 (ROCKETFUEL)
3 3 34.202.71.208 14618 (AMAZON-AES)
8 8 67.202.105.23 32748 (STEADFAST)
1 172.66.42.247 13335 (CLOUDFLAR...)
2 3.128.138.194 16509 (AMAZON-02)
5 51.89.67.82 16276 (OVH)
3 3 3.223.88.167 14618 (AMAZON-AES)
2 2 18.238.192.21 16509 (AMAZON-02)
2 6 35.244.154.8 15169 (GOOGLE)
2 8 52.46.143.56 16509 (AMAZON-02)
7 9 54.174.240.211 14618 (AMAZON-AES)
1 1 35.208.249.213 15169 (GOOGLE)
6 6 185.184.8.90 204995 (RTB-HOUSE...)
11 18.65.207.58 16509 (AMAZON-02)
10 130.211.115.4 396982 (GOOGLE-CL...)
5 182.161.74.11 55569 (CRITEO-AS...)
3 198.206.157.242 399668 (E-PLANNING-)
4 4 35.227.252.103 15169 (GOOGLE)
2 64.120.110.137 59253 (LEASEWEB-...)
1 212.129.3.112 12876 (Online SAS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 51.222.80.231 16276 (OVH)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 12 23.106.127.56 59253 (LEASEWEB-...)
3 6 52.69.237.108 16509 (AMAZON-02)
3 4 119.9.108.211 45187 (RACKSPACE...)
9 12 18.177.116.10 16509 (AMAZON-02)
7 7 23.208.233.60 16625 (AKAMAI-AS)
16 23.40.149.60 16625 (AKAMAI-AS)
2 2 23.108.103.8 59253 (LEASEWEB-...)
5 34.117.239.71 396982 (GOOGLE-CL...)
1 5 2620:1ec:21::14 8068 (MICROSOFT...)
4 6 52.76.7.220 16509 (AMAZON-02)
2 3 13.115.66.78 16509 (AMAZON-02)
1 1 67.202.105.21 32748 (STEADFAST)
2 141.95.98.64 16276 (OVH)
2 54.217.177.23 16509 (AMAZON-02)
6 34.149.40.38 15169 (GOOGLE)
1 3 207.65.34.81 62713 (AS-PUBMATIC)
20 52.25.192.112 16509 (AMAZON-02)
5 54.169.41.251 16509 (AMAZON-02)
2 64.202.112.223 23352 (SERVERCEN...)
1 21 195.244.31.10 63140 (IGUANA-WO...)
1 216.169.156.30 398017 (RTBHOUSE-PHX)
1 2602:803:c006... 26667 (RUBICONPR...)
1 64.120.110.136 59253 (LEASEWEB-...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 99.84.133.60 16509 (AMAZON-02)
23 207.65.34.80 62713 (AS-PUBMATIC)
2 2 54.65.75.62 16509 (AMAZON-02)
1 1 18.176.179.11 16509 (AMAZON-02)
1 220.150.223.50 4686 (BEKKOAME ...)
1 35.72.102.184 16509 (AMAZON-02)
2 5 182.161.74.16 55569 (CRITEO-AS...)
6 7 151.101.2.49 54113 (FASTLY)
1 2 35.186.193.173 15169 (GOOGLE)
1 1 139.162.84.221 63949 (AKAMAI-LI...)
1 1 82.145.213.8 39832 (NO-OPERA)
2 2 35.214.218.94 15169 (GOOGLE)
3 4 34.124.209.251 396982 (GOOGLE-CL...)
3 3 122.248.253.6 16509 (AMAZON-02)
2 3 124.146.153.167 2514 (INFOSPHER...)
1 3 207.65.34.74 62713 (AS-PUBMATIC)
8 8 185.84.60.20 198622 (ADFORM)
4 4 2a02:fa8:c411... 399104 (CNVR-APAC)
1 2 2606:4700:1::... 13335 (CLOUDFLAR...)
4 4 54.157.57.36 14618 (AMAZON-AES)
3 4 23.106.127.169 59253 (LEASEWEB-...)
1 104.17.216.204 13335 (CLOUDFLAR...)
1 34.229.3.43 14618 (AMAZON-AES)
2 52.53.103.154 16509 (AMAZON-02)
3 3 54.183.254.196 16509 (AMAZON-02)
2 3 52.192.253.158 16509 (AMAZON-02)
1 1 2600:9000:208... 16509 (AMAZON-02)
4 98.98.134.241 21859 (ZEN-ECN)
1 69.169.86.38 29838 (AMC)
3 3 2001:df2:a300... 6336 (TURN-US-ASN)
1 1 18.141.88.119 16509 (AMAZON-02)
2 23.36.17.70 16625 (AKAMAI-AS)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 13.78.59.237 8075 (MICROSOFT...)
2 2 8.43.72.97 26667 (RUBICONPR...)
1 54.239.38.253 16509 (AMAZON-02)
1 1 2600:9000:221... 16509 (AMAZON-02)
1 2 13.225.183.10 16509 (AMAZON-02)
2 23.220.70.96 20940 (AKAMAI-ASN1)
1 34.117.77.79 396982 (GOOGLE-CL...)
1 2 54.158.15.169 14618 (AMAZON-AES)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 28 104.22.68.131 13335 (CLOUDFLAR...)
1 151.101.65.108 54113 (FASTLY)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 203.195.121.141 7979 (SERVERS-COM)
3 4 2600:9000:21b... 16509 (AMAZON-02)
3 3.214.250.236 14618 (AMAZON-AES)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
3 3 37.157.3.26 198622 (ADFORM)
1 207.65.34.87 62713 (AS-PUBMATIC)
1 69.173.158.92 26667 (RUBICONPR...)
1 1 69.173.158.64 26667 (RUBICONPR...)
2 185.86.139.85 201081 (SMARTADSE...)
1 2406:2600:4::22 55569 (CRITEO-AS...)
2 182.161.74.13 55569 (CRITEO-AS...)
3 2406:2600:4::1f 55569 (CRITEO-AS...)
1 2406:2600:4::7 55569 (CRITEO-AS...)
1 23.40.148.27 16625 (AKAMAI-AS)
1 141.226.231.48 200478 (TABOOLA-AS)
1 23.40.149.101 16625 (AKAMAI-AS)
1 124.146.153.151 2514 (INFOSPHER...)
1 18.65.216.96 16509 (AMAZON-02)
1 3.37.95.197 16509 (AMAZON-02)
1 52.199.118.63 16509 (AMAZON-02)
1 66.225.223.159 3949 (NTTA-3946)
1 2600:140b:500... 20940 (AKAMAI-ASN1)
1 13.251.232.112 16509 (AMAZON-02)
1 35.160.8.191 16509 (AMAZON-02)
1 18.164.154.83 ()
1 1 13.249.160.110 ()
2 2 45.137.176.88 ()
1 52.25.95.187 ()
1 1 64.38.119.44 ()
3 13.231.25.160 ()
2 2600:9000:20c... ()
2 2 63.251.14.14 ()
1 1 23.219.68.21 ()
1 1 213.19.162.90 ()
2 2 34.96.71.22 ()
1 1 52.193.13.224 ()
1 1 34.95.81.168 ()
1 2 74.214.196.131 ()
14 54.238.120.71 ()
1 8.18.47.7 ()
1 1 185.184.10.30 ()
1 54.198.64.103 ()
1 1 2a04:4e42:600... ()
1 1 34.226.252.48 ()
1 18.65.216.109 ()
1030 193
Apex Domain
Subdomains
Transfer
94 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
bid.g.doubleclick.net — Cisco Umbrella Rank: 840
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
440 KB
61 googlesyndication.com
861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
ade.googlesyndication.com — Cisco Umbrella Rank: 293
268 KB
60 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
eus.rubiconproject.com — Cisco Umbrella Rank: 588
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 788
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 27785
pixel-eu.rubiconproject.com
141 KB
46 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 7459
trends.revcontent.com — Cisco Umbrella Rank: 1899
yeet.revcontent.com — Cisco Umbrella Rank: 8461
img.revcontent.com — Cisco Umbrella Rank: 9953
images.revcontent.com — Cisco Umbrella Rank: 8620
357 KB
44 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 7726
router.infolinks.com — Cisco Umbrella Rank: 2762
rt3008.infolinks.com — Cisco Umbrella Rank: 68439
348 KB
44 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 544
image8.pubmatic.com — Cisco Umbrella Rank: 661
image6.pubmatic.com — Cisco Umbrella Rank: 793
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image2.pubmatic.com — Cisco Umbrella Rank: 859
image4.pubmatic.com — Cisco Umbrella Rank: 1224
ow.pubmatic.com — Cisco Umbrella Rank: 1688
simage4.pubmatic.com — Cisco Umbrella Rank: 1304
201 KB
43 demand.supply
live.demand.supply — Cisco Umbrella Rank: 57430
api.demand.supply — Cisco Umbrella Rank: 105180
55 KB
42 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
123 KB
39 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
acdn.adnxs.com — Cisco Umbrella Rank: 610
46 KB
28 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 592
eb2.3lift.com — Cisco Umbrella Rank: 372
15 KB
28 smilewanted.com
prebid.smilewanted.com Failed
csync.smilewanted.com — Cisco Umbrella Rank: 2705
static.smilewanted.com — Cisco Umbrella Rank: 9095
38 KB
27 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 776
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
dis.criteo.com — Cisco Umbrella Rank: 550
ads.as.criteo.com — Cisco Umbrella Rank: 15127
cat.jp2.as.criteo.com — Cisco Umbrella Rank: 40993
widget.jp2.as.criteo.com — Cisco Umbrella Rank: 194201
65 KB
27 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4156
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1240
19 KB
27 gstatic.com
fonts.gstatic.com
csi.gstatic.com
127 KB
25 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
ssum.casalemedia.com — Cisco Umbrella Rank: 1351
r.casalemedia.com — Cisco Umbrella Rank: 1462
dsum.casalemedia.com
18 KB
24 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
10 KB
24 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
57 KB
23 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622
sync.smartadserver.com — Cisco Umbrella Rank: 1285
ww1097.smartadserver.com — Cisco Umbrella Rank: 45151
11 KB
23 hawtcelebs.com
www.hawtcelebs.com — Cisco Umbrella Rank: 345929
580 KB
22 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 19494
sync.quantumdex.io — Cisco Umbrella Rank: 4292
4 KB
21 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3655
visitor.omnitagjs.com
visitor-usa02.omnitagjs.com
7 KB
21 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2371
public.servenobid.com
11 KB
20 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
9 KB
18 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
assets.a-mo.net — Cisco Umbrella Rank: 1553
17 KB
17 gumgum.com
g2.gumgum.com
usersync.gumgum.com
rtb.gumgum.com
5 KB
17 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404
analytics.google.com — Cisco Umbrella Rank: 152
www.google.com — Cisco Umbrella Rank: 2
72 KB
16 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
btlr.sharethrough.com — Cisco Umbrella Rank: 1054
6 KB
16 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
ssc-cms.33across.com — Cisco Umbrella Rank: 904
cdn-tc.33across.com — Cisco Umbrella Rank: 25423
events-ssc.33across.com — Cisco Umbrella Rank: 1493
dp1.33across.com — Cisco Umbrella Rank: 7877
ssc.33across.com Failed
11 KB
15 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1750
7 KB
15 ad-score.com
js.ad-score.com — Cisco Umbrella Rank: 8168
data.ad-score.com — Cisco Umbrella Rank: 7754
211 KB
15 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
5 KB
14 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
imageproxy.as.criteo.net — Cisco Umbrella Rank: 15904
csm.as.criteo.net — Cisco Umbrella Rank: 15538
137 KB
13 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
7 KB
13 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1628
mp.4dex.io — Cisco Umbrella Rank: 2346
u.4dex.io — Cisco Umbrella Rank: 3500
53 KB
13 vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 40308
s3.vlitag.com
1 MB
12 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 981
6 KB
12 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 586
b1h.zemanta.com — Cisco Umbrella Rank: 5429
6 KB
12 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
u.openx.net — Cisco Umbrella Rank: 672
rtb.openx.net — Cisco Umbrella Rank: 695
us-u.openx.net — Cisco Umbrella Rank: 491
2 KB
12 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 26644
creativecdn.com — Cisco Umbrella Rank: 564
prebid-us.creativecdn.com — Cisco Umbrella Rank: 9532
us.creativecdn.com
5 KB
12 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
656 KB
11 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
cm.adform.net — Cisco Umbrella Rank: 1211
5 KB
11 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
2 KB
11 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 43722
224 KB
10 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
ce.lijit.com
5 KB
10 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 666
ice.360yield.com — Cisco Umbrella Rank: 1817
match.360yield.com
5 KB
10 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2234
s.e-planning.net — Cisco Umbrella Rank: 4907
u-sin01.e-planning.net — Cisco Umbrella Rank: 84246
pbjs.e-planning.net — Cisco Umbrella Rank: 7137
5 KB
10 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 805
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 4341
3 KB
9 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
3 KB
9 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
6 KB
9 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
d.turn.com — Cisco Umbrella Rank: 1349
4 KB
9 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1193
r2---sn-ogul7ne6.c.2mdn.net
9 MB
7 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
rtd-tm.everesttech.net — Cisco Umbrella Rank: 2955
2 KB
7 affec.tv
map.go.affec.tv — Cisco Umbrella Rank: 7853
go.affec.tv
5 KB
7 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 13327
ic.tynt.com — Cisco Umbrella Rank: 11417
de.tynt.com — Cisco Umbrella Rank: 1577
hde.tynt.com — Cisco Umbrella Rank: 4170
18 KB
7 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1276
cms.quantserve.com — Cisco Umbrella Rank: 749
pixel.quantserve.com — Cisco Umbrella Rank: 1011
12 KB
7 vliplatform.com
px.vliplatform.com — Cisco Umbrella Rank: 35885
2 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
2 KB
6 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
id.rlcdn.com
1 KB
6 servg1.net
servg1.net — Cisco Umbrella Rank: 111094
62 KB
6 adxadserv.com
static.adxadserv.com — Cisco Umbrella Rank: 205096
ads.adxadserv.com — Cisco Umbrella Rank: 151370
adxadserv.com — Cisco Umbrella Rank: 127046
28 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
1 KB
5 sunmedia.tv
static.sunmedia.tv — Cisco Umbrella Rank: 22489
1 KB
5 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
3 KB
4 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 674
2 KB
4 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1601
3 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
748 B
4 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 499
d.agkn.com — Cisco Umbrella Rank: 686
2 KB
4 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
2 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2850
triplelift-match.dotomi.com — Cisco Umbrella Rank: 3388
1 KB
4 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
adgen.socdm.com — Cisco Umbrella Rank: 24265
3 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
i.w55c.net — Cisco Umbrella Rank: 1431
3 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
2 KB
4 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1234
2 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
i6.liadm.com — Cisco Umbrella Rank: 2358
2 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
3 KB
3 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2453
1 KB
3 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1768
1 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
2 KB
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1557
571 B
3 mgid.com
cm-x.mgid.com — Cisco Umbrella Rank: 6820
cm.mgid.com — Cisco Umbrella Rank: 1303
1 KB
3 media.net
cs.media.net — Cisco Umbrella Rank: 1381
contextual.media.net — Cisco Umbrella Rank: 665
hbx.media.net
2 KB
3 cpx.to
p.cpx.to — Cisco Umbrella Rank: 10397
s.cpx.to — Cisco Umbrella Rank: 7982
5 KB
3 dtscout.com
t.dtscout.com — Cisco Umbrella Rank: 14358
5 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206 Failed
193 KB
2 contextweb.com
bh.contextweb.com
2 KB
2 company-target.com
s.company-target.com
718 B
2 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com
1 KB
2 adotmob.com
sync.adotmob.com
1 KB
2 adtdp.com
ad.as.amanad.adtdp.com — Cisco Umbrella Rank: 6266
dynalyst-sync.adtdp.com
1 KB
2 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1460
trc.taboola.com
865 B
2 bing.com
c.bing.com — Cisco Umbrella Rank: 228
861 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1289
668 B
2 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 866
1 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 846
sync1.intentiq.com — Cisco Umbrella Rank: 2869
2 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 638
987 B
2 sharethis.com
sync.sharethis.com — Cisco Umbrella Rank: 2848
464 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
509 B
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4999
663 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4682
1 KB
2 ladsp.com
cr-p10.ladsp.com
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
555 B
2 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2137
1 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
1 KB
2 jnxm2.com
jnxm2.com — Cisco Umbrella Rank: 42702
32 KB
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 951
1 KB
2 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 6834
cs.adingo.jp — Cisco Umbrella Rank: 3767
830 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2269
961 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
1 KB
2 onetag-cdn.com
onetag-cdn.com — Cisco Umbrella Rank: 76076
106 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
11 KB
2 tmyzer.com
c.tmyzer.com — Cisco Umbrella Rank: 39874
560 B
2 googlevideo.com
redirector.googlevideo.com — Cisco Umbrella Rank: 1163
r3---sn-v2u0n-ntqr.googlevideo.com
980 B
2 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 30104
sync.aralego.com — Cisco Umbrella Rank: 2837
593 B
2 microad.jp
s-cs.send.microad.jp — Cisco Umbrella Rank: 17722
1 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 15174
s4.histats.com — Cisco Umbrella Rank: 14862
5 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
2 KB
2 vastserved.com
vastserved.com — Cisco Umbrella Rank: 353457
41 KB
2 smart1adserver.com
smart1adserver.com
2 KB
1 userreport.com
audex.userreport.com
433 B
1 shareaholic.com
pixel.shareaholic.com
514 B
1 adentifi.com
rtb.adentifi.com
285 B
1 deepintent.com
match.deepintent.com
44 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi
269 B
1 bttrack.com
bttrack.com
421 B
1 postrelease.com
jadserve.postrelease.com
534 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 699
337 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2331
620 B
1 clmbtech.com
ade.clmbtech.com — Cisco Umbrella Rank: 2794
259 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 689
287 B
1 dable.io
adx.dable.io — Cisco Umbrella Rank: 24311
141 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2120
278 B
1 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 16103
1 KB
1 ml314.com
ml314.com — Cisco Umbrella Rank: 1824
384 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1398
556 B
1 cintnetworks.com
c.cintnetworks.com — Cisco Umbrella Rank: 8220
305 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1812
72 B
1 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1408
324 B
1 truoptik.com
dmp.truoptik.com — Cisco Umbrella Rank: 2193
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1072
554 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2197
436 B
1 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 21062
38 B
1 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 12406
243 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 28404
455 B
1 dtssrv.com
a.dtssrv.com — Cisco Umbrella Rank: 24329
442 B
1 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2888
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2916
400 B
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 15253
598 B
1 sddan.com
kvt.sddan.com — Cisco Umbrella Rank: 42383
659 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 902
371 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1658
312 B
1 iqm.com
pxl.iqm.com — Cisco Umbrella Rank: 4391
504 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1296
1 KB
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2266
1 KB
1 cx732.com
sc.cx732.com — Cisco Umbrella Rank: 93702
29 KB
1 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 45315
859 B
1 leadplace.fr
tag.leadplace.fr — Cisco Umbrella Rank: 43720
4 KB
1 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 10999
36 KB
1 amazonaws.com
elasticbeanstalk-us-east-2-734424706109.s3.us-east-2.amazonaws.com — Cisco Umbrella Rank: 252635
5 KB
1 amung.us
whos.amung.us — Cisco Umbrella Rank: 17707
183 B
1 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 26283
408 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789
3 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
89 KB
1 waust.at
waust.at — Cisco Umbrella Rank: 43427
7 KB
0 spot.im Failed
api-2-0.spot.im Failed
0 a-mx.com Failed
id.a-mx.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
1030 169
Domain Requested by
37 live.demand.supply www.hawtcelebs.com
live.demand.supply
client
35 cm.g.doubleclick.net 21 redirects 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
bcp.crwdcntrl.net
router.infolinks.com
eb2.3lift.com
g2.gumgum.com
30 securepubads.g.doubleclick.net www.hawtcelebs.com
securepubads.g.doubleclick.net
861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
services.vlitag.com
www.googletagservices.com
27 router.infolinks.com 1 redirects resources.infolinks.com
router.infolinks.com
ssum-sec.casalemedia.com
26 csync.smilewanted.com 1 redirects s3.vlitag.com
csync.smilewanted.com
ads.pubmatic.com
ads.themoneytizer.com
26 eb2.3lift.com 3 redirects s3.vlitag.com
eb2.3lift.com
sync.quantumdex.io
ads.as.criteo.com
24 x.bidswitch.net 20 redirects ads.us.e-planning.net
ads.as.criteo.com
24 pagead2.googlesyndication.com 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
23 ib.adnxs.com 15 redirects s3.vlitag.com
p.cpx.to
eb2.3lift.com
acdn.adnxs.com
23 id5-sync.com 15 redirects cdn.id5-sync.com
ced.sascdn.com
ads.themoneytizer.com
www.hawtcelebs.com
s3.vlitag.com
23 www.hawtcelebs.com 2 redirects www.hawtcelebs.com
22 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
20 ads.servenobid.com ads.themoneytizer.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
ssbsync.smartadserver.com
cs-server-s2s.yellowblue.io
cs-rtb.minutemedia-prebid.com
20 match.adsrvr.org 19 redirects p.cpx.to
20 csi.gstatic.com imasdk.googleapis.com
19 sync.quantumdex.io s3.vlitag.com
sync.quantumdex.io
ssum-sec.casalemedia.com
sync.adkernel.com
cs-server-s2s.yellowblue.io
ads.pubmatic.com
18 ade.googlesyndication.com
17 sync.crwdcntrl.net bcp.crwdcntrl.net
17 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
17 pixel.rubiconproject.com 11 redirects www.hawtcelebs.com
router.infolinks.com
ads.as.criteo.com
16 simage2.pubmatic.com ads.pubmatic.com
ads.as.criteo.com
16 eus.rubiconproject.com hde.tynt.com
eus.rubiconproject.com
www.hawtcelebs.com
ads.themoneytizer.com
visitor.omnitagjs.com
public.servenobid.com
g2.gumgum.com
16 ups.analytics.yahoo.com 14 redirects assets.a-mo.net
ads.as.criteo.com
16 yeet.revcontent.com assets.revcontent.com
15 secure.adnxs.com 14 redirects hde.tynt.com
15 sync.adkernel.com 2 redirects router.infolinks.com
sync.quantumdex.io
sync.adkernel.com
ads.pubmatic.com
public.servenobid.com
ads.us.e-planning.net
15 prebid.a-mo.net s3.vlitag.com
ads.themoneytizer.com
router.infolinks.com
15 onetag-sys.com 1 redirects securepubads.g.doubleclick.net
ads.themoneytizer.com
onetag-sys.com
router.infolinks.com
www.hawtcelebs.com
sync.quantumdex.io
visitor.omnitagjs.com
public.servenobid.com
sync.adkernel.com
15 tpc.googlesyndication.com 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
imasdk.googleapis.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
14 usersync.gumgum.com g2.gumgum.com
ads.pubmatic.com
public.servenobid.com
14 token.rubiconproject.com 6 redirects eus.rubiconproject.com
bcp.crwdcntrl.net
14 tags.crwdcntrl.net securepubads.g.doubleclick.net
t.dtscout.com
cdn-tc.33across.com
tags.crwdcntrl.net
s.e-planning.net
13 sync.1rx.io 13 redirects
13 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
12 ps.eyeota.net 9 redirects bcp.crwdcntrl.net
12 rtb-csync.smartadserver.com 4 redirects ads.as.criteo.com
ssbsync.smartadserver.com
11 visitor.omnitagjs.com 1 redirects ads.themoneytizer.com
visitor.omnitagjs.com
ssbsync.smartadserver.com
11 images.revcontent.com
11 pixel.tapad.com 7 redirects router.infolinks.com
hde.tynt.com
11 match.sharethrough.com 4 redirects router.infolinks.com
ssbsync.smartadserver.com
11 ads.themoneytizer.com securepubads.g.doubleclick.net
ads.themoneytizer.com
11 bcp.crwdcntrl.net tags.crwdcntrl.net
bcp.crwdcntrl.net
10 data.ad-score.com js.ad-score.com
10 b1sync.zemanta.com 10 redirects
10 resources.infolinks.com www.hawtcelebs.com
resources.infolinks.com
10 ads.pubmatic.com assets.revcontent.com
hde.tynt.com
www.hawtcelebs.com
sync.quantumdex.io
sync.adkernel.com
csync.smilewanted.com
public.servenobid.com
g2.gumgum.com
10 static.criteo.net securepubads.g.doubleclick.net
s3.vlitag.com
static.criteo.net
ads.themoneytizer.com
ads.as.criteo.com
9 visitor-usa02.omnitagjs.com visitor.omnitagjs.com
de.tynt.com
9 sync.srv.stackadapt.com 7 redirects eb2.3lift.com
9 pr-bh.ybp.yahoo.com 6 redirects ssum-sec.casalemedia.com
9 gum.criteo.com 5 redirects ads.themoneytizer.com
static.criteo.net
9 trends.revcontent.com assets.revcontent.com
9 assets.revcontent.com www.hawtcelebs.com
assets.revcontent.com
8 c1.adform.net 8 redirects
8 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
bcp.crwdcntrl.net
router.infolinks.com
eb2.3lift.com
8 ssc-cms.33across.com 8 redirects
8 ap.lijit.com 7 redirects visitor.omnitagjs.com
8 s3.vlitag.com services.vlitag.com
8 imasdk.googleapis.com 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
services.vlitag.com
resources.infolinks.com
7 image2.pubmatic.com ads.pubmatic.com
www.hawtcelebs.com
7 secure-assets.rubiconproject.com 7 redirects
7 rt3008.infolinks.com resources.infolinks.com
7 px.vliplatform.com
7 fonts.gstatic.com fonts.googleapis.com
6 sync-tm.everesttech.net 5 redirects ads.pubmatic.com
6 u.4dex.io ads.us.e-planning.net
ads.pubmatic.com
6 map.go.affec.tv 4 redirects hde.tynt.com
6 match.prod.bidr.io 3 redirects router.infolinks.com
ssum-sec.casalemedia.com
visitor.omnitagjs.com
6 creativecdn.com 6 redirects
6 ad.turn.com 6 redirects
6 r2---sn-ogul7ne6.c.2mdn.net
6 api.demand.supply live.demand.supply
6 servg1.net www.hawtcelebs.com
servg1.net
5 btlr.sharethrough.com ads.themoneytizer.com
5 px.ads.linkedin.com 1 redirects hde.tynt.com
router.infolinks.com
eb2.3lift.com
de.tynt.com
5 events-ssc.33across.com hde.tynt.com
router.infolinks.com
ads.pubmatic.com
5 mug.criteo.com www.hawtcelebs.com
5 idsync.rlcdn.com 2 redirects ssum-sec.casalemedia.com
bcp.crwdcntrl.net
ads.as.criteo.com
5 static.sunmedia.tv cdnjs.cloudflare.com
www.hawtcelebs.com
5 cms.quantserve.com 5 redirects
5 ads.stickyadstv.com 5 redirects ssum-sec.casalemedia.com
5 ad.360yield.com 2 redirects ads.themoneytizer.com
5 ssbsync.smartadserver.com 3 redirects visitor.omnitagjs.com
public.servenobid.com
5 ssum-sec.casalemedia.com 1 redirects router.infolinks.com
ssum-sec.casalemedia.com
sync.quantumdex.io
public.servenobid.com
5 js.ad-score.com assets.revcontent.com
js.ad-score.com
5 sync.targeting.unrulymedia.com 5 redirects
5 bidder.criteo.com s3.vlitag.com
ads.themoneytizer.com
www.hawtcelebs.com
5 services.vlitag.com 1 redirects www.hawtcelebs.com
services.vlitag.com
4 s.ad.smaato.net 3 redirects ads.as.criteo.com
4 ads.betweendigital.com 4 redirects
4 pixel-sync.sitescout.com bcp.crwdcntrl.net
eb2.3lift.com
4 sync.smartadserver.com 3 redirects bcp.crwdcntrl.net
4 sync.ipredictive.com 4 redirects
4 um.simpli.fi 3 redirects
4 dis.criteo.com 2 redirects
4 uipglob.semasio.net 3 redirects
4 rtb.openx.net 4 redirects
4 p.rfihub.com 4 redirects
4 image8.pubmatic.com 2 redirects router.infolinks.com
4 de.tynt.com 1 redirects cdn.tynt.com
visitor.omnitagjs.com
4 ads.us.e-planning.net 1 redirects www.hawtcelebs.com
sync.adkernel.com
4 script.4dex.io s3.vlitag.com
script.4dex.io
ads.themoneytizer.com
4 targeting.unrulymedia.com s3.vlitag.com
4 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 fonts.googleapis.com www.hawtcelebs.com
861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
3 match.360yield.com 1 redirects
3 imageproxy.as.criteo.net ads.as.criteo.com
3 cm.adform.net 3 redirects
3 cs-server-s2s.yellowblue.io sync.quantumdex.io
visitor.omnitagjs.com
public.servenobid.com
3 assets.a-mo.net prebid.a-mo.net
assets.a-mo.net
3 d.turn.com 3 redirects
3 aa.agkn.com 2 redirects bcp.crwdcntrl.net
3 aorta.clickagy.com 3 redirects
3 tg.socdm.com 2 redirects ads.as.criteo.com
3 pm.w55c.net 3 redirects
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 dpm.demdex.net 2 redirects bcp.crwdcntrl.net
3 s.e-planning.net ads.us.e-planning.net
3 i.liadm.com 3 redirects
3 ssp.disqus.com 3 redirects
3 u.openx.net 2 redirects router.infolinks.com
3 adxadserv.com ads.adxadserv.com
adxadserv.com
3 mp.4dex.io s3.vlitag.com
ads.themoneytizer.com
3 useast.quantumdex.io s3.vlitag.com
3 prebid-asia.creativecdn.com s3.vlitag.com
3 googleads4.g.doubleclick.net
3 t.dtscout.com waust.at
t.dtscout.com
3 gcdn.2mdn.net 3 redirects
3 bid.g.doubleclick.net imasdk.googleapis.com
3 www.googletagservices.com securepubads.g.doubleclick.net
2 rtb.gumgum.com g2.gumgum.com
2 bh.contextweb.com 1 redirects ssum-sec.casalemedia.com
2 s.company-target.com 2 redirects
2 ce.lijit.com 2 redirects
2 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
2 sync.adotmob.com 2 redirects
2 cat.jp2.as.criteo.com www.hawtcelebs.com
ads.as.criteo.com
2 ww1097.smartadserver.com ced.sascdn.com
2 ice.360yield.com 2 redirects
2 static.smilewanted.com csync.smilewanted.com
2 triplelift-match.dotomi.com 2 redirects
2 c.bing.com eb2.3lift.com
ads.as.criteo.com
2 thrtle.com 1 redirects bcp.crwdcntrl.net
2 hb.yahoo.net router.infolinks.com
2 pixel-us-east.rubiconproject.com 2 redirects
2 tags.bluekai.com bcp.crwdcntrl.net
ads.as.criteo.com
2 sync.sharethis.com bcp.crwdcntrl.net
2 cm.mgid.com 1 redirects bcp.crwdcntrl.net
2 pubmatic-match.dotomi.com 2 redirects
2 image4.pubmatic.com 1 redirects
2 csync.loopme.me 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 pool.admedo.com 2 redirects
2 cr-p10.ladsp.com 2 redirects
2 b1h.zemanta.com ads.themoneytizer.com
2 s.cpx.to p.cpx.to
www.hawtcelebs.com
2 lb.eu-1-id5-sync.com ads.themoneytizer.com
s3.vlitag.com
2 inv-nets.admixer.net 2 redirects
2 us-u.openx.net 1 redirects hde.tynt.com
2 u-sin01.e-planning.net ads.us.e-planning.net
2 live.rezync.com 2 redirects
2 jnxm2.com vastserved.com
servg1.net
2 sync.go.sonobi.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 onetag-cdn.com onetag-sys.com
2 cdnjs.cloudflare.com vastserved.com
servg1.net
2 www.google.com 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
tpc.googlesyndication.com
2 c.tmyzer.com ads.themoneytizer.com
2 tlx.3lift.com s3.vlitag.com
2 s-cs.send.microad.jp 2 redirects
2 analytics.google.com www.googletagmanager.com
2 oajs.openx.net 1 redirects www.hawtcelebs.com
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
s3.vlitag.com
2 vastserved.com www.hawtcelebs.com
vastserved.com
2 static.adxadserv.com www.hawtcelebs.com
2 smart1adserver.com www.hawtcelebs.com
smart1adserver.com
1 audex.userreport.com bcp.crwdcntrl.net
1 pixel.shareaholic.com 1 redirects
1 trc.taboola.com 1 redirects
1 rtb.adentifi.com eb2.3lift.com
1 us.creativecdn.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 dynalyst-sync.adtdp.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 hbx.media.net 1 redirects
1 g2.gumgum.com public.servenobid.com
1 id.rlcdn.com visitor.omnitagjs.com
1 bttrack.com 1 redirects
1 jadserve.postrelease.com visitor.omnitagjs.com
1 go.affec.tv 1 redirects
1 public.servenobid.com ads.themoneytizer.com
1 beacon.krxd.net
1 sync-criteo.ads.yieldmo.com ads.as.criteo.com
1 ade.clmbtech.com ads.as.criteo.com
1 sync.outbrain.com ads.as.criteo.com
1 cs.adingo.jp ads.as.criteo.com
1 adx.dable.io ads.as.criteo.com
1 r.casalemedia.com ads.as.criteo.com
1 ad.as.amanad.adtdp.com ads.as.criteo.com
1 adgen.socdm.com ads.as.criteo.com
1 criteo-sync.teads.tv ads.as.criteo.com
1 sync-t1.taboola.com ads.as.criteo.com
1 contextual.media.net ads.as.criteo.com
1 csm.as.criteo.net ads.as.criteo.com
1 widget.jp2.as.criteo.com ads.as.criteo.com
1 ads.as.criteo.com ads.themoneytizer.com
1 pixel-apac.rubiconproject.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 prebid-server.rubiconproject.com
1 ow.pubmatic.com
1 ssum.casalemedia.com 1 redirects
1 sync.aralego.com cdn.aralego.net
1 acdn.adnxs.com s3.vlitag.com
1 cdn.aralego.net s3.vlitag.com
1 ml314.com bcp.crwdcntrl.net
1 rtd-tm.everesttech.net 1 redirects
1 sync1.intentiq.com router.infolinks.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 aax-eu.amazon-adsystem.com router.infolinks.com
1 usermatch.targeting.unrulymedia.com 1 redirects
1 c.cintnetworks.com bcp.crwdcntrl.net
1 i6.liadm.com bcp.crwdcntrl.net
1 cms.analytics.yahoo.com 1 redirects
1 i.w55c.net 1 redirects
1 global.ib-ibi.com bcp.crwdcntrl.net
1 d.agkn.com 1 redirects
1 loadus.exelator.com bcp.crwdcntrl.net
1 dmp.truoptik.com bcp.crwdcntrl.net
1 t.adx.opera.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 dps.jp.cinarra.com ads.pubmatic.com
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 ds.uncn.jp 1 redirects
1 a.dtssrv.com t.dtscout.com
1 pbjs.e-planning.net ads.themoneytizer.com
1 fastlane.rubiconproject.com ads.themoneytizer.com
1 prebid-us.creativecdn.com ads.themoneytizer.com
1 hb-api.omnitagjs.com ads.themoneytizer.com
1 dp1.33across.com 1 redirects
1 cdn-tc.33across.com de.tynt.com
1 spl.zeotap.com
1 pixel.onaudience.com 1 redirects
1 t.dtscdn.com t.dtscout.com
1 kvt.sddan.com ads.themoneytizer.com
1 pixel.quantserve.com www.hawtcelebs.com
1 trace.mediago.io 1 redirects
1 cm-x.mgid.com 1 redirects
1 cs.media.net 1 redirects
1 pixel.advertising.com 1 redirects
1 pxl.iqm.com 1 redirects
1 hde.tynt.com router.infolinks.com
1 img.revcontent.com
1 rules.quantcount.com secure.quantserve.com
1 analytics.pangle-ads.com 1 redirects
1 cc.adingo.jp 1 redirects
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 ic.tynt.com
1 sc.cx732.com ads.adxadserv.com
1 cdn.tynt.com waust.at
1 adtrack.adleadevent.com ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 tag.leadplace.fr ads.themoneytizer.com
1 ced.sascdn.com ads.themoneytizer.com
1 elasticbeanstalk-us-east-2-734424706109.s3.us-east-2.amazonaws.com
1 r3---sn-v2u0n-ntqr.googlevideo.com
1 redirector.googlevideo.com 1 redirects
1 s4.histats.com s10.histats.com
1 hb.aralego.com s3.vlitag.com
1 whos.amung.us waust.at
1 ads.adxadserv.com static.adxadserv.com
1 s10.histats.com www.hawtcelebs.com
1 www.google.co.jp
1 stats.g.doubleclick.net www.googletagmanager.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 www.googletagmanager.com www.hawtcelebs.com
1 waust.at www.hawtcelebs.com
0 api-2-0.spot.im Failed visitor.omnitagjs.com
0 id.a-mx.com Failed s3.vlitag.com
public.servenobid.com
0 sync.search.spotxchange.com Failed bcp.crwdcntrl.net
0 sync.mathtag.com Failed ads.pubmatic.com
eb2.3lift.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 ssc.33across.com Failed ads.themoneytizer.com
0 prebid.smilewanted.com Failed s3.vlitag.com
ads.themoneytizer.com
1030 294
Subject Issuer Validity Valid
hawtcelebs.com
GTS CA 1P5
2023-10-30 -
2024-01-28
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
demand.supply
Cloudflare Inc ECC CA-3
2023-02-19 -
2024-02-19
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-06-04 -
2024-06-03
a year crt.sh
smart1adserver.com
Amazon RSA 2048 M03
2023-08-20 -
2024-09-17
a year crt.sh
revcontent.com
Amazon RSA 2048 M02
2023-05-18 -
2024-06-16
a year crt.sh
1585977359.rsc.cdn77.org
R3
2023-11-22 -
2024-02-20
3 months crt.sh
vastserved.com
Amazon RSA 2048 M03
2023-08-20 -
2024-09-17
a year crt.sh
servg1.net
Amazon RSA 2048 M01
2023-07-12 -
2024-08-09
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
vlitag.com
GTS CA 1P5
2023-11-26 -
2024-02-24
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-09-30
a year crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-11-24 -
2024-02-22
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-15 -
2024-03-10
3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018
2023-08-15 -
2024-02-08
6 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2023-10-24 -
2024-01-22
3 months crt.sh
cdn.prod.uidapi.com
R3
2023-11-02 -
2024-01-31
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
*.id5-sync.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google.co.jp
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
ads.adxadserv.com
R3
2023-10-12 -
2024-01-10
3 months crt.sh
dtscout.com
GTS CA 1P5
2023-11-20 -
2024-02-18
3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-26 -
2024-11-26
a year crt.sh
*.c.docs.google.com
GTS CA 1C3
2023-12-05 -
2024-02-13
2 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
1266287590.rsc.cdn77.org
R3
2023-12-06 -
2024-03-05
3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA
2023-05-10 -
2024-05-10
a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3
2023-10-23 -
2024-10-22
a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1
2023-03-29 -
2024-04-28
a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA
2023-11-09 -
2024-12-09
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.a-mo.net
R3
2023-11-07 -
2024-02-05
3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
histats.com
R3
2023-11-23 -
2024-02-21
3 months crt.sh
*.s3.us-east-2.amazonaws.com
Amazon RSA 2048 M01
2023-10-10 -
2024-09-17
a year crt.sh
c.tmyzer.com
R3
2023-11-20 -
2024-02-18
3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1
2023-07-14 -
2024-07-17
a year crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2
2023-08-30 -
2024-09-11
a year crt.sh
quantserve.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA
2023-01-12 -
2024-01-13
a year crt.sh
*.adleadevent.com
Amazon RSA 2048 M01
2023-06-27 -
2024-07-25
a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-05 -
2024-09-30
a year crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
cx732.com
E1
2023-12-10 -
2024-03-09
3 months crt.sh
adxadserv.com
R3
2023-11-30 -
2024-02-28
3 months crt.sh
onetag-cdn.com
Cloudflare Inc ECC CA-3
2023-04-05 -
2024-04-04
a year crt.sh
ads.us.e-planning.net
R3
2023-11-29 -
2024-02-27
3 months crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2
2023-09-02 -
2024-10-03
a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4
2023-01-03 -
2024-02-04
a year crt.sh
jnxm2.com
Amazon RSA 2048 M01
2023-03-27 -
2024-04-24
a year crt.sh
sunmedia.tv
R3
2023-10-15 -
2024-01-13
3 months crt.sh
*.e-planning.net
R3
2023-11-29 -
2024-02-27
3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
kvt.sddan.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh
dtscdn.com
GTS CA 1P5
2023-11-15 -
2024-02-13
3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.eu-1-id5-sync.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA
2023-01-12 -
2024-01-17
a year crt.sh
u.4dex.io
GTS CA 1D4
2023-10-22 -
2024-01-20
3 months crt.sh
ads.servenobid.com
Amazon RSA 2048 M02
2023-04-29 -
2024-05-27
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02
2023-09-23 -
2024-10-20
a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-16 -
2024-09-05
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2023-06-23 -
2024-07-22
a year crt.sh
*.360yield.com
Amazon RSA 2048 M01
2023-09-08 -
2024-10-06
a year crt.sh
dtssrv.com
GTS CA 1P5
2023-11-25 -
2024-02-23
3 months crt.sh
sync-dsp.ad-m.asia
ZeroSSL RSA Domain Secure Site CA
2023-11-27 -
2024-02-25
3 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA
2023-05-17 -
2024-06-16
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-11 -
2024-09-11
a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-13 -
2024-11-10
a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-07 -
2024-12-07
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-29 -
2024-02-21
6 months crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-29 -
2024-06-11
a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2024-10-26
a year crt.sh
sharethis.com
Amazon RSA 2048 M01
2023-05-20 -
2024-06-17
a year crt.sh
*.ib-ibi.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-21 -
2024-04-02
a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-01-09 -
2024-02-02
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-12-11 -
2024-12-11
a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-03 -
2024-02-19
a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-09-07 -
2024-09-29
a year crt.sh
c.cintnetworks.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-08-08 -
2024-02-08
6 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2023-06-21 -
2024-03-02
8 months crt.sh
match.prod.bidr.io
Amazon RSA 2048 M01
2023-07-19 -
2024-08-15
a year crt.sh
event-horizon.gcp.bomm.in
GTS CA 1D4
2023-11-03 -
2024-02-01
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2023-03-27 -
2024-04-26
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2023-11-03 -
2024-05-03
6 months crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02
2023-04-18 -
2024-05-16
a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M03
2023-09-09 -
2024-10-07
a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01
2023-10-24 -
2024-04-21
6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-03 -
2024-01-24
6 months crt.sh
events-ssc.33across.com
GTS CA 1D4
2023-10-25 -
2024-01-23
3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
*.as.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-22 -
2024-02-21
3 months crt.sh
*.jp2.as.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-27 -
2024-02-21
3 months crt.sh
*.as.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-01-22
3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
teads.tv
R3
2023-11-03 -
2024-02-01
3 months crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018
2023-05-31 -
2024-06-30
a year crt.sh
*.as.amanad.adtdp.com
Amazon RSA 2048 M02
2023-02-05 -
2024-03-05
a year crt.sh
*.dable.io
Sectigo ECC Domain Validation Secure Server CA
2023-10-27 -
2024-11-25
a year crt.sh
*.adingo.jp
Amazon RSA 2048 M03
2023-09-13 -
2024-10-12
a year crt.sh
*.outbrain.com
Thawte TLS RSA CA G1
2023-11-20 -
2024-11-27
a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03
2023-09-04 -
2024-10-02
a year crt.sh
colombiaonline.com
R3
2023-10-09 -
2024-01-07
3 months crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01
2023-03-26 -
2024-04-23
a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02
2023-12-08 -
2025-01-05
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2023-05-06 -
2024-05-04
a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02
2023-08-30 -
2024-09-28
a year crt.sh
jp-ad-exch-prd-two-eks.prd.eks.jp.adexchange.gumgum.com
Amazon RSA 2048 M01
2023-08-31 -
2024-09-28
a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01
2023-05-01 -
2024-05-29
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2023-12-01 -
2025-01-01
a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon RSA 2048 M02
2023-12-18 -
2025-01-16
a year crt.sh
adentifi.com
Amazon RSA 2048 M01
2023-07-06 -
2024-08-03
a year crt.sh
*.userreport.com
Amazon RSA 2048 M02
2023-11-20 -
2024-12-17
a year crt.sh

This page contains 161 frames:

Primary Page: https://www.hawtcelebs.com/
Frame ID: 31685718264C7D237A56A266F4788B2A
Requests: 291 HTTP requests in this frame

Frame: https://www.hawtcelebs.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: DD2633B9AA8405257D96AF04025786B5
Requests: 4 HTTP requests in this frame

Frame: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FA494B6015EFCD2BDA61AACD0852D50F
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 281603DB58E6F1D85B6A86CADD7E871D
Requests: 1 HTTP requests in this frame

Frame: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6775D20B59B79CEC476C7FD6803795DD
Requests: 39 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusUOUcUrUYxZuji6PCEdkehggsr7btLI8gFWbf3ijI-U06374a8USJYyG6IdIK3F9pUOtj_7-qMrD4vZ6LEWlUQ0heLdAA7jbO5sPZw6ImVHe7R-nYiUSRHylYmoJZ2oENj6-1-ToNZuPAw7s5zuNz_sRqFuan4SL55F3onQroxAHMrk4Uv-GDm20WhuNgI_6OmvwXmsEXgqxba_0cGWA667bNvAOqFjTLEGtcnoP-MG6OpZIK5rQIYH7RzhKSiPfInW3va92-MLlyzK857LUQVJ4c2zXj5eHXNk1jiFLMToWe1TreoCa7kh4FzDe3Rxwkz4TuRBZbCm2uVpqFIH_1nYJW7kMV8wngp51gkYEXn6e94Y9nv0Ni8KA0WFxfcg7xoHwhiEP1UHQB3j_WHwQ10NLirmaWkyZtVQWSxVnFIhxkPPOy9NC7yauqwVw&sai=AMfl-YRS4ODWR9NsLC5KqgcAyRMQDFCOAdsCIXNpTIbm4PS4VL7HMAkveDfjgdVp_QQm8wpsEb-SzDqPVRRihkV47b1oDv9VzNeoZRDgOCvZ-NnCZcy0BpECB382c-20pJJz1ou-0iq0hNT7UzSgcEXqPj4&sig=Cg0ArKJSzNBVBNZlwd-_EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 9E1481EFD0E9775DB60F71B7ED673792
Requests: 2 HTTP requests in this frame

Frame: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 96FB7EE2B2F1F972E7093B6C60782DB6
Requests: 39 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 376492BF8ECA0EA43A9E13A531FC4D9E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 5BCA12669B8A9F45EFF5A7C182A104B7
Requests: 3 HTTP requests in this frame

Frame: https://ads.adxadserv.com/ad?spotid=6523ec2361d6e22ad53d3fd1&type=300x250&output=html&extra1=0&ref=https%3A//www.hawtcelebs.com/&dt=1702872164135&screen=1600x1200&tags=
Frame ID: EDE9C812602D476AEE100997CB035158
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWeeuQOeTjVLVEzzFNsgYXiS-q8iTaHUnm4cZv7aWn_2Tg6HNyex9SZnMkRCgy-JaBCTSQoxFXKBMruen6VDz3I7Tsh8rzJdXlzmXrJjIrp5Z811BKkPOPKDsT91xz_YYIneyche-wZuv-Lp5n4NNQUrOAPH3U7Vdm36gwNQ_HrlFPpb8iH0D8JvIQff8AJLUdk5qVYDwHFfc89NAsNHmshCy3UkFOXNzs5dFjq8QSTmb1opV0lm3hVoiLE_k3UQ9Bk2GrvUiP4HGZFB3afdL43CCiXDXjteveAKCUVMvFgL4qxFiKQNbVHDfZr3O3EGhgwHQwEWzzoHNYMRx2h6YNmtLcIt1gm5k4lXivyCWs0eu-lIPO2GSE4iWl3MVK5to&sai=AMfl-YRVpOzb4Bj9zjbuUDad7ZFaMxC8xldlzGffTEw6veLWaPBd7wqBo5K68RibN3-pTH86fJQuHmGbucT7OWBtEUdbqyRQRYcC1GYUrWxZrvGmMoCxGQVQs-_iozUq8IY&sig=Cg0ArKJSzC27C8HqR_dyEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 24D7755BB37EDE9DC7B27229BCB4D701
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUZ_pV1RynzdPrYnkUFlsuUx7NZs12e7_H6cQWDUyTehzADCtWECF_m5mq6bH7IiQ65KbeGKMAAarFN_uMmi3ZJ4gX_eI8iVDCL6bMQmBUfLKusNLH192oMp8fpoN_GJYD0ZcNm0yjG34qbjcmoRcyaA-SZNI6G8smC-EUl_54fLympHv-IpDhWyTjbawPIFZS7WtnySjWdhwMPvJSXtA9T0fhmgtOFSUGE7N9FrpqkfPdXXhkizg6hPig8YqYIE9cLlCVTZLMvUP3m4i6Plgb4K9NDx4u1340S38bB21ewAPpMlKg1d7yzluOF9QRN13fXyEcUmm0ltPdu5YT76ly8mXgCu8wVCN9NGt-UZxFxgdMfqoYMy-3dKL_1Q&sai=AMfl-YSVHThLP0Mlm8njr__1A7eJqoH1_jYmSRK6wSrIdl-BXXWT17Yv6bvUmj1O0sjMP0FKnIO4nrwDnvXJJGlMivofcbLX8FRqBHwoP8J-MlQGye1klPAZBXJvdUIoS5Q&sig=Cg0ArKJSzBn7beGRCvY0EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: E358CEC4BA916E5466A42EC6F488472A
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuM1WL0WsgnvFQ6Cb4gFvM7NtOk0O-_mxKH2odIeNpofGE2kzVVfgNSSCv8ppuTmDq0RIZORbCHHvbU3k46Vmvrzwwixw4Ruc3-83kJBLW3p0IFGOJZYJLzxMD0yTPKe_sziYx1IPQmtPx5OvdTbqGKjvVvHFanz42nsHaeqgPN5PDtlb-zamevmUcSHUma9hResQubYAMU8Dk8u3qgLiED1RgTAjDxFio7KXSEBX0s5WQeEO3AEBAwT1_JtLZ11aiJ3XmOVNhTsVC1_RonuvrlHpC2jBD7-0jTX-FBJ9dhQO1RJzjpGsjrPZvHhtkK0W8BA0wJJw1CVYQR1K-sqNKNapkSAJW_OrtT_B4IUX5r1o8xp6D3sMBN9UZtIIw&sai=AMfl-YS6Lz1yb93S_Ipn4Br6vW4O1y2mXJ0lE5GmSQI4rIqQrhSoR8BUWR5GeC3RbPNFzAo8tfZ2niZaOLPlrGobYbFSuIwcFXyk_G_5icX9j7yIKjQI6E04Sm7Zzz63ziI&sig=Cg0ArKJSzLrX5GnETpBxEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 3FB693AB2713C93B93DC7CEF1DCC1A11
Requests: 84 HTTP requests in this frame

Frame: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6EB9A6027D1096F90F1CC660413236C7
Requests: 39 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1702872164499
Frame ID: 102B609505E01A1F2B82C568A32CD8C2
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001702872164961943D5DB294AB097
Frame ID: FA85215C1CE7DF525D41706516AFA742
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Frame ID: 12B913F4F55B41CC04B7FC18758E1BE7
Requests: 27 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C1369ED8B80461DF2A429DC1C54BC8AD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 39CF8A6D23BB6D78A9AE613439813D83
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Frame ID: 489459A7E6982994517479BE2235EF94
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3400556769C3456BEABA97129F20E2AB
Requests: 9 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Frame ID: 727B0016FE0BCC4C3BC705136C5F2B94
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: C64B88CAFC00D274FD619640F21963D7
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: A501425B75850223BDCCB25D8952563A
Requests: 1 HTTP requests in this frame

Frame: https://jnxm2.com/rnd?ref=https%3A%2F%2Fwww.hawtcelebs.com
Frame ID: 66E5379325595A3809B718F689949704
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 6A8F2EBA62B587B2DFE520A7492A7283
Requests: 3 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?v=8e71a8c&pid=1000177
Frame ID: 15922D059DD63053D35D10BF36A423C7
Requests: 2 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?v=8e71a8c&pid=1000177
Frame ID: 66E645F29BE243F667DD3BA2620EE899
Requests: 2 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: 0DE776927AFF19D4CD1A57365EA6847F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 16C03BA3BC72902EF8FDB399D27AED74
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: 619E96533AEF3BD31C8E0BA3F382CD15
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: B01CF6815615728DB283FA1A78AD5AC2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 3D5E9ABC3750C0AFD42B5CA00C287A50
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.hawtcelebs.com&gdpr=0&gdpr_consent=
Frame ID: 04F76251A474A19114355CAE3E6EC648
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 0AE719A03F78012EF65D9EE93A26ADB8
Requests: 17 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 202A1021205729629B9CE2E42045F9EE
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=eplanning&uid=AIhrPcY1-OUrujN8
Frame ID: F28B30FC599225C65317ED6510675F20
Requests: 1 HTTP requests in this frame

Frame: https://jnxm2.com/sclk?ref=https%3A%2F%2Fwww.hawtcelebs.com
Frame ID: C4CE2497819B2E8DF1E0D091395BC747
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 32C999BE796488AFA03AF5F08C25E32F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AXBteJPs9Q2dks8AED41uJB_M88AAAGMexcw5g
Frame ID: D6DA682EA10E1A9B2B9AD43A5D31517B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 5A64832DC1889F27C8A8531D0891DF9D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_76fd0c8d-0f30-4e38-a2b3-06788d125e14
Frame ID: 614ECD1746DD2E9A6654603A11CF423B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3456854436429190532&gdpr=0&gdpr_consent=
Frame ID: 43E202878C380D4E7B0EE8D7B745EF3F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OLZnNG23Zmcj4jVraLN9NGu6YzMjs2BraruJ0GyU
Frame ID: BE4328293AFC50A747E3DBC96887FCC1
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 529944878D752EAF68E0B143BD65CD82
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Frame ID: 6DB15CFDF326C91D5FDEAC96241662EC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 1BAC89A0A94D137B0C26445C8A0B36BF
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZX-EZgAHv4QGbABd
Frame ID: 49384EB3B544A69A158EE06CAE0F44CF
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: AB489A9AB7099FE31516223AA6B32FAC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2572d8ac3aab42c0b6b58517cc2b6113
Frame ID: 5E405D82F3E180659A3AB822D6026CAF
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 75B8B6345A8F9914B1A5F8268F8C7930
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tbl9rNCgWh58tQAahk-VRpJGyeg&gdpr=0&gdpr_consent=
Frame ID: 68DCE9EF9CC1A428F3929482984599FC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=srNVz1scDwOPrHojZsR_ZQ
Frame ID: 96946BF31A06A074E56499380E85BD7B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUbed9a68fd8424706a7283bd61e9a4f84
Frame ID: E0B621832FBADB4C55572209F8D7C4D0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 9FEBA58C5430170130C2811C5C0FF1B2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:98384A09DAF4490180DF4D059ABD8851&gdpr=0&gdpr_consent=
Frame ID: 4145973CCE28ECF263559269FFE071DB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:y2LtAdkx1Rf4Q65&gdpr=0&gdpr_consent=
Frame ID: 997D8BD457337A531078D86CFA8FB7C8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1978557985234180976
Frame ID: 2D5CD9D7B279C5A67AB5F1F4D3C70730
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 0661DD2F8EA4C910817FF4DD3ADB0AF5
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Frame ID: 0E0562EA448F947136407F5225DDE4A3
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Frame ID: C29D17E0B34D0CA3489016F092D56350
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 046EAD2E4F2C1304DDBE1A454BA08001
Requests: 24 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=153%2C122%2C8%2C145%2C2%2C92&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: AF71144DA065BFFBA8FEF4545B7C1668
Requests: 7 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Frame ID: 16BB7C6312340351DC7C6C1DB6F76DBC
Requests: 7 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=eplanning&uid=AIhrPcY1-OUrujN8
Frame ID: 654E6D724CB3D07989E075107409675B
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Frame ID: 98D46AB42812C445C67811A9CEAE7404
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=135%2C61%2C14%2C103%2C125%2C2&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 673201F222F6A8035B6F5866D60A4F4B
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 73091C803DDE2382CAA6D353F779C2C6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Frame ID: 96F74B0A5209412171665E4B751E0A72
Requests: 4 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 002AEE1F8F50A3D1277C58AD75A4B504
Requests: 17 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 4FC09E542ACD41F351C0DBF84EF83A3B
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 2536DD3D89FF1D9B4A95549CCBA1950F
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AE4494C24B81B61A7C784710D361E1FE
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: ABE95A78DDADA5CF725210BA7379B196
Requests: 11 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: F8B5C099861F8C9B941699554697B9D9
Requests: 8 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: CD3B396AB1FE2D7927E0E6AC6809DEC0
Requests: 10 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: BD60CC4E990C0AE1D16468ECE8B0B08A
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=xap-184388&uid=A1171917415455838230
Frame ID: EB30249DA4FB182DFDA8B686BA6F8AA9
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=xapads-mw&uid=A1171917415455838230
Frame ID: 6C467F8D8CEBF96039ECB52A9C1F2495
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=xapads-mw&uid=A1171917415455838230
Frame ID: 172F67DBFF023EF1FD454985B4E13EED
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=xapads-mw&uid=A1171917415455838230
Frame ID: A1C40A4982EF91173D595AFB9D95776F
Requests: 3 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: FDDECC82B42942E76BCEA0A3838788AC
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 66D309F746B677A07E0C5D8F0AC580EF
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Frame ID: 856A721094CDB1F99A389392DB383BF4
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: D5C7CB6F6B2DA7F577DE9E419CB8CC8F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: EE0FCE166D38945E0F7BF722AB480979
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/3831266057273496277
Frame ID: C10CC43F1A2537291D36F59EC3434C04
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/3456854436429190532
Frame ID: B0DB3AE586818F35A35AB3AED7C82E14
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LQAE4DBJ-U-JCL5?gdpr=0
Frame ID: A056C7EC8C83435B66273A8AC1B79674
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162882&userIdMacro=PM_UID&predirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D149271%26dsp%3D614719%26t%3Diframe%26uid%3DPM_UID
Frame ID: 964108CB0976620A18054E5556622CEB
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: B6729CB8F4C2A32E6C7B942A887288A8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&partner_id=1010
Frame ID: A845C7E193697CD3F5298BF2937A6859
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=149271&dsp=614719&t=iframe&uid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Frame ID: 882B5A17A11D8845C9A033D8284D48CD
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/3bc52bf9-24cf-4180-81b6-5f6c148a94c6
Frame ID: BDD61B1A981A19D83E83EA471F51539D
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=149271&dsp=614719&t=iframe&uid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Frame ID: 14E571192020314B0F7F590ECFCAE172
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Frame ID: CADC8F27E826D2C2EC4AA5F86F21BA4C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/sovrn/H1vSCLZH1GFpiRLqQlWJzlOb
Frame ID: 7562E7658E8D66C45FF5CA97A5727DB5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/7965596858226237483
Frame ID: E6BC6C2EE581879E9854AF75C46E5CE7
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/hzidrib9tQE7W3yXPLN4?gdpr=0
Frame ID: 27BE256BEC8E9055A2C38DDD508BFDD3
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48?pi=smilewanted
Frame ID: 17C93DA5235D9CD01BC935A384700DF3
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Frame ID: 5FAEC201EF2F01C53155E5DCDBB3D415
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Frame ID: 04F42976122F0EB032BCA69513E2F643
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Frame ID: 14B548FD2BCC88B27A473EC1BD14CF47
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Frame ID: 136BC37DAF2F743A4725608F213A8922
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Frame ID: 20D185254CA555B53BBE38FAF1E3DA31
Requests: 1 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Frame ID: DF3517637B20B0E7AFFAD52D90386F59
Requests: 12 HTTP requests in this frame

Frame: https://cat.jp2.as.criteo.com/tpd?dd=nMZ2bl9tZGFUblJUSU1kTjZvU1oyS2tJUzJqSzBEbUE1ZEVrejM4VCUyQjVPNURFd1c3Y0Z4MHdpT0tWRE9GNFhQWGE0VDNvNmc5S0lDdnRuZldJVjczYUQ3WnRMN3RWV21TRWFCYmY4MW1IU0JYQVolMkJzcmFETkNZSVlmZE9PUnNBeU5pSkZreG9OWWZrMHA0c2pXZSUyRk9mZnczQm92U2Q3eG5sSlBYYVM3TVRUem9kTFlvQTZvSnVYd0pvN29IcFhrU3JBYVBlbTBocmNYJTJGQlhaWmZxMUM2TnRsSW5ObHRYNWNqSVRsRVlxVTFBbW9MTTJRQUVzRmlqY1klMkZib0hQdHhRaVBESzYzSjljazlZUGVlc0lmbHpkWG9melBocTRlQU0xUzd5TjZqQW9NMUlGNGV5RGVTWEdIeDZodXpacTc3R0tiY2ZnNkFWeEtKR0h5RXkxS29neFU3VnFzRElxZndWZnd0d0pPckZEaSUyRmp2bjRMdGc0ajluJTJCMkc0T1dhV0lDRTltUFBvbHM3JTJGMTV2aWtWNEVibmFRRmVzeFNQVzR1WGFXTGo5YlM4YTBNMlBFcXpBaW56NDJOSVF6NDFIcXdtenRmTUNBcGZ4WGxIbnU3QUV4TXUyNWxzZUElM0QlM0Q
Frame ID: 483CFC101845925A5C4F4E0DFE86F109
Requests: 1 HTTP requests in this frame

Frame: https://widget.jp2.as.criteo.com/dis/dis.aspx?pu=205817&cb=657fc46ab24558d2ac0e8130c2588d01&r=https%3a%2f%2fwww.hawtcelebs.com%2f&crossorigin=false
Frame ID: 99C4EA613D03AE4838C5D18391DB550A
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-AHZQTzviUu-uPmYpVHXLQwwlnVBWz0pSDlIIaw&google_gid=CAESELWiAbKg15AI4yOjfD81dGo&google_cver=1&google_ula=913071,0
Frame ID: 65212A3A42F8FFD61B49E4F3690C63DD
Requests: 28 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Frame ID: 09E18523CF2838AAEE7114F4A2D24AC2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702872166812&gdpr=0
Frame ID: CC0F315704CFB04E9B295A1AD58E1D5D
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Frame ID: 1FC0FB1E07AEF468A27A7103F84D3A71
Requests: 22 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: F3AF24FB6F44D86ABFE94D0A102B598E
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 5FF0A5BB79D7E30ED35E9662E1626A37
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: E3761E0856D65A938F85FF36A365412A
Requests: 13 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CsQBShJ3d3cuaGF3dGNlbGVicy5jb21SC2Fhcy0xYWMwOWE4WghwYmExLjMuM2oSd3d3Lmhhd3RjZWxlYnMuY29t-gEGOC4yNC4w6AIBiAPkiP-rBqgDMeoDJDk0Y2ZhNjNlLTI2MDktNGE4ZS1iNzgzLTYxZjU4MGQ5OTExNKoEA0RDSLIFA1VTRNIFCTEwNTE5OTU0MtgFAeAFAeoFB2Rlc2t0b3D6BQNzZ3CqBwN3ZWLKBw5oYXd0Y2VsZWJzLmNvbeAHAQ
Frame ID: 2EB81409AB0C6501689642906F7BE7CC
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: A3357431A17CAACFAD550A6668D542A4
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 7968184B7CD9EBC6FC8108E6A9228460
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: F25423CD6D700F66CE26DDC230705914
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: FB7CE9799B98DE4E42205B377B24BA43
Requests: 3 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Frame ID: 4D9DE27916EDBFCAE7ED486FA17C9399
Requests: 3 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: 8799328DE128004EB591B0380222863B
Requests: 6 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 6D548ADCA74B745CEB7A6EBB92DA2338
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/3831266057273496277
Frame ID: 12B0DE0158C1FD8E90E25C9F94B0D59E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/3456854436429190532
Frame ID: A5D2F73F79D5859A0C873543C4B703C6
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: CA139469787FBC632B342ED015A72B0A
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 73CD10383A1DF6BF3374FDBDBBEC2B11
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 67A7DAD3B25EFD802B404E6E42868873
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 9085DB252E308C8DA2C21030AAD3B030
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 5310644A52E3D262948146EFAD4F90DE
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 60A4E9FE66A7CD33C3DBCF34FFE24A28
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 63539CD8DAFE0C90470065E11F7DC814
Requests: 3 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: D99E90D03B6892E560C581F3855B0B95
Requests: 2 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: A86E9F4598514D705311850EE1BE8F3A
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LQAE4DBJ-U-JCL5?gdpr=0
Frame ID: 2EA558320B4FCDD22F9CFAEF2D38D526
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=7965596858226237483&gdpr=0&gdpr_consent=
Frame ID: 501C2265860686C6A5EBD17AFC313ED0
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hODlmMTg4Yy0xNDQyLTRlM2UtOTI5Ny0yMmU0MThhNDBjZWQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 943A91BAF37BF9AC276257C233CEDA95
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: D1B3ABA654D009BF433F3CFE84B3B175
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=45d05fd7-b774-43df-ba7c-91fe06509f64
Frame ID: E2894639C6BF27932337A47024D4F892
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZX-Ea8Co8HAAAHg0fUEAAAAA
Frame ID: 683C784E5A12FC458150C9A33EE29613
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48&pi=gumgum
Frame ID: A5AD5145C9275634312FBCAC9D88F81D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 5343DE4576929F691B00F6CD977271B4
Requests: 4 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Frame ID: 504635B6C90290E23AA2A42CE55E8B54
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&partner_id=1010
Frame ID: 6A447E7917021C4C7E2E172135178C2B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Frame ID: 5B3414228DB6817039BB3AD0B0B6794E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5adb88524e24e50&us_privacy=1YN-
Frame ID: C1F464B50669928F791DC4F882DBEA09
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1YN-
Frame ID: 985D9DC1787B6CFFFF0392159620E7C6
Requests: 6 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/152mediaweb
Frame ID: FB6E9922BC5061730ED92656C1E22E03
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/3bc52bf9-24cf-4180-81b6-5f6c148a94c6
Frame ID: A04B1AA26E5854F7084F4C7D5084936F
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Frame ID: D47EEAD16E9D9AB67D2F3D923E66C07A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/sovrn/H1vSCLZH1GFpiRLqQlWJzlOb
Frame ID: DB3D17BE895CF17DB83D828777F1A704
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Frame ID: 172B2FE9B9E878913086D810004B0702
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/7965596858226237483
Frame ID: C2D2023CCEAD664F82CA5D491986FB52
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/hzidrib9tQE7W3yXPLN4?gdpr=0
Frame ID: 32214BAFFCE1A6C62E120669C36A0FD4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: B34DF63F8D7AE6C12F8766C74842ABAF
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Frame ID: 694B07329F69139E0E2D07DC2760E17F
Requests: 11 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48?pi=smilewanted
Frame ID: 164071CF69BE4DE241B20C2353542508
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-3kMXH6tE2uFQJwlaEomAZmA40ujPgZp.Ci3pHIw-~A&gdpr=0
Frame ID: 062C7D01F4ADF60A8C39094573EE0C58
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&dsp=629319&t=iframe&uid=AIhrPcY1-OUrujN8&us_privacy=1YN-
Frame ID: 5A14EBC74B21BCA31A460EC82CF51031
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Frame ID: 9556953D28BD85ABA53D2587CEA33781
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=43%2C65%2C108%2C105%2C2%2C115&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: EDFAC2BDABDC106C2EA57DC3ACB7B569
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

HawtCelebs – Latest Celebrities Pictures

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • require.*\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

1030
Requests

74 %
HTTPS

29 %
IPv6

169
Domains

294
Subdomains

193
IPs

15
Countries

15441 kB
Transfer

24770 kB
Size

291
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://www.hawtcelebs.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.hawtcelebs.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Request Chain 52
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.hawtcelebs.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.hawtcelebs.com%2F&rid=esp&cc=1
Request Chain 125
  • https://gcdn.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408163/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/3A87C5E7F28649CA2BA53C1CF7A4D9B4FA3A33.58D91BC771BA5A4DDDF8A2263D070611A46E2BEB/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408163/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/515220E5F2F86B7352DB10BE6AC0125B3B902365.12A67CE97DE9CBA88CA60956B2902D70892455AF/key/cms1/cms_redirect/yes/mh/Tm/mip/2001:ac8:40:1e::2e/mm/42/mn/sn-ogul7ne6/ms/onc/mt/1702871579/mv/m/mvi/2/pl/48/file/file.mp4
Request Chain 136
  • https://gcdn.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408163/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/3B64FF9D0CA794AC0FCD756052255D8921CD68DD.AEA4FFC9815FC0F4706B1EF2F00B02F97CDFE31E/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408163/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4144989C5A7C893C7917DD1482F03AD029193A29.7215039065EBE48FD89885BB0A2AE7C51C5C1CBB/key/cms1/cms_redirect/yes/mh/Tm/mip/2001:ac8:40:1e::2e/mm/42/mn/sn-ogul7ne6/ms/onc/mt/1702871579/mv/m/mvi/2/pl/48/file/file.mp4
Request Chain 188
  • https://www.hawtcelebs.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.hawtcelebs.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Request Chain 196
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_EvwIQ_OjYAhjFq-X-ASABMAE&v=APEucNVEhfnZ9je6jk_oHThDx2RgXm0LniQ07AVccXxdPCy50tNZ4wyudHS8dTclMHO3tdxiiGzMYzKa_IPwrdildDW6NXY9rNaIA9kU2OwgC7ojcKbrC2I HTTP 302
  • https://s-cs.send.microad.jp/cs?key=google_1&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Request Chain 242
  • https://services.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y HTTP 302
  • https://redirector.googlevideo.com/videoplayback?expire=1702891364&ei=BLt_ZdauCJ-ulu8Psqe7EA&ip=23.92.64.170&id=o-AJA5mcMNJOdtkQDLKAD2ZSRdgb6wEE31jBnvO4m9wuXL&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=d6&mm=31%2C26&mn=sn-q4fl6n6s%2Csn-a5mlrnek&ms=au%2Conr&mv=u&mvi=1&pl=24&spc=UWF9fyUe30UvvW1mhE70L6hJETfZBbUioDg0NVWdjw&vprv=1&svpuc=1&mime=video%2Fmp4&ns=mgZHbNJWhlNYgklrPZ3vFrMQ&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&mt=1702868725&fvip=4&fexp=24007246&beids=24472445&c=WEB&txp=6219224&n=-BKPWC-sWGEifAfaW&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AJfQdSswRQIgKc6LEkgAaN0iIJoUcAYzRab-mhyvxaiylkRZ9ogrB6ICIQClfZjYKAoewtpA_u8a3cago8eE7OBZn7071jbSDCUiPg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AAO5W4owRQIhAPELSZP1d-N5V6mXc20sGbrCnwiNm5krSN878D5y61mTAiAQSrGFZlPybyGqA7UmEm_xt4cPq10a0jG1ZAX4kyi7sg%3D%3D HTTP 302
  • https://r3---sn-v2u0n-ntqr.googlevideo.com/videoplayback?expire=1702891364&ei=BLt_ZdauCJ-ulu8Psqe7EA&ip=23.92.64.170&id=o-AJA5mcMNJOdtkQDLKAD2ZSRdgb6wEE31jBnvO4m9wuXL&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9fyUe30UvvW1mhE70L6hJETfZBbUioDg0NVWdjw&vprv=1&svpuc=1&mime=video%2Fmp4&ns=mgZHbNJWhlNYgklrPZ3vFrMQ&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&beids=24472445&c=WEB&txp=6219224&n=-BKPWC-sWGEifAfaW&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AJfQdSswRQIgKc6LEkgAaN0iIJoUcAYzRab-mhyvxaiylkRZ9ogrB6ICIQClfZjYKAoewtpA_u8a3cago8eE7OBZn7071jbSDCUiPg%3D%3D&cms_redirect=yes&mh=d6&mip=2001:ac8:40:1e::2e&mm=31&mn=sn-v2u0n-ntqr&ms=au&mt=1702871852&mv=m&mvi=3&pcm2cms=yes&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pcm2cms,pl&lsig=AAO5W4owRAIgf4A0V1Umps1uOoRlM51MAH2yh2jxHse6XDf2unbVyVQCIBprXiPaS-IVdBWymylp0d6vH9hEBNAjZML6AMtmYGGU
Request Chain 248
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_EvwIQ_OjYAhjFq-X-ASABMAE&v=APEucNWk6UsCpKMqoC4oXNqxdFMS7A_8IBUT023sCkDmqXF8gJUfsOmfVogCwtgFCi35XchzgJb8KEVLoLNaZye05LPdpBFBAgiIPXWgq63VcjcObGcDv-I HTTP 302
  • https://s-cs.send.microad.jp/cs?key=google_1&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Request Chain 313
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Request Chain 314
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&zcc=1&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D&cb=1702872165021 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2463664477 HTTP 302
  • https://sync.1rx.io/usersync/turn/7452765401729694219?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004 HTTP 302
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
Request Chain 319
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEMHQrpgEG_N_DUEmG7oH7Bk&google_cver=1&google_push=AXcoOmSGgOKNYHUX64SCl23xs5bsE2DS6Q_rZmmkNYwsvK7dMZJ1vMH6Bz5S2ArgJe91w586NzLWgKfLI92o7fvLF8-eHzJaWtpH&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSGgOKNYHUX64SCl23xs5bsE2DS6Q_rZmmkNYwsvK7dMZJ1vMH6Bz5S2ArgJe91w586NzLWgKfLI92o7fvLF8-eHzJaWtpH%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMHQrpgEG_N_DUEmG7oH7Bk&google_cver=1&google_push=AXcoOmSGgOKNYHUX64SCl23xs5bsE2DS6Q_rZmmkNYwsvK7dMZJ1vMH6Bz5S2ArgJe91w586NzLWgKfLI92o7fvLF8-eHzJaWtpH&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSGgOKNYHUX64SCl23xs5bsE2DS6Q_rZmmkNYwsvK7dMZJ1vMH6Bz5S2ArgJe91w586NzLWgKfLI92o7fvLF8-eHzJaWtpH%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 320
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEOkFLsabmUHy2beliGwT54&google_cver=1&google_push=AXcoOmSF2KRb7c6zzBnwVpyNFiF3BYC-KkZa_DfaiQFYTUdM1QR1pWwvPvBYrhuQ0VmT8XoJzKLyjLMaeh3_xZnNglujdsypk5ux HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEOkFLsabmUHy2beliGwT54&google_cver=1&google_push=AXcoOmSF2KRb7c6zzBnwVpyNFiF3BYC-KkZa_DfaiQFYTUdM1QR1pWwvPvBYrhuQ0VmT8XoJzKLyjLMaeh3_xZnNglujdsypk5ux HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d24265c2-e898-4326-98a1-799f75027517&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSF2KRb7c6zzBnwVpyNFiF3BYC-KkZa_DfaiQFYTUdM1QR1pWwvPvBYrhuQ0VmT8XoJzKLyjLMaeh3_xZnNglujdsypk5ux&google_hm=oYURqEc5T2OfKnZP6qOLNA==
Request Chain 321
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKMZLaf-qHcomofL-r30pTA&google_cver=1&google_push=AXcoOmQINYafC0dzs5fksMa5fsjpzIge51Fe-rVWI7rc7PYsbOC_u2ySEq9TMC3fS8zVFi1sbGpQFzym3gjeS4fj5apdgecxz56- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQINYafC0dzs5fksMa5fsjpzIge51Fe-rVWI7rc7PYsbOC_u2ySEq9TMC3fS8zVFi1sbGpQFzym3gjeS4fj5apdgecxz56-&google_hm=eS03OXJmYzhKRTJwRmxIZXZCeDZoNXhMWFNVa1UuYWJsQn5B
Request Chain 322
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMGI_EgARLTFSFladWVsyzQ&google_cver=1&google_push=AXcoOmT7cZGlM-il___4LrDtWtRnvqz0FLIBdCrL1_GyTrcNcgL_-IVvafhcfUptp8KDozATq0rAynZuqjYaTcPBsdav1EdwN2DZZA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFBRTRDMDMtMTgtS0s0Qw==&google_push=AXcoOmT7cZGlM-il___4LrDtWtRnvqz0FLIBdCrL1_GyTrcNcgL_-IVvafhcfUptp8KDozATq0rAynZuqjYaTcPBsdav1EdwN2DZZA
Request Chain 323
  • https://cc.adingo.jp/adx/push/?google_gid=CAESECaXohL3oAEu2pWWjVPrJ7s&google_cver=1&google_push=AXcoOmRCrnPgSmSuuoEXLj9tmoWiAJFj-XfXAQCIy7NZvd0zVWvKigEuNcqPn0eoL7HcTXcmY9v1s5dz8n37lBopBnU-BLZuvH8I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmRCrnPgSmSuuoEXLj9tmoWiAJFj-XfXAQCIy7NZvd0zVWvKigEuNcqPn0eoL7HcTXcmY9v1s5dz8n37lBopBnU-BLZuvH8I&google_hm=006016572373698c0fc139aa7613f90a
Request Chain 324
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDB6c6IDA_PPaMPE_DNB8Y8&google_cver=1&google_push=AXcoOmSsbC_BXbK7kPB004r6yrhnS4DRVRJc_dj2cdSwizF551MFbFaGE24I-vY5BUb7ptGLKX4HgyFMtFtpa-kjf3PGtJ5niy5WCuU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSsbC_BXbK7kPB004r6yrhnS4DRVRJc_dj2cdSwizF551MFbFaGE24I-vY5BUb7ptGLKX4HgyFMtFtpa-kjf3PGtJ5niy5WCuU HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 325
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEDifz1jnEpK1wztoYxaAyLs&google_cver=1&google_push=AXcoOmTr75xbOyqfsVrQsGs2KH9HtEOmVtPtKiznoqa9W3AJauNr8M4tNhPVKNQGLldUpSyjNZK3zxj4gE6B01HBxQxLOKR7WaDmOQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTr75xbOyqfsVrQsGs2KH9HtEOmVtPtKiznoqa9W3AJauNr8M4tNhPVKNQGLldUpSyjNZK3zxj4gE6B01HBxQxLOKR7WaDmOQ
Request Chain 339
  • https://gcdn.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408164/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/2B6D9716E1CC8A64856AE16C9CA90838A2C99AB0.92D119E9B2668C4EC95345167DF72BFB26ADFEB3/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408164/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/738F2114F13C6DC721A312F206446CECE0059BFA.2404F4D8C0EB767F40209A5497FC31AE9513589A/key/cms1/cms_redirect/yes/mh/Tm/mip/2001:ac8:40:1e::2e/mm/42/mn/sn-ogul7ne6/ms/onc/mt/1702871579/mv/m/mvi/2/pl/48/file/file.mp4
Request Chain 344
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Request Chain 345
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Request Chain 348
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=3456854436429190532
Request Chain 349
  • https://match.sharethrough.com/universal/v1?supply_id=k0cy4N0g HTTP 302
  • https://router.infolinks.com/dyn/sthr-us?user_id=6ac368a7-0a41-45c6-a666-84d78d8f6519
Request Chain 350
  • https://pxl.iqm.com/i/ck/infolink?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fiqm-us%3Fuid%3D%7BIQM_COOKIE%7D%20 HTTP 302
  • https://router.infolinks.com/dyn/iqm-us?uid=41b134c3-1be0-4824-96d5-d0c1b439f979
Request Chain 351
  • https://ssbsync.smartadserver.com/api/sync?callerId=112&gdpr=0&gdpr_consent= HTTP 302
  • https://router.infolinks.com/dyn/eqv-us?user_id=3831266057273496277&gdpr=0&gdpr_consent=
Request Chain 353
  • https://ups.analytics.yahoo.com/ups/58786/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58786/sync?redir=true&verify=true HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-iApnw.xE2uI7uNomz9yv1oBAK13yd62C~A HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3399&partner_device_id=y-iApnw.xE2uI7uNomz9yv1oBAK13yd62C~A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=00f7adb4-7718-4b77-b3bc-531c16088d62%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=45d05fd7-b774-43df-ba7c-91fe06509f64&ttd_puid=00f7adb4-7718-4b77-b3bc-531c16088d62%2C%2C
Request Chain 354
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1702872165021 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3602100522 HTTP 302
  • https://sync.1rx.io/usersync/turn/7380707807691766283?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004 HTTP 302
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
Request Chain 355
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__&s=2 HTTP 302
  • https://router.infolinks.com/dyn/zmn-usync?uid=hzidrib9tQE7W3yXPLN4
Request Chain 356
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID HTTP 302
  • https://router.infolinks.com/dyn/tplift?uid=2237294431585906453658
Request Chain 357
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D HTTP 302
  • https://router.infolinks.com/dyn/sonobi-usync?uid=643a2bf9-4a90-4828-b0f4-6d74658c8e3b
Request Chain 358
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://router.infolinks.com/dyn/imd-usync?user_id=f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&partner_id=1531
Request Chain 359
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-9y9MlklE2uFEhyvU_beNUO19Cd8TL4c3~A
Request Chain 361
  • https://sync.adkernel.com/user-sync?zone=208912&t=image&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fqora-usync%3Fuid%3D%7BUID%7D HTTP 302
  • https://x.bidswitch.net/sync?ssp=catapultx&user_id=A1171917415455838230 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=catapultx&ssp_user_id=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-kbQtApVE2pkzN8q.EeD6UxwPAkdqVuf73soFKA--~A&expires=5&ssp=catapultx HTTP 302
  • https://sync.adkernel.com/user-sync?dsp=336050&t=image&uid=a18511a8-4739-4f63-9f2a-764feaa38b34 HTTP 302
  • https://router.infolinks.com/dyn/qora-usync?uid=A1171917415455838230
Request Chain 362
  • https://ads.stickyadstv.com/user-matching?id=3695&gdpr=&gdpr_consent= HTTP 302
  • https://router.infolinks.com/dyn/frwh-us?user_id=6edb453fa93a7dd28144c35b8353bad&gdpr_consent=&gdpr=
Request Chain 363
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://router.infolinks.com/dyn/sovrn-usync?uid=H1vSCLZH1GFpiRLqQlWJzlOb
Request Chain 365
  • https://cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E HTTP 302
  • https://router.infolinks.com/dyn/mnet-usync?uid=3458737661274461000V10
Request Chain 366
  • https://cm-x.mgid.com/5abf3d2eff2f70c0a0669cd9f0f84ba0.gif?puid=[UID]&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmgid-us%3Fuser_id%3D%5BUID%5D HTTP 302
  • https://router.infolinks.com/dyn/mgid-us?user_id=ba1d4517-9389-470b-9a31-71dd8ce58dd9
Request Chain 367
  • https://sync.1rx.io/usersync2/rmpssp?sub=infolinks HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8266634493 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/45d05fd7-b774-43df-ba7c-91fe06509f64 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fur-usync%3Fuid%3DRX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004 HTTP 302
  • https://router.infolinks.com/dyn/ur-usync?uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
Request Chain 368
  • https://cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0 HTTP 302
  • https://router.infolinks.com/dyn/qc-usync?gdpr=0&uid=qsq40f_LuYKxnuqO-s-i0fnGvNaxz7-O-Mc7oh4L
Request Chain 369
  • https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
  • https://router.infolinks.com/dyn/zeta-usync?uid=1978557985234180977
Request Chain 370
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks HTTP 302
  • https://router.infolinks.com/dyn/disus?uid=ua-e781848b-10d2-3c7f-ba2b-4d98c447d3ac
Request Chain 371
  • https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X HTTP 302
  • https://router.infolinks.com/dyn/33a-usync?uid=212384924788945
Request Chain 382
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEVYXU7ry37v0taBrg6REz0&google_cver=1
Request Chain 383
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=45d05fd7-b774-43df-ba7c-91fe06509f64&expiration=1705464165&gdpr=0&gdpr_consent=
Request Chain 384
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZX-EZaWFGjsPKn42Fi5GIwAA%265489&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZX-EZaWFGjsPKn42Fi5GIwAA%265489&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=c0f7a6de1c26443c9875056c5dd4738b HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=c0f7a6de-1c26-443c-9875-056c5dd4738b HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=b74a27db-7cf5-49a6-9d57-3e21a9d3d050%3A1702872166.4255822&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db74a27db-7cf5-49a6-9d57-3e21a9d3d050%253A1702872166.4255822%26_%3D1702872166.4285553&cb=1702872166.428587 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1976306195132350986&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Db74a27db-7cf5-49a6-9d57-3e21a9d3d050%253A1702872166.4255822%26_%3D1702872166.4285553 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=b74a27db-7cf5-49a6-9d57-3e21a9d3d050%3A1702872166.4255822&_=1702872166.4285553 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdiNzRhMjdkYi03Y2Y1LTQ5YTYtOWQ1Ny0zZTIxYTlkM2QwNTA6MTcwMjg3MjE2Ni40MjU1ODIyEAAaDQjniP-rBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMsGYqN76cQYcrsE2owSReY&google_cver=1
Request Chain 385
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZX-EZaWFGjsPKn42Fi5GIwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGLvQnU2sRBQ6H-FAUwOTH0&google_cver=1
Request Chain 386
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 387
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=tbl9rNCgWh58tQAahk-VRpJGyeg
Request Chain 388
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f5ef61cac56027ed2e3c9r00lqae4c7c
Request Chain 389
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZX-EZaWFGjsPKn42Fi5GIwAA%265489 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZX-EZaWFGjsPKn42Fi5GIwAA%265489&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZX-EZaWFGjsPKn42Fi5GIwAA%265489&tc=1
Request Chain 415
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hawtcelebs.com%2F&domain=www.hawtcelebs.com&cw=1&lsw=1&gdpr=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=nZjMwXw3Y3NSYzNVNy83NHdJaUQ0T3Fma1FYL1RuNyttazl2eEVlcmJ0ZWRKOFlUR0t2STZsMmZrSysyNjl6SWZGSCtrQ0k2Q2lZbmNnNEYvWmVMSVo5ZzJBN29RN0lSMyt6NWZQRFg4TkFibXlHcEhRNlpTZnBpQ0p5aVhNaC9hRWlEeXRwVHgzSTBoTytVVi9sM2xzSHN5TXovVlh0ZndsUldvajNYVU5NNDlJdVRJUkpCNTRkekFrUUVJQSs4MTRtZG5HSjkwZUJqZlZlNTNPZ3I0R3JyWEdsSHFJcTVETk5PekxVaUR3VGFaQ3RkbTNQWkt1a3FHWmt6YldvS29NNzVPfA&cppv=2
Request Chain 420
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D503248025d2a5a14%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=503248025d2a5a14&uid=a75166a0-ad35-4cf7-ac4f-5895eb6dfe39
Request Chain 441
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D001702872164961943D5DB294AB097 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=94efaed68a8c349c
Request Chain 442
  • https://id5-sync.com/i/102/8.gif?id5id=ID5*EhHv9jlkHnA9J28XKyk1rnWb1WQdqMkOkUBt3XnCGtV14OfKF2kTpa7XwR1bmR9rdeHpQUQujuK484bdKcNRQw&o=api&gdpr_consent=undefined&gdpr=0 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-b861SU3Ht00OttBbAOxpBbIMo22BEMnhabQaCevDEg&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/7/2.gif?puid=3831266057273496277&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/2/6/3.gif?puid=3456854436429190532&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=45d05fd7-b774-43df-ba7c-91fe06509f64&ttl=%%TTL%% HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAEHdE7K_4kAABSTifkKEw&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/112/3/6.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
Request Chain 445
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&33random=1702872165329.1&cat=33across HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&33random=1702872165329.1&cat=33across HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=45d05fd7-b774-43df-ba7c-91fe06509f64&bid=1e2n4ou
Request Chain 446
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&33random=1702872165329.3&cat=33across HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&33random=1702872165329.3&cat=33across HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=45d05fd7-b774-43df-ba7c-91fe06509f64&bid=1e2n4ou
Request Chain 447
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 448
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1702872165501.3&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 449
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1702872165501.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 450
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dthe33across%26bsw_param%3Da18511a8-4739-4f63-9f2a-764feaa38b34%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=00cefed71db242f482ccb75a903e683c&ssp=the33across&bsw_param=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=a18511a8-4739-4f63-9f2a-764feaa38b34 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=a18511a8-4739-4f63-9f2a-764feaa38b34&ts=1702872166&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 451
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1702872165501.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=3456854436429190532
Request Chain 452
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&_rand=1702872165501.6 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&_rand=1702872165501.6&expected_cookie=668042dc-cb71-49c1-bcb2-30d41b867733
Request Chain 453
  • https://map.go.affec.tv/map/3a/?pid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&ts=1702872165501.7 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D657fc4655d4b1a0001b44aad%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/an/3456854436429190532?ch=657fc4655d4b1a0001b44aad&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/ttd/45d05fd7-b774-43df-ba7c-91fe06509f64?ttd_puid=&gdpr=0&gdpr_consent=
Request Chain 454
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&random=1702872165501.8&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&random=1702872165501.8&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=00f7adb4-7718-4b77-b3bc-531c16088d62&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D00f7adb4-7718-4b77-b3bc-531c16088d62%252C%252C HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=00f7adb4-7718-4b77-b3bc-531c16088d62&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D00f7adb4-7718-4b77-b3bc-531c16088d62%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=72174198492171007252808969393739432874&pt=00f7adb4-7718-4b77-b3bc-531c16088d62%2C%2C
Request Chain 455
  • https://dp1.33across.com/ps/?pid=669&uid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&random=1702872165501.9&pu=https%3A%2F%2Frouter.infolinks.com%2F HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212384919919253&seg_code=33x&random=1702872166
Request Chain 467
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_EvwIQ_OjYAhjFq-X-ASABMAE&v=APEucNX0uzT5EDLXERv3KuQfIFrroqmALzgR1_Vk3pgGb74Np4UUjFaEbc-qVwvxVNjNg-1N8hp8KLqRSXFy0K9pxa3h1e3XSCGHmte5EZ_MJkG8t1DkuFo HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZX-EZaWFGjsPKn42Fi5GIwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLvQnU2sRBQ6H-FAUwOTH0&google_cver=1
Request Chain 491
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=hawtcelebs.com&sn=ChromeSyncframe&so=0&topUrl=www.hawtcelebs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=wHKlY3xOS2pUc2lDWXd1Y0xBVGJQL1AwQlJNTkd2a0hwNTlreG4yMzU2elRyWmNraUhYTDBaaldnNlc5UW9kbUp0SWFRUkRGdWJTTDN3VW16WEQzZ0ZyNlFDVDE4MzUvcElVTWNBSHVwQzlJemgxV0owOGpaMURacmRLMHMzZkhQM2JiTDgrakpMS09Qdmtkb2xxUzBuTWN1bTNLMHNTMDRFZkdEbEY4cGhzdTh5YkhvRTNOdGpFVWVzV1NxaFVoU1lEVDRrNHRCT0NyL2VnNFVaYkwxZlV0QnI3KzB5T0EvRjk5cjZGUjRhbHJKWmNoTjBiZWlBb1dQYXR2NnFEOWhiWkdXeHZnY1ExRVZGMlh1a2xZb21ETnV3OUF6bElBeWQwd1MrSWw2UVp3UXZZVT18&cppv=2
Request Chain 551
  • https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://cr-p10.ladsp.com/cookiesender/10?cr=true&https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AXBteJPs9Q2dks8AED41uJB_M88AAAGMexcw5g
Request Chain 552
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a18511a8-4739-4f63-9f2a-764feaa38b34 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a18511a8-4739-4f63-9f2a-764feaa38b34 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4bc9ef92-7b2b-42dd-b9a9-137bf8a73482&user_group=1&ssp=pubmatic&bsw_param=a18511a8-4739-4f63-9f2a-764feaa38b34 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 553
  • https://ds.uncn.jp/pm/0/sync HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_76fd0c8d-0f30-4e38-a2b3-06788d125e14
Request Chain 554
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3456854436429190532&gdpr=0&gdpr_consent=
Request Chain 555
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OLZnNG23Zmcj4jVraLN9NGu6YzMjs2BraruJ0GyU
Request Chain 558
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 559
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZX-EZgAHv4QGbABd
Request Chain 561
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2572d8ac3aab42c0b6b58517cc2b6113
Request Chain 563
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tbl9rNCgWh58tQAahk-VRpJGyeg&gdpr=0&gdpr_consent=
Request Chain 564
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=srNVz1scDwOPrHojZsR_ZQ
Request Chain 565
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUbed9a68fd8424706a7283bd61e9a4f84
Request Chain 566
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 567
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:98384A09DAF4490180DF4D059ABD8851&gdpr=0&gdpr_consent=
Request Chain 568
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:y2LtAdkx1Rf4Q65&gdpr=0&gdpr_consent=
Request Chain 569
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1978557985234180976
Request Chain 572
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Fvmfd-S6RrSeyOXR5ebhDA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 573
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D00f7adb4-7718-4b77-b3bc-531c16088d62%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3456854436429190532&pt=00f7adb4-7718-4b77-b3bc-531c16088d62%2C%2C
Request Chain 575
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 576
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTZGOTlGNzctRTRCQS00NkI0LTlFQzgtRTVEMUU1RTZFMTBD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 577
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENqNpfq7SHYMH8e6q1Oo80U&google_cver=1
Request Chain 579
  • https://tg.socdm.com/rtb/sync?proto=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZX-EZsCo8YkAADtZq98AAAAA
Request Chain 580
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=45d05fd7-b774-43df-ba7c-91fe06509f64&gdpr=0&gdpr_consent=
Request Chain 582
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.NgxI1tE2uXd1ZmdbVGsgDKYpKEeq1Q-~A&gdpr=0
Request Chain 583
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2905166593232021057
Request Chain 584
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7380707807691766283&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 585
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1482d10a677d22a3&is_secure=true&networkId=17100&version=1&nuid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALhdgkZ7UkUQMrggKnAAAAAAA&expiration=1702958566&nuid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 587
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/108/8/2.gif?puid=00f7adb4-7718-4b77-b3bc-531c16088d62&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=45d05fd7-b774-43df-ba7c-91fe06509f64&ttl=%%TTL%% HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/6/4.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/2/6/4.gif?puid=3456854436429190532&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F5%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/112/5/5.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
Request Chain 594
  • https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=442a1d36e311842d9a0f79f9a6e84fdd HTTP 307
  • https://cm.mgid.com/m?c=442a1d36e311842d9a0f79f9a6e84fdd&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
Request Chain 595
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16622%26tp%3DALDX%26tpid%3D%24{ADELPHIC_CUID}%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=1289afad-d6a6-43c5-9bcf-ef2defef2b7a&gdpr=0
Request Chain 596
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Request Chain 597
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&gdpr=0
Request Chain 598
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=45d05fd7-b774-43df-ba7c-91fe06509f64/gdpr=0/gdpr_consent=
Request Chain 599
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=442a1d36e311842d9a0f79f9a6e84fdd&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D00f7adb4-7718-4b77-b3bc-531c16088d62%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253D00f7adb4-7718-4b77-b3bc-531c16088d62%252C%25257B%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3456854436429190532&pt=00f7adb4-7718-4b77-b3bc-531c16088d62%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D00f7adb4-7718-4b77-b3bc-531c16088d62%2C%257B%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=00f7adb4-7718-4b77-b3bc-531c16088d62
Request Chain 604
  • https://aorta.clickagy.com/pixel.gif?ch=120&cm=442a1d36e311842d9a0f79f9a6e84fdd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=Yzo4NjU2NzVkZjhjODYxZTE0Y2VhNTI4ZDZhNTI1NmY3OA HTTP 302
  • https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEM9uxgwqx_fkHEddygd_Pww&google_cver=1 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:865675df8c861e14cea528d6a5256f78&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1702872167324&ip=146.70.201.232&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D231793304734001942203 HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=231793304734001942203 HTTP 302
  • https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
Request Chain 606
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232&gdpr=0&gdpr_consent=
Request Chain 607
  • https://ps.eyeota.net/match?bid=51mdg9u&uid=442a1d36e311842d9a0f79f9a6e84fdd&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkxGM0VjWVl3U041RXlEMW0ybXJwY05hRHphNzliU1p2RWQzU09Vb0pPN2M&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_gid=CAESEGmTsmBYHKszw0KDS_SjnkA&google_cver=1 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
  • https://ps.eyeota.net/match?uid=3456854436429190532&bid=2cr76e1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=3&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7380707807691766283&newuser=1&dc_rc=3&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
  • https://ps.eyeota.net/match?bid=9sn4omv&uid=y2LtAdkx1Rf4Q65&newuser=1&dc_rc=4&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D5%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
  • https://ps.eyeota.net/match?uid=ZX-EZgAHv4QGbABd&bid=0rijhbu&dc_rc=5&dc_mr=5&dc_orig=51mdg9u&
Request Chain 608
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-2IMHhsFE2pwk0RAYaQwhicD_t.bbH_4mJ4I-~A&gdpr=0
Request Chain 611
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZX-EZgAHwfpQPgBU HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZX-EZgAHwfpQPgBU/gdpr=0&_test=ZX-EZgAHwfpQPgBU
Request Chain 615
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/442a1d36e311842d9a0f79f9a6e84fdd/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7380707807691766283/gdpr=0
Request Chain 616
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=579887781 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/rand=579887781
Request Chain 618
  • https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=442a1d36e311842d9a0f79f9a6e84fdd HTTP 303
  • https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=442a1d36e311842d9a0f79f9a6e84fdd
Request Chain 620
  • https://c1.adform.net/serving/cookie/match?party=1040 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1040 HTTP 302
  • https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=7965596858226237483/gdpr=/gdpr_consent=
Request Chain 621
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=790073868 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/rand=790073868
Request Chain 627
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/unruly?rndcb=5024312818 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-8zM3HhNE2oX7vi7mAt8_1wZqs3vzKDv.3Rys~A HTTP 302
  • https://sync.1rx.io/usersync/verizon/y-8zM3HhNE2oX7vi7mAt8_1wZqs3vzKDv.3Rys~A HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004 HTTP 302
  • https://u.4dex.io/setuid?bidder=unruly&uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
Request Chain 631
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm HTTP 302
  • https://s.cpx.to/sync?dsp_uid=CAESEP93Rn6rbmAwFoR6SmB-hcw&dsp=dbm&google_cver=1
Request Chain 634
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dc21ef6a89a7fbe69%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=c21ef6a89a7fbe69&uid=a75166a0-ad35-4cf7-ac4f-5895eb6dfe39
Request Chain 640
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LQAE4DBJ-U-JCL5 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQAE4DBJ-U-JCL5 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQAE4DBJ-U-JCL5&ts=1702872167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 643
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFBRTREQkotVS1KQ0w1 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMGI_EgARLTFSFladWVsyzQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFBRTREQkotVS1KQ0w1&google_push=
Request Chain 644
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWFjMDgxMzFmNTYzOWI3NTM0NjdmZGM5Y2Y1Yzc2N2M0NmEzNDIyOQ
Request Chain 645
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1E72Mi_bSoKlsCmxjrnsEQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1E72Mi_bSoKlsCmxjrnsEQ
Request Chain 646
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=45d05fd7-b774-43df-ba7c-91fe06509f64&gdpr=0&gdpr_consent=&expires=30
Request Chain 647
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/QW8Ocj5IFfaBWNBRVZYJAg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-B_._2i5E2oK1Gq7wQxQmYhh0ruffbRKbeBJVbA--~A
Request Chain 648
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQAE4DBJ-U-JCL5&ex=d-rubiconproject.com&status=ok
Request Chain 650
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQAE4DBJ-U-JCL5
Request Chain 651
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEB9T-Dm8cPd_DY3LS8YlSo&google_cver=1
Request Chain 653
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQAE4DBJ-U-JCL5
Request Chain 654
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQAE4DEK-K-50YH
Request Chain 655
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQAE4DBJ-U-JCL5
Request Chain 656
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQAE4DBJ-U-JCL5 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQAE4DBJ-U-JCL5 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQAE4DBJ-U-JCL5&ckls=true&ci=Q3vhs37FEP&nc=false&trid=-1031936398
Request Chain 657
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQAE4DEK-K-50YH&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQAE4DEK-K-50YH&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS0yUm1BN2hSRTJ1RXZucHJZdHEuVDJPcnJtcFBxbGZzMX5B&ovsid=LQAE4DEK-K-50YH&dpid=58160
Request Chain 658
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1289afad-d6a6-43c5-9bcf-ef2defef2b7a&expires=30
Request Chain 661
  • https://id5-sync.com/s/19/9.gif?puid=442a1d36e311842d9a0f79f9a6e84fdd&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=45d05fd7-b774-43df-ba7c-91fe06509f64&ttl=%%TTL%% HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/19/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/2/7/3.gif?puid=3456854436429190532&gdpr=0&gdpr_consent= HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-b861SU3Ht00OttBbAOxpBbIMo22BEMnhabQaCevDEg/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F6%2F4.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/224/6/4.gif?puid=7380707807691766283&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F136%2F5%2F5.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/19/136/5/5.gif?puid=ZX-EZgAHv4QGbABd&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/id5?uid=ID5-b861SU3Ht00OttBbAOxpBbIMo22BEMnhabQaCevDEg&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fid5-sync.com%2Fa%2F19%2F121%2F4%2F6%2Fgif%2F0%2F0%2F
Request Chain 665
  • https://thrtle.com/insync?vxii_pid=10014&gdpr=0&vxii_pdid=442a1d36e311842d9a0f79f9a6e84fdd HTTP 302
  • https://thrtle.com/insync?gdpr=0&vxii_pdid=442a1d36e311842d9a0f79f9a6e84fdd&vxii_pid=12&vxii_pid1=10014&vxii_rcid=ec7a43bf-ae70-457c-b1e9-8d2f458c618c
Request Chain 666
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=127181828 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/rand=127181828
Request Chain 672
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Request Chain 676
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hawtcelebs.com%2F&domain=www.hawtcelebs.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=rcTcqXxrT1hyWGQ1NnBrSWhUOUxkTk9JWEZIRWMxajdxakFVQ0RDVmxMM2xkeWZ5dUpTL0RUVmY2RDlZU3hocmpueVpLMVZCZVZreGwwSzRNSktlNGtnc1gzdlZvWFlCYTlFTnVNR2N6Q2JMRjVwaXRPdmxaSGtpOWJ0eHE3eXdXc1hQd1c0ZWRnWG5oc0tQTkd3TDArbXRqa1M0a2VWZzRuWHlnTjAzUUdjcEc4SUVDd3FUSlBjOS9DMXlCb2pVb010MW5CVTE3TlFFcG9yWE82RTJodVNZWi8rMW13QmtpYmlaUm1IS0UwenpYSW5EbXRITGN6TmxzNmxUaWh5RlY1cEdoZC9ZRS9MTkIvaWQvWm5mbzkzVlZzajF6SXcvQ3JhS2t0WmwxVG9BWm1rRT18&cppv=2
Request Chain 686
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=45d05fd7-b774-43df-ba7c-91fe06509f64&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 687
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIzNzI5NDQzMTU4NTkwNjQ1MzY1OA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 688
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEfScpYiIL4_YJRB4miRBXg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 689
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIzNzI5NDQzMTU4NTkwNjQ1MzY1OA%3D%3D
Request Chain 691
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2237294431585906453658?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-rhG7ohtE2oTza8wV8Avbhv3fYLxleVKtKDkAqW2ZUg--~A&dongle=0883
Request Chain 692
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2237294431585906453658&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7965596858226237483&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=a18511a8-4739-4f63-9f2a-764feaa38b34&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 693
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=44c1b75a-56b1-4558-b9e2-c596f366b997&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 694
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3456854436429190532&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 699
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=6ac368a7-0a41-45c6-a666-84d78d8f6519
Request Chain 700
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-e781848b-10d2-3c7f-ba2b-4d98c447d3ac
Request Chain 701
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=-1621377042681400765 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=5a45b45b-3759-5460-9a2f-075cff50c334
Request Chain 702
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-b861SU3Ht00OttBbAOxpBbIMo22BEMnhabQaCevDEg
Request Chain 703
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=H1vSCLZH1GFpiRLqQlWJzlOb
Request Chain 704
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=84e8bd6444
Request Chain 705
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3456854436429190532
Request Chain 707
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Request Chain 718
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3456854436429190532
Request Chain 719
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB
Request Chain 721
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=hzidrib9tQE7W3yXPLN4
Request Chain 722
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=6edb453fa93a7dd28144c35b8353bad&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umw9bb2_7313789620212811627&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=45d05fd7-b774-43df-ba7c-91fe06509f64&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/6edb453fa93a7dd28144c35b8353bad?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-4Ghi9edE2oN8D.GfhPTzqdHHsaAjpEIeNFLnwMUe~A HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AAEHdE7K_4kAABSTifkKEw&dataProviderId=817&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NmVkYjQ1M2ZhOTNhN2RkMjgxNDRjMzViODM1M2JhZA==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMck04K3ZF1XCSYk0TN1x28&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=3456854436429190532&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=y2LtAdkx1Rf4Q65&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=7898829&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=1289afad-d6a6-43c5-9bcf-ef2defef2b7a HTTP 302
  • https://jelly.mdhv.io/v4/pixie HTTP 307
  • https://ads.stickyadstv.com/user-registering?dataProviderId=513&userId=bd335a7c-dc62-4bbb-be35-86a65c6f184e HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=${TM_USER_ID}&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=ZX-EZgAHv4QGbABd&gdpr=0&gdpr_consent=
Request Chain 724
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7965596858226237483&expiration=1704081768
Request Chain 728
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232&dongle=4430
Request Chain 729
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=1289afad-d6a6-43c5-9bcf-ef2defef2b7a&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 733
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAEHdE7K_4kAABSTifkKEw&dongle=bzwx&gdpr=0
Request Chain 734
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=4bb72650258d1fc0&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAALhdgkZ7Uk7gN78nNOAAAAAAA&expiration=1702958568&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 738
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=1f38f475-74a1-4382-b911-c4fb51df07fb&gdpr=0&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 739
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=1f38f475-74a1-4382-b911-c4fb51df07fb HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-3kMXH6tE2uFQJwlaEomAZmA40ujPgZp.Ci3pHIw-~A
Request Chain 741
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=openx&uid=a75166a0-ad35-4cf7-ac4f-5895eb6dfe39
Request Chain 742
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=adform&uid=7965596858226237483
Request Chain 743
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D1f38f475-74a1-4382-b911-c4fb51df07fb%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Dpubmatic%26uid%3D16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=pubmatic&uid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Request Chain 744
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=index_rtb&uid=ZX-EZaWFGjsPKn42Fi5GIwAA%265489
Request Chain 745
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=sovrn&uid=H1vSCLZH1GFpiRLqQlWJzlOb
Request Chain 746
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=appnexus&uid=3456854436429190532
Request Chain 753
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/3831266057273496277
Request Chain 755
  • https://x.bidswitch.net/sync?ssp=xapads&user_id=A1171917415455838230 HTTP 302
  • https://sync.adkernel.com/user-sync?dsp=3&t=image&uid=a18511a8-4739-4f63-9f2a-764feaa38b34
Request Chain 756
  • https://x.bidswitch.net/sync?ssp=xapads&user_id=A1171917415455838230 HTTP 302
  • https://sync.adkernel.com/user-sync?dsp=3&t=image&uid=a18511a8-4739-4f63-9f2a-764feaa38b34
Request Chain 757
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/3456854436429190532
Request Chain 759
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LQAE4DBJ-U-JCL5?gdpr=0
Request Chain 769
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&partner_id=1010
Request Chain 771
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LQAE4DBJ-U-JCL5 HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LQAE4DBJ-U-JCL5
Request Chain 772
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/openx/3bc52bf9-24cf-4180-81b6-5f6c148a94c6
Request Chain 775
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/sovrn/H1vSCLZH1GFpiRLqQlWJzlOb
Request Chain 778
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/7965596858226237483
Request Chain 779
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/hzidrib9tQE7W3yXPLN4?gdpr=0
Request Chain 780
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48?pi=smilewanted
Request Chain 818
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-AHZQTzviUu-uPmYpVHXLQwwlnVBWz0pSDlIIaw&google_cm&google_hm=ay1BSFpRVHp2aVV1LXVQbVlwVkhYTFF3d2xuVkJXejBwU0RsSUlhdw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-AHZQTzviUu-uPmYpVHXLQwwlnVBWz0pSDlIIaw&google_gid=CAESELWiAbKg15AI4yOjfD81dGo&google_cver=1&google_ula=913071,0
Request Chain 820
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3456854436429190532
Request Chain 831
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=I9ojyVrE2czwzG1EqrkEyzQEVXAPPoso
Request Chain 835
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-9RTE2TviUu-uPmYpVHXLQwwlnVCz5kyAPuLMsg HTTP 302
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=7380707807691766283&redirectID=0&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&gdpr=0&gdpr_consent=
Request Chain 844
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-X7UlPDviUu-uPmYpVHXLQwwlnVDOl5jLFDfPCw HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58301&ovsid=k-X7UlPDviUu-uPmYpVHXLQwwlnVDOl5jLFDfPCw&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS0yUm1BN2hSRTJ1RXZucHJZdHEuVDJPcnJtcFBxbGZzMX5B&ovsid=k-X7UlPDviUu-uPmYpVHXLQwwlnVDOl5jLFDfPCw&dpid=58301
Request Chain 846
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=3Sfz23t-TN18WptSwmGOoApyvEJPtWTN
Request Chain 858
  • https://ssbsync.smartadserver.com/api/sync?callerId=84&publisher_user_id=f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&publisher_dsp_id=370&publisher_call_type=redirect&publisher_redirecturl=https://ap-ice.360yield.com/match HTTP 302
  • https://match.360yield.com/match?publisher_dsp_id=370&gdpr=0&gdpr_consent=&external_user_id=3831266057273496277
Request Chain 860
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=45d05fd7-b774-43df-ba7c-91fe06509f64&gdpr=0&gdpr_consent=
Request Chain 861
  • https://c1.adform.net/serving/cookie/match?party=1294&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=tYyXe2fcCnEgDUj176HQNZKu&source_user_id=7965596858226237483&gdpr=0&gdpr_consent=
Request Chain 862
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&google_hm=ZjFjZjNlODUtNGVmYi00ZWM2LThlMTAtZDA1YWExMmM1Nzg2&dsp_callback=0 HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEMS9RO6fjNRTE2Q2eiweDkM&google_cver=1
Request Chain 863
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQAE4DBJ-U-JCL5&gdpr=0
Request Chain 864
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8c8-hU77TsaOENBaoSxXhg&google_cm&dsp_callback=0&publisher_dsp_id=340 HTTP 302
  • https://match.360yield.com/match?dsp_callback=0&publisher_dsp_id=340&google_gid=CAESEGPNg-DynbRV4RiY_JLSAG8&google_cver=1
Request Chain 865
  • https://x.bidswitch.net/sync?ssp=improve&publisher_user_id=f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&publisher_dsp_id=191&publisher_call_type=redirect&publisher_redirecturl=https://ap-ice.360yield.com/match HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=improve&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=improve&gdpr=0&user_id=vyRGPuolR22kcBRh7yFcPuwoQjmkIUFh7SkhU4z5 HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=0&gdpr_consent=
Request Chain 866
  • https://go.affec.tv/i/63886d3155f992ad608ace30?af_mp=0&publisher_user_id=f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&publisher_dsp_id=440&publisher_call_type=redirect&publisher_redirecturl=https://ap-ice.360yield.com/match HTTP 302
  • https://match.360yield.com/match?external_user_id=657fc4655d4b1a0001b44aac&gdpr=&gdpr_consent=&publisher_dsp_id=440&r=https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fim%2F%3Fpublisher_user_id%3D%7BPUB_USER_ID%7D%26gdpr%3D%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_TCF_CONSENT_STRING%5D&redir=%2F%2Fgo.affec.tv%2Fpx HTTP 302
  • https://map.go.affec.tv/map/im/?publisher_user_id=f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&redir=//go.affec.tv/px HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D657fc46c5d4b1a0001b45256%26chc%3Dim%26redirect_url%3D%26gdpr%3D%255BGDPR_APPLIES%255D%26gdpr_consent%3D%255BGDPR_TCF_CONSENT_STRING%255D&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D HTTP 302
  • https://map.go.affec.tv/map/an/3456854436429190532?ch=657fc46c5d4b1a0001b45256&chc=im&redirect_url=&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING] HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D HTTP 302
  • https://map.go.affec.tv/map/ttd/45d05fd7-b774-43df-ba7c-91fe06509f64?ttd_puid=&gdpr=0&gdpr_consent=
Request Chain 867
  • https://s.ad.smaato.net/c/?adExInit=s&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DxTFJbLbs37tyhbKsPP9VC2cm%26source_user_id%3D%24UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=84e8bd6444
Request Chain 868
  • https://sync.srv.stackadapt.com/sync?nid=15&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232&gdpr=0&gdpr_consent=
Request Chain 872
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=3456854436429190532&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 873
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=3456854436429190532&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 874
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
Request Chain 876
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adyoulike&bsw_param=a18511a8-4739-4f63-9f2a-764feaa38b34&google_hm=YTE4NTExYTgtNDczOS00ZjYzLTlmMmEtNzY0ZmVhYTM4YjM0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAp82Y1T4suROUnaVSX6dLI&google_cver=1&ssp=adyoulike&bsw_param=a18511a8-4739-4f63-9f2a-764feaa38b34 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=a18511a8-4739-4f63-9f2a-764feaa38b34&name=BIDSWITCH&gdpr=&gdpr_consent=
Request Chain 877
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De77031af9e62c4ae76bee5b9517c4ef4%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=d8ffadde7e6cec391fc4698eed7655b0&gdpr=0&gdpr_consent=
Request Chain 879
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=45d05fd7-b774-43df-ba7c-91fe06509f64&name=THE_TRADE_DESK
Request Chain 880
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=hzidrib9tQE7W3yXPLN4&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 881
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=95316415-6455-41aa-b917-892edbaccb8c%20&gdpr_consent=null&gdpr=0
Request Chain 882
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=hzidrib9tQE7W3yXPLN4&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 883
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&gdpr=0&gdpr_consent=
Request Chain 884
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09ee220400c20f648f2a7e85&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Request Chain 885
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232&name=STACKADAPT&gdpr=0&gdpr_consent=
Request Chain 888
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67019618f4c5f35f52e%26visitor%3D%24%24visitor_cookie%24%24%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=00cefed71db242f482ccb75a903e683c&gdpr=0&gdpr_consent=
Request Chain 890
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D&gdpr=0&consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=5a45b45b-3759-5460-9a2f-075cff50c334&name=BETWEENX&gdpr=0&gdpr_consent=
Request Chain 891
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=48667174-16df-4ab3-a314-0418cacaab71&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Request Chain 893
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 894
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 896
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 897
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Request Chain 911
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/3831266057273496277
Request Chain 913
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3831266057273496277&gdpr=0&gdpr_consent=
Request Chain 914
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09ee220400896e30d8c89a64&gdpr=0&gdpr_consent=
Request Chain 915
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MzgzMTI2NjA1NzI3MzQ5NjI3Nw==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEL3wiyWyCDtc8A1tOXg0JNk&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 916
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=45d05fd7-b774-43df-ba7c-91fe06509f64&gdpr=0&gdpr_consent=
Request Chain 917
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/3456854436429190532
Request Chain 922
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 927
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=3456854436429190532
Request Chain 928
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=H1vSCLZH1GFpiRLqQlWJzlOb
Request Chain 929
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=H1vSCLZH1GFpiRLqQlWJzlOb
Request Chain 930
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2069.26%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=719234585 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/2069.26/3456854436429190532?zcc=0&sspret=1&rndcb=719234585 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
Request Chain 931
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1976306195132350986
Request Chain 932
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=643a2bf9-4a90-4828-b0f4-6d74658c8e3b
Request Chain 933
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F33507%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D1YN-%26A%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Damx_com%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D
Request Chain 934
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-3kMXH6tE2uFQJwlaEomAZmA40ujPgZp.Ci3pHIw-~A
Request Chain 935
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-e781848b-10d2-3c7f-ba2b-4d98c447d3ac
Request Chain 936
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-3kMXH6tE2uFQJwlaEomAZmA40ujPgZp.Ci3pHIw-~A
Request Chain 937
  • https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://ads.servenobid.com/sync?pid=351&uid=6ac368a7-0a41-45c6-a666-84d78d8f6519&gdpr=0
Request Chain 938
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=3458737661274461000V10
Request Chain 939
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&khaos=LQAE4DBJ-U-JCL5 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQAE4DBJ-U-JCL5&name=RUBICON&gdpr=0
Request Chain 940
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=YrPDojeywvF555H9MrbZojG_x6V5tsT9ML7fAa6D
Request Chain 941
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718683373&external_user_id=a0c82877-73af-4d52-8f4a-37a0462ba4c0
Request Chain 942
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7380707807691766283
Request Chain 943
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=77E8C90F12574DEC950120C50FB7BA09
Request Chain 944
  • https://dynalyst-sync.adtdp.com/cookie/sync?pid=43 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=216&external_user_id=a32f81a5-206f-4e41-b59c-8baf39af49b6
Request Chain 945
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=1fa01134-44cf-4092-97a7-5ffb77006b7b
Request Chain 946
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZX-EZaWFGjsPKn42Fi5GIwAA%265489&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1595%26userId%3D%24%7BUID%7D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1595&userId=a75166a0-ad35-4cf7-ac4f-5895eb6dfe39 HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=561914&ev=1&us_privacy=$
Request Chain 947
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=&gdpr_consent=&us_privacy=
Request Chain 949
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LQAE4DBJ-U-JCL5?gdpr=0
Request Chain 951
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=3456854436429190532
Request Chain 952
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_a89f188c-1442-4e3e-9297-22e418a40ced&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 953
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=69b24d1f-3cbf-4748-a0b8-886da2663df2
Request Chain 954
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232
Request Chain 955
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-qYNO14dE2pd4MsHfIBXxN1RZxrW41ewqJ9pF~A
Request Chain 956
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=1289afad-d6a6-43c5-9bcf-ef2defef2b7a
Request Chain 958
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_a89f188c-1442-4e3e-9297-22e418a40ced&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=hzidrib9tQE7W3yXPLN4&gdpr=0&us_privacy=1---
Request Chain 959
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=6mue6nSQfQ4x&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 960
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3831266057273496277
Request Chain 962
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=7965596858226237483&gdpr=0&gdpr_consent=
Request Chain 965
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=45d05fd7-b774-43df-ba7c-91fe06509f64
Request Chain 966
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZX-Ea8Co8HAAAHg0fUEAAAAA
Request Chain 967
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48&pi=gumgum
Request Chain 968
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 971
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=hzidrib9tQE7W3yXPLN4&gdpr=0
Request Chain 972
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=84e8bd6444
Request Chain 973
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=6ac368a7-0a41-45c6-a666-84d78d8f6519&gdpr=0
Request Chain 974
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MzgzMTI2NjA1NzI3MzQ5NjI3Nw==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEL3wiyWyCDtc8A1tOXg0JNk&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 975
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&partner_id=1010
Request Chain 976
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D578434%26t%3Dimage%26uid%3D%24UID%26us_privacy%3D1YN- HTTP 302
  • https://sync.adkernel.com/user-sync?zone=181225&dsp=578434&t=image&uid=3456854436429190532&us_privacy=1YN-
Request Chain 982
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/openx/3bc52bf9-24cf-4180-81b6-5f6c148a94c6
Request Chain 984
  • https://ssc-cms.33across.com/ps/?_=1702872173027.&ri=0015a00003HljHyAAJ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212384919919253&gdpr=0&gdpr_consent=
Request Chain 986
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/sovrn/H1vSCLZH1GFpiRLqQlWJzlOb
Request Chain 991
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/7965596858226237483
Request Chain 992
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=8b928a1f03e7d2281861d05d497e50b5
Request Chain 994
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/hzidrib9tQE7W3yXPLN4?gdpr=0
Request Chain 995
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=5a45b45b-3759-5460-9a2f-075cff50c334
Request Chain 999
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48?pi=smilewanted
Request Chain 1000
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=77E8C90F12574DEC950120C50FB7BA09&dongle=yf3
Request Chain 1001
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=hzidrib9tQE7W3yXPLN4&gdpr=0
Request Chain 1002
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7380707807691766283&dongle=d407&gdpr=0&gdpr_consent=
Request Chain 1003
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=4DrCh7U7w9T7bpDYsD_Yh7M2xoD7P8XYsjer60eQ
Request Chain 1005
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=ZX-EZgAHv4QGbABd&dongle=3c0a&gdpr=0&gdpr_consent=
Request Chain 1006
  • https://s.company-target.com/s/tlx?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D8804%26xuid%3D%7Bxuid%7D%26dongle%3D6aix HTTP 302
  • https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=a0c82877-73af-4d52-8f4a-37a0462ba4c0
Request Chain 1007
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6019&xuid=y2LtAdkx1Rf4Q65&dongle=465e&gdpr=0&gdpr_consent=
Request Chain 1008
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6547&xuid=5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
Request Chain 1010
  • https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-3kMXH6tE2uFQJwlaEomAZmA40ujPgZp.Ci3pHIw-~A&gdpr=0
Request Chain 1015
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LQAE4DBJ-U-JCL5 HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LQAE4DBJ-U-JCL5
Request Chain 1018
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LQAE4DBJ-U-JCL5 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LQAE4DBJ-U-JCL5
Request Chain 1021
  • https://ce.lijit.com/merge?pid=5001&3pid=442a1d36e311842d9a0f79f9a6e84fdd&gdpr=0&location=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D5436%26tp%3DSVRN%26tpid%3D%5BSOVRNID%5D%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=5436&tp=SVRN&tpid=H1vSCLZH1GFpiRLqQlWJzlOb&gdpr=0
Request Chain 1022
  • https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=231793304734001942203&gdpr=0&gdpr_consent=
Request Chain 1023
  • https://trc.taboola.com/sg/lotame/1/cm HTTP 302
  • https://bcp.crwdcntrl.net/map/c=10924/tp=OOLA/
Request Chain 1024
  • https://pixel.shareaholic.com/sync?r=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D9193%26tp%3DSHLC%26tpid%3D%24u_id%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=489db5eb-c149-476b-8586-d86dee430dc3&gdpr=0
Request Chain 1025
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=444261244 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/rand=444261244

1030 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.hawtcelebs.com/
34 KB
8 KB
Document
General
Full URL
https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43122e41533d4926223f942c44e2ad0460f484c1e17b1a7548b90f75cc18cbfe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
837482f7ca40afdc-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:42 GMT
link
<https://www.hawtcelebs.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gM3Taqcfz9pQfDPq0GelrGRSpM6Ilz13YH967hz%2FPKl1BAok2M4KUWRpkb8GHkwesozmfvGDLOKLrRZpOT5lDFahILf%2B740%2FxmrML%2FaRnVWjXmtZRnT0aKrtZTuB29BoAPeLOAVEyxzJCBTQD0RErZc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
classic-themes.min.css
www.hawtcelebs.com/wp-includes/css/
291 B
574 B
Stylesheet
General
Full URL
https://www.hawtcelebs.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Jul 2023 09:12:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1669518
etag
W/"64b11170-123"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeBQQKDUSzFZ%2Bd0RF%2FyYb%2BDbmwTd945VAJY5E%2Brz0Tx6iaLEzZFBswD%2BtI0GS3GFFNRbsMhnAk87HaF7qKgEqmbW3%2FpN4BEh67d3HrvJCMAqkZFV6LJD2iLnEHQ8DvUyTNb2GL8evyNoHM%2F8aBtRcek%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
83748306db2fafdc-NRT
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
www.hawtcelebs.com/wp-content/themes/hawtceleb/
15 KB
4 KB
Stylesheet
General
Full URL
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=6.2.2
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af0d6570462dee3c3937e8694b2ee98ea78313219976105080e94680c29769ad

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1481317
cf-polished
status=cannot_optimize
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 15 Jul 2023 13:20:58 GMT
server
cloudflare
etag
W/"64b29d3a-3db1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbEzCpHzOwHc8wklgXNi8udwE1pcFbQXkEfX9fwEsIx8okOQKBSvUHNYa7uihzf0C5CvziJGwbhgu1q%2Fdx3vjhj6uRWXcClG5sKLAvu%2Ba8NjDCOJfwWYOpzA4Hv5FT3leYcRED2BaBEljaOZUHAGNxk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
83748306db33afdc-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%2C700i&ver=6.2.2
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f497d5620cd5e9b4656a594cf3486a6a61a47c6b5be55f4d4096c4083680bfb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 18 Dec 2023 04:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 04:02:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Dec 2023 04:02:42 GMT
dd-multi-col-cats.css
www.hawtcelebs.com/wp-content/themes/hawtceleb/
238 B
463 B
Stylesheet
General
Full URL
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/dd-multi-col-cats.css
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a40dcd59c23d9ed6f0fbaeefeb57c78543b487ad93c49f5f74b89dd85b0ea278

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1409741
cf-polished
origSize=313
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 15 Jul 2023 13:20:58 GMT
server
cloudflare
etag
W/"64b29d3a-139"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8ETu5mOmHKARtp572XCCquTIY7%2FExDNPARilyK8QE%2FkMfzd3buf4DrKAMbhM4F7jHQcOLFBEBvDjcX5YS%2FOdQdgWQgMDy84T7IjmJT0lg95YNYjaLc1ext3lUxdgMmzuX2t58rHq4LNMawQ7dXHOM8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
83748306db36afdc-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
up.js
live.demand.supply/
5 KB
3 KB
Script
General
Full URL
https://live.demand.supply/up.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03b5aad2841a58bcc2eaa22eb449cb229d5cd9c82b6e90d3b4f2ce26b229bc0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HHMB7HR9FZ40JWSBWH5ZS602
date
Mon, 18 Dec 2023 04:02:42 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
age
29
cf-polished
origSize=4807
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"90b2d3ff8fea68e68f35e9b1c449cfcb-ssl-df"
cache-status
"Netlify Edge"; fwd=miss
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
83748306fb462077-NRT
link
<https://live.demand.supply/impl.v17.25.3.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-24-0/d3d3Lmhhd3RjZWxlYnMuY29tLw==>; rel=preload; as=script
timing-allow-origin
*
sadie-stanley-at-a-photoshoot-december-2023-5_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2023/12/
44 KB
44 KB
Image
General
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2023/12/sadie-stanley-at-a-photoshoot-december-2023-5_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be08c68671189ff53234fffb8c7e62a03b4d9d8daa7546734e52e52b75916a87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21170
alt-svc
h3=":443"; ma=86400
content-length
44882
last-modified
Sun, 17 Dec 2023 20:18:53 GMT
server
cloudflare
etag
"657f57ad-af52"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7CamLCQ%2B7dXsvLjqbMkx6MiRu4BPlF%2FDtWalkkfZiJaXEzioEbTg%2BkMBuWS1fatkm1INSOe9%2BgmxPpQNUyJN4IJODPFtE8K7xalgxgg9pZYj8DIEm1pv9z95PlPSM1l6SiqGRv1ufqtRuK%2BJClTBXE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
83748306db37afdc-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
leigh-anne-pinnock-performs-at-capital-fm-jingle-bell-ball-2023-at-o2-arena-in-london-12-09-2023-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2023/12/
58 KB
58 KB
Image
General
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2023/12/leigh-anne-pinnock-performs-at-capital-fm-jingle-bell-ball-2023-at-o2-arena-in-london-12-09-2023-6_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b087c15951461b7d3999962d8a7f7b12014926b21ded97d37442def4881ba2b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
cf-cache-status
MISS
last-modified
Sun, 17 Dec 2023 20:17:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"657f5750-e7ff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkjZK5ybaxSe1OmTeSUBn3To0hHSMLxfm6sZ15Ko0zyt3PlbbT7%2B0w0%2FFIp4XR8LaIMD0%2BTuWGiU44nLCGKrIQa9RtUoLdwfZngkAdZXD57k1dhGM%2BgKcFnZYqyI%2BM%2B0BxZpwPBwBUIBuagZtHkARf0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
83748306db39afdc-NRT
alt-svc
h3=":443"; ma=86400
content-length
59391
expires
Thu, 31 Dec 2037 23:55:55 GMT
livvy-dunne-at-lsu-gym-101-showcase-in-baton-rouge-1216-202-5_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2023/12/
48 KB
49 KB
Image
General
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2023/12/livvy-dunne-at-lsu-gym-101-showcase-in-baton-rouge-1216-202-5_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcb019a9a0db49141264e03cff67f617c59daa92c9dd3158ee7b7d163b5c1bf5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
cf-cache-status
MISS
last-modified
Sun, 17 Dec 2023 20:16:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"657f5703-c1f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTKVMLe8SXK0%2FUY6%2BvCvR%2BTXI7hXBU1eRjyQG%2BWzz94Iwju4iCZFWEQuF7JVr9HC3SSDdT3CSBtrxvGpICOZ9O3XrJr42xLS%2BIiTHuBJiUbCujCZv4y9gIOst04Y8JOrE0VKEwbU%2BwkhFmNG6l2fLY4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
837483071b347352-NRT
alt-svc
h3=":443"; ma=86400
content-length
49657
expires
Thu, 31 Dec 2037 23:55:55 GMT
adele-exarchopoulos-at-bulgari-hotel-paris-cocktail-party-in-paris-12-14-2023-1_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2023/12/
56 KB
56 KB
Image
General
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2023/12/adele-exarchopoulos-at-bulgari-hotel-paris-cocktail-party-in-paris-12-14-2023-1_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2df806965da339b5f39ebf2c501d85bc2b89a803d3216628e1129e6ababc5b1d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
cf-cache-status
MISS
last-modified
Sun, 17 Dec 2023 20:12:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"657f5637-dfb4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xeCIwKORaDjkQenfUcQ0dd0lajc8mBxS6GenJHjknws9eT06nRzyenb75nVRWh3NvMpwIq%2FMwhnFQX0G8FBuYaMJKhUm9J98lSs1fUuwG3Y%2B%2BetbGNBEa4DqhZe0tIFDooeFfg8sycUkstmJPwRK8As%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
837483071b357352-NRT
alt-svc
h3=":443"; ma=86400
content-length
57268
expires
Thu, 31 Dec 2037 23:55:55 GMT
becky-g-at-doja-cat-s-end-of-tour-party-in-west-hollywood-12-17-2023-2_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2023/12/
46 KB
46 KB
Image
General
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2023/12/becky-g-at-doja-cat-s-end-of-tour-party-in-west-hollywood-12-17-2023-2_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6710fa8a65497bc92dbba86d2f1d92808109badea91b803bd38b5592827548cb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
cf-cache-status
MISS
last-modified
Sun, 17 Dec 2023 20:11:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"657f55e4-b68a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uo14YQW8wz6fnYf2t8CHJTto5i%2FFJj90ds0ZTDOzSSVburUezmIjFdvjotn2l0SYxUwKJmhUxrTbNBqkElNR7tG0M8H9CqrgcpWm2PmaIss12f1JeN3TyGoFLSzlPEfrndc6hcxNIBPvoD4nHUfL4R4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
837483071b367352-NRT
alt-svc
h3=":443"; ma=86400
content-length
46730
expires
Thu, 31 Dec 2037 23:55:55 GMT
mary-elizabeth-winstead-for-asos-magazine-july-2012-8_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2023/12/
57 KB
58 KB
Image
General
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2023/12/mary-elizabeth-winstead-for-asos-magazine-july-2012-8_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd52c9d1a20fe02293f8940d3a6688e9ee6ca85442de17a2a8a5368ebf171d8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25029
alt-svc
h3=":443"; ma=86400
content-length
58434
last-modified
Sun, 17 Dec 2023 19:51:09 GMT
server
cloudflare
etag
"657f512d-e442"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWiGhU4pO0DqXQllry2aAayLhWvFokAyNEdsfnn3wW6iDjohX8AIPm7Qdy2No2ktCRBPv6zRwlze5TjLcktjbmae1ZSvEyAFBwgHyxUpFWEKthhMKMDkBisoNALee2g%2Fp3j4bp39ZnKbYiFAPI00yh4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
837483071b377352-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
abbie-cornish-at-rebel-moon-part-one-a-child-of-fire-premiere-in-los-angeles-12-13-2023-4_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2023/12/
54 KB
54 KB
Image
General
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2023/12/abbie-cornish-at-rebel-moon-part-one-a-child-of-fire-premiere-in-los-angeles-12-13-2023-4_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7196d2de3f91595ff448c8b9c7e3bfce6166c91506d5d9c60270ccc5c05ccce

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
cf-cache-status
MISS
last-modified
Sun, 17 Dec 2023 17:23:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"657f2ead-d782"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLCkjDPb6Vm9R1VdEjnDtZ0Tr4BpSfAWxYwgW9lirJAaKfBDI60HwvyWB6PpJsrCvxGL2M3QAEGynPQrp47BVcJAi6E08WoX75EdaN8UE2F2nLY4BlQ7otAgSb4gPu%2FaFAOUnw204agd%2FQtEFjK8iSc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
837483071b387352-NRT
alt-svc
h3=":443"; ma=86400
content-length
55170
expires
Thu, 31 Dec 2037 23:55:55 GMT
monique-pendleberry-and-david-duchovny-on-a-date-night-in-malibu-12-16-2023-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2023/12/
52 KB
52 KB
Image
General
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2023/12/monique-pendleberry-and-david-duchovny-on-a-date-night-in-malibu-12-16-2023-6_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6d44c7e513be5ab0dd04e157536284480c3ccb205ce50a7063feb8e4b89cab8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
cf-cache-status
MISS
last-modified
Sun, 17 Dec 2023 16:59:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"657f2903-cfef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfYHc8QDlNMMZ8onmLsPdQjoCcDmL6AgJ22KaqHGUZ2a2xinLFxszn6kx%2F2fj7qnvmr2mEBPwPGsCZh4IoSSmuc%2FvdpVQUzCy%2FTjf3ZRYtPx%2B2QQsVUsbqIFn6bY9qFgS5oLj4NlB1vwo2Lq0X2KuIs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
837483071b397352-NRT
alt-svc
h3=":443"; ma=86400
content-length
53231
expires
Thu, 31 Dec 2037 23:55:55 GMT
patricia-montero-at-29th-jose-maria-forque-awards-in-madrid-12-16-2023-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2023/12/
43 KB
44 KB
Image
General
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2023/12/patricia-montero-at-29th-jose-maria-forque-awards-in-madrid-12-16-2023-6_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb1a2c583424b6de0983c67fb31e71bd88cda242025e1e6057f4332a08819a7f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43813
alt-svc
h3=":443"; ma=86400
content-length
44235
last-modified
Sun, 17 Dec 2023 12:22:49 GMT
server
cloudflare
etag
"657ee819-accb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLPY0ZOm%2FsRI1nv3%2BwcorxRsgkv1fco2QJimJtpb3ASxeKaA4Dkh48yuLFjlnfXvGtfwPyUUUJ48LyE3zbpp05dAY4iH12NWzBdvRaFF8e1obiz5n2JjDA3CA7oI6cZqWfm4MRu2Y1qJ7Lhut%2Frlmsg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
837483071b3c7352-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
teresa-riott-at-29th-jose-maria-forque-awards-in-madrid-12-16-2023-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2023/12/
42 KB
42 KB
Image
General
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2023/12/teresa-riott-at-29th-jose-maria-forque-awards-in-madrid-12-16-2023-6_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d708cdd9835f754376a7c8b713b6a432c389fb300fa3ffecb1efdbb4824eb0e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43813
alt-svc
h3=":443"; ma=86400
content-length
42800
last-modified
Sun, 17 Dec 2023 12:21:35 GMT
server
cloudflare
etag
"657ee7cf-a730"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BWaqWro%2FNByjh334ApRGPuUDuWdhxg9lReGMFsDLrCjqCIhan9i0nmL85gr3ryG4ePPIva9XlFQ7teihpbAyGl99X2YmuIIN%2BimLbnVheg%2F%2FkLcq1KAENOl7AxHq41zbh%2BSXEPCX40lq%2BkE4YjD8qc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
837483071b3f7352-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
rocket-loader.min.js
www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 08 Dec 2023 18:02:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65735a1c-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dqQGUr4Paj1jxVo2GB6gno4tzYuKbMwazSqM2f9nheewrhWBWqC%2FBrsNeDm%2Fc%2FBVBWN7fVMYCbs0%2FCKq9GVjhKWa6sJgCrOV28PFXbQr%2FCzz6SGrfOQbWeP7dfTkxTeUMkSPO1Jy%2BSkaJnxCLBh7XBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
837483071b407352-NRT
expires
Wed, 20 Dec 2023 04:02:42 GMT
icon.ttf
www.hawtcelebs.com/wp-content/themes/hawtceleb/fonts/
14 KB
14 KB
Font
General
Full URL
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/fonts/icon.ttf?zf3xc5
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=6.2.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bee4c3ddceefb6558b86e3d6bbe40326f6d67e1b0b535eb6949d570e7630d82d

Request headers

Referer
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=6.2.2
Origin
https://www.hawtcelebs.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 15 Jul 2023 13:21:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64b29d42-3790"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4XQZh7t7M4YEgeO%2B%2FjlbweXzHdQpI%2Bfa%2ByuCE9AE0ujFaVrhmg1WUI6agUKb3ILeRqhCa%2BzTkAwrZyZSmz%2Fs9o55byuZNrPVHXI7lmPD3lqbqjEQS7r3Rjbqgan5yVUe0PYTv4hHqSaXqxBzCdph0w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
837483075b8e7352-NRT
alt-svc
h3=":443"; ma=86400
content-length
14224
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%2C700i&ver=6.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hawtcelebs.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 12:46:20 GMT
x-content-type-options
nosniff
age
227782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 12:46:20 GMT
c.js
waust.at/
13 KB
7 KB
Script
General
Full URL
https://waust.at/c.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Jan 2023 17:19:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3456
etag
W/"63c04119-32c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFgJVBbmrZIcYiEulhKdwf2zOfBgO54hw1UxVsIlMqEyl8HWeOq3GEno0lrhZIuNPczsf4OkWK76LrEDz8JVD3syg7tL5zFffNfMvYtRgmX%2BEeU2zJbK9ACHeWoEg8%2F0FBRdYE0s"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
837483078a86e384-NRT
expires
Tue, 19 Dec 2023 03:05:06 GMT
/
smart1adserver.com/
627 B
892 B
Script
General
Full URL
https://smart1adserver.com/?uid=5eaaf9fcd3f40068832d608f&w=728&h=90&click=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.18.237.172 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-18-237-172.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
25af976f5236686ea5706ac9c99655d269f0e620f8494ca2bcf9ea88230aeead

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:43 GMT
server
nginx
x-powered-by
Express
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
627
expires
-1
delivery.js
assets.revcontent.com/master/
161 KB
48 KB
Script
General
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-20.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd0a3a3e7028948f84a3a14f7bb2b62b78becf5be750c8a67031d534db0d94de

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 16:33:58 GMT
content-encoding
br
via
1.1 632916f9e737cfec58885186f21c18d2.cloudfront.net (CloudFront)
last-modified
Fri, 15 Dec 2023 16:33:54 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
41325
x-amz-server-side-encryption
AES256
etag
W/"03b316c7023aa5b2fa8bb01938871a21"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
kmqub8oTY9mbMri6Gpn6CmyNj-5kMyqDkC7a5G8fGzZHff6F5LuuFA==
adb.js
static.adxadserv.com/js/
1 KB
1 KB
Script
General
Full URL
https://static.adxadserv.com/js/adb.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d300::22 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7bccb036fc4379abc145f8e81bdc9ba147157fb772b97b840bb65013226fed53

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop
tokyoJP
date
Mon, 18 Dec 2023 04:02:42 GMT
content-encoding
gzip
x-age-lb
95217, 224626
x-77-cache
HIT
x-accel-date
1702647536
x-77-nzt
EwwB1GYyFgH3cm0DAAwBj/QhpAH38XMBAAwB1GY4mQHXQNgDAA
x-accel-expires
@1703337151
x-77-age
571811
x-cache-lb
HIT, HIT
last-modified
Tue, 05 Sep 2023 14:53:26 GMT
server
CDN77-Turbo
etag
W/"64f740e6-510"
x-77-nzt-ray
aa4e0e32e117f97962c47f654cd60c1d
vary
Accept-Encoding
content-type
application/javascript
/
vastserved.com/
617 B
882 B
Script
General
Full URL
https://vastserved.com/?uid=5da50738fbeb116b83fa5b94&w=300&h=250
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.136.237.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-237-229.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
0700e6b976915d04750a99f83e6bdfbb6fae0758366b0672b7e7fa56c71c5fae

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:42 GMT
server
nginx
x-powered-by
Express
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
617
expires
-1
o.js
servg1.net/
9 KB
9 KB
Script
General
Full URL
https://servg1.net/o.js?uid=a6a9ff0d0f1e980b3cea04fa
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.244.5 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-244-5.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
28aa48f7657819424716d48e35fe1fbf19ba377463098dc669d737b47dc205c1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:42 GMT
server
nginx
x-powered-by
Express
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=5184000
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
9386
gpt.js
securepubads.g.doubleclick.net/tag/js/
90 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0826c8357928963293263b76e25523251029a18d397ed85cf5a9c09c2be8ad4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29533
x-xss-protection
0
server
cafe
etag
648 / 19709 / 31080057 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 04:02:42 GMT
/
services.vlitag.com/adv1/
546 KB
142 KB
Script
General
Full URL
https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d74ffdb0d8b63bcbc31d2bb17d31b6127569a26a170dd070603fa6fbb1fdda5c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:42 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
8
cf-polished
origSize=559191
etag
W/"036e05035cbef88431e89138f2969605 2023-12-13T03:46:45 v1 default"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900, stale-while-revalidate=3600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
837483079c3ae38c-NRT
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
261 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2CJZ9YTX9G
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30e66854a124a8bdfc8340b9ce72792094096223e4fce513e34c1e9e467f0cbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90452
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Dec 2023 04:02:42 GMT
jquery.js
www.hawtcelebs.com/wp-content/themes/hawtceleb/js/
95 KB
34 KB
Script
General
Full URL
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/js/jquery.js?ver=1.0.0
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2262093
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 15 Jul 2023 13:21:02 GMT
server
cloudflare
etag
W/"64b29d3e-17a62"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wtencnr19GUxEzTLT0%2FsPVhLdhLtBb91r3GMnNnZAQp0kzQb7MS9ChgxvH9HU8nGtxCcZu4WMXfLMTviw6VpuVtXIhaKxwEI6V7EZOfhCiK5%2BV7pnxdz5IHyy2dizcLhVVw8VAn8hY%2FEUqY7nctAc5g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
837483077ba17352-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
www.hawtcelebs.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame DD26
Redirect Chain
  • https://www.hawtcelebs.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.hawtcelebs.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
7 KB
4 KB
Script
General
Full URL
https://www.hawtcelebs.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26b4bcf9d48dd182afef58c674c98e357adc8b96518fe69ccd39a24c8b7dd339
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:42 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPnFB5PA99zg5WpDyXrqmx4pglvnuiAwJ3m9ohRa2TX4dyd%2FLaUhPtmaAAfxCH%2FW%2FJtzGO7LBvnfDoUrnuy5Uxx%2BDE2xYdW%2Fxx50gp2F5NYYOE26fyPwy8HeKOjeIcPl5puWuSITnNwCwdds%2B%2FFsa1E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
837483079bc07352-NRT
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 18 Dec 2023 04:02:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFlzTc52zQ7aV3BSfYphU8q4fo5rpll35rkTU84cXcb0y6L3BZW32Eb1JhdnQ2SimkZVONXAlmPAwSBfhVO10kxmDYeKly7X%2FtDIMPtALuGEQtKAAgp9T%2FRwQTxTRfAM6ECjetj2eEdW5ImA5VKNKN8%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
837483078bb07352-NRT
alt-svc
h3=":443"; ma=86400
837482f7ca40afdc
www.hawtcelebs.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame DD26
0
564 B
XHR
General
Full URL
https://www.hawtcelebs.com/cdn-cgi/challenge-platform/h/g/jsd/r/837482f7ca40afdc
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 18 Dec 2023 04:02:42 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FoiMbhrBI%2F5r0mmgXIWBHdpQ0I%2FTn4B6y%2Fd3YbLe0rWtaG6K2rByJmlLXdl%2F6oFabdmawqUMf884NvawlkUmpqAP5FoFiIZD5O4tVtlxBx%2Bjo2qg2lQD6ZU%2FqsWDVjQuoeIrOaGBJegaldKVpvhWKiw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
837483083c447352-NRT
alt-svc
h3=":443"; ma=86400
impl.v17.25.3.js
live.demand.supply/
88 KB
29 KB
Script
General
Full URL
https://live.demand.supply/impl.v17.25.3.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e80ccbe6fe88155e3bdff0b3860a79185986ccc01e184b511dbd71d78984650
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HHMB5M6VR796DJ5TDG5A1MWG
date
Mon, 18 Dec 2023 04:02:42 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
age
308559
cf-polished
origSize=90268
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"be287328393ceb6ed6a54fab7371dec0-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
837483097d0a2077-NRT
d3d3Lmhhd3RjZWxlYnMuY29tLw==
live.demand.supply/p4/v17-24-0/
2 KB
928 B
Script
General
Full URL
https://live.demand.supply/p4/v17-24-0/d3d3Lmhhd3RjZWxlYnMuY29tLw==
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1394fd4f40f201be35b405b99a8f9cab5ebeba344bf4d486bd50e0c5da59eedf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
837483097d0b2077-NRT
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?e=ll&d=432&cs=c&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:42 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447876
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
837483098e322605-NRT
ds.2.html
live.demand.supply/
413 B
622 B
XHR
General
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HFPA6G6GW9MFDKFJYVPXF5CZ
date
Mon, 18 Dec 2023 04:02:42 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1492814
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
837483098e312605-NRT
alt-svc
h3=":443"; ma=86400
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/
432 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 07:07:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
75336
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138203
x-xss-protection
0
server
cafe
etag
14959461090202361603
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 16 Dec 2024 07:07:06 GMT
44890869
fundingchoicesmessages.google.com/i/
182 KB
61 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/44890869?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8ea9aa8bdc602603d8bee3d02ee1c6ff17412d787cc178676506889d70507691
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kZpOC1N-ik_Cev4aCUmdbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:42 GMT
content-security-policy
script-src 'report-sample' 'nonce-kZpOC1N-ik_Cev4aCUmdbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
hawtcelebs.com_native_multi_native_under_related
live.demand.supply/cp/
29 B
374 B
XHR
General
Full URL
https://live.demand.supply/cp/hawtcelebs.com_native_multi_native_under_related?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8460b0216042419f93aa04cee8a20c1650d59abf9caef6db8a377e32055583e0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
8374830a2ed42605-NRT
alt-svc
h3=":443"; ma=86400
content-length
29
hawtcelebs.com_fluid_sky+sq_hawt_desno_23
live.demand.supply/cp/
30 B
372 B
XHR
General
Full URL
https://live.demand.supply/cp/hawtcelebs.com_fluid_sky+sq_hawt_desno_23?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9da6717175c920a9e33acbb9533f9790c1f1d1aa0498af8f79a8b8bcb20d74e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
8374830a2ed72605-NRT
alt-svc
h3=":443"; ma=86400
content-length
30
hawtcelebs.com_fluid_sky+sq_hawt_desno_23
live.demand.supply/cp/
30 B
371 B
XHR
General
Full URL
https://live.demand.supply/cp/hawtcelebs.com_fluid_sky+sq_hawt_desno_23?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9da6717175c920a9e33acbb9533f9790c1f1d1aa0498af8f79a8b8bcb20d74e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
8374830a2ed82605-NRT
alt-svc
h3=":443"; ma=86400
content-length
30
hawtcelebs.com_160x600_hawt160
live.demand.supply/cp/
30 B
373 B
XHR
General
Full URL
https://live.demand.supply/cp/hawtcelebs.com_160x600_hawt160?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
182399b99b5eefd3fb2f4d907d4a8da82956120395559d090de5775db88ea8b6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
8374830a2eda2605-NRT
alt-svc
h3=":443"; ma=86400
content-length
30
hawtcelebs.com_extra_large_video_btflargevideo
live.demand.supply/cp/
21 B
366 B
XHR
General
Full URL
https://live.demand.supply/cp/hawtcelebs.com_extra_large_video_btflargevideo?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
8374830a2edc2605-NRT
alt-svc
h3=":443"; ma=86400
content-length
21
hawtcelebs.com_728x90_sticky_display_bottom_sticky_bot_cent
api.demand.supply/v17-24-0/a/
362 B
533 B
XHR
General
Full URL
https://api.demand.supply/v17-24-0/a/hawtcelebs.com_728x90_sticky_display_bottom_sticky_bot_cent?&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
185fe367a715579a0af8bfc7c991bab9a1f044afe77dd32416bc3a5cce445092

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
etag
W/"16a-pxBL6PkaAcqhPmAOrjal6RjfvAg"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
8374830a6c12e374-NRT
alt-svc
h3=":443"; ma=86400
AGSKWxWCJGlu8u8HR9oUR4aZsuAuxE_ABKc_B8AhAnC2sNpPZMd3-GwhITlxI-jIBTx10mOzMxGpJtkm8Fo95r2LmiG1tB2XzRBQu5nmK7bR-4RVF7RFVEiLCyl3r3b2Ttj7_HKJFs7giA==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWCJGlu8u8HR9oUR4aZsuAuxE_ABKc_B8AhAnC2sNpPZMd3-GwhITlxI-jIBTx10mOzMxGpJtkm8Fo95r2LmiG1tB2XzRBQu5nmK7bR-4RVF7RFVEiLCyl3r3b2Ttj7_HKJFs7giA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyODcyMTYzLDQyMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5oYXd0Y2VsZWJzLmNvbS8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
022100f0bdd0406b22dae05ebc61277bd84147f6c3a8eab417b6341e0b54dec3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3yAjtUTRRvdDjsrt1LZq2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-security-policy
script-src 'report-sample' 'nonce-3yAjtUTRRvdDjsrt1LZq2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ob.js
cdn-ima.33across.com/
11 KB
5 KB
Script
General
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
375726
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8374830b59f55eb5-NRT
expires
Thu, 21 Dec 2023 04:02:43 GMT
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 22:17:33 GMT
content-encoding
gzip
age
625510
x-guploader-uploadid
ABPtcPp6cFLY2hWh4Jsq1ikECyQC7W4mjh4EmnuRhzWGTOzS6dEzW5ULLbCJNgO78UStrk2apiuwsvCpl41D0NP7uhY7OA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 09 Dec 2024 22:17:33 GMT
publishertag.ids.js
static.criteo.net/js/ld/
43 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Dec 2023 04:02:43 GMT
connectId-gpt.js
connectid.analytics.yahoo.com/
9 KB
9 KB
Script
General
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a6:fa00:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:45:08 GMT
via
1.1 b20771afac2acd15ec58304838134668.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
NRT20-P1
age
1056
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
bwnJ6Bjb40KEKNBVjygV5jf1oIz5qfLTbznTFcVSDYlaFEYZe-KIzw==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
897 B
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 18 Dec 2023 04:02:43 GMT
x-content-type-options
nosniff
content-encoding
br
age
27337
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-tyo11941-TYO
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/
152 KB
34 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
HXAWE1XKD6Y4769B
age
1064
x-amz-server-side-encryption
AES256
x-amz-id-2
6+s+oilUP8ypzvOnvqcsOWSC8MP4mCW5ry0h3GDnDreNibE4XcvSIgCNh45KeCgp2S4bB6uPb1dx6v0KJu3DpA==
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
etag
W/"5fcefeebf5ddc7b2ddf2435967e63de9"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8374830b29ddaf82-NRT
expires
Mon, 18 Dec 2023 05:02:43 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
9f175c902b996697bd6ea2959a70b9cf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
uid2SecureSignal.js
cdn.prod.uidapi.com/
3 KB
3 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ee:6e00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Sun, 17 Dec 2023 14:25:25 GMT
Via
1.1 ea339d13159c2367df65da6b0b4ffe40.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
NRT20-C4
Age
49039
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
ZSp2aP8ov9yb0G4yj7lkGIEfeBFtafSjQMn-JegLhKsPUA1qM1_o3w==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 22:15:15 GMT
content-encoding
gzip
via
1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C1
age
20849
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
ksRu_HzEA99IQuTQlrS-lCZzCu6nGWcwC0pXBN8fguFPo_PYJxC_FA==
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.hawtcelebs.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.hawtcelebs.com%2F&rid=esp&cc=1
85 B
194 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.hawtcelebs.com%2F&rid=esp&cc=1
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
1ac63c399f7e365f9463e19d2b12f553f67bd7d0edbb510ef2229a45ff8bf233

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-FODGUaUaR4R1LJjXFMCGBbYEVV0"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Mon, 18 Dec 2023 04:02:43 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
location
/esp?url=https%3A%2F%2Fwww.hawtcelebs.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
map
bcp.crwdcntrl.net/6/
235 B
696 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
18274ce6cec57da446e19277c05fbed1c2acb8edecbe3df56a64f7c6c0e39baa

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:43 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache
x-server
10.42.14.50
access-control-allow-credentials
true
content-length
235
expires
0
increment
id5-sync.com/api/esp/
0
234 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
AGSKWxUOYNlqR5p-C13yR-tGK2Ugd1HvxqFch8DiDDAHgIkDymazreWdXjZDu53xYyfyWSEYh5sIcuCPCsLV2bL6wEeE49UJsDs_fgchLts3iGkeotFmfydKsuuRojtGJoxlqlaG9fQ97w==
fundingchoicesmessages.google.com/f/
13 KB
6 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUOYNlqR5p-C13yR-tGK2Ugd1HvxqFch8DiDDAHgIkDymazreWdXjZDu53xYyfyWSEYh5sIcuCPCsLV2bL6wEeE49UJsDs_fgchLts3iGkeotFmfydKsuuRojtGJoxlqlaG9fQ97w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyODcyMTYzLDEzMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyXSwiaHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3c537da9c8328f588df85a8e2025042881dac69947da093913e723cc55140029
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IRgJNdO5VyEL2efPjCv6LA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-security-policy
script-src 'report-sample' 'nonce-IRgJNdO5VyEL2efPjCv6LA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/
0
482 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_fluid_sky%2Bsq_hawt_desno_23&pdc=0.07657139897346497&ucv=null&e=tcp&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447877
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8374830bc83c2605-NRT
e.js
live.demand.supply/e/
0
479 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_fluid_sky%2Bsq_hawt_desno_23&pdc=0.07657139897346497&ucv=null&e=tcp&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447877
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8374830bc8402605-NRT
hawtcelebs.com_fluid_sky+sq_hawt_desno_23
api.demand.supply/v17-24-0/a/
390 B
515 B
XHR
General
Full URL
https://api.demand.supply/v17-24-0/a/hawtcelebs.com_fluid_sky+sq_hawt_desno_23?&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4414d06a71fb28d1159581490c69153d2154fc2d4ae153f1b53ca6a1d48f449e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
etag
W/"186-E/aObb+x0cv6M5P/rgGT+u7srgQ"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
8374830bde7ee374-NRT
alt-svc
h3=":443"; ma=86400
hawtcelebs.com_fluid_sky+sq_hawt_desno_23
api.demand.supply/v17-24-0/a/
390 B
730 B
XHR
General
Full URL
https://api.demand.supply/v17-24-0/a/hawtcelebs.com_fluid_sky+sq_hawt_desno_23?&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4414d06a71fb28d1159581490c69153d2154fc2d4ae153f1b53ca6a1d48f449e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
br
cf-cache-status
UPDATING
server
cloudflare
age
8530
etag
W/"186-E/aObb+x0cv6M5P/rgGT+u7srgQ"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
8374830bde80e374-NRT
alt-svc
h3=":443"; ma=86400
da.2.css
live.demand.supply/css/
3 KB
2 KB
Stylesheet
General
Full URL
https://live.demand.supply/css/da.2.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d698efa119f85b20fe4d9a694894014e3197b8e4de7e61d18d27c60eecd9b81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGFTJ0BD00ZP6PCJ3N0B1E1X
date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
535408
cache-status
"Netlify Edge"; fwd=miss
etag
W/"d894f98dda84cc5237c9b481fdf5a422-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
8374830bef7cf5d0-NRT
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/x/
0
482 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=da&r=hawtcelebs.com_fluid_sky%2Bsq_hawt_desno_23&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HEWCMVPVG2SZ1MYE7CQW3ZQP
date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1642687
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"901b70ae40b5b064aef6259e869a717e-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8374830be8692605-NRT
ads
securepubads.g.doubleclick.net/gampad/
95 KB
29 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1279931576994282&correlator=815895719684562&eid=31080057%2C31079963%2C31061690&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2Cfc61caa0-7c25-46e8-95bf-5d8216a82e5f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x600%7C160x600%7C300x250&fluid=height&ifi=1&didk=446397870&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702872163211&lmt=1702872163&adxs=1029&adys=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&psz=300x616&msz=300x616&fws=512&ohw=0&ga_vid=667190260.1702872163&ga_sid=1702872163&ga_hid=1693293107&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRjxxdzYxzFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjxxdzYxzFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGPDF3NjHMUgAUgIIZBIZCgpwdWJjaWQub3JnGIbG3NjHMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRjxxdzYxzFIAFICCGQSFwoIcnRiaG91c2UY8cXc2McxSABSAghkEhQKBW9wZW54GPHF3NjHMUgAUgIIZBIZCgp1aWRhcGkuY29tGPHF3NjHMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y8cXc2McxSABSAghk&dlt=1702872162359&idt=470&prev_scp=ti%3D88839566-4a26-41da-b49a-5a7fcf3cdb54%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D92&adks=438686288&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d94221ee6ca574b7b31c13edae17243d8cc947cc2f1c14beb9c965799ccf272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30100
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FA49
6 KB
3 KB
Document
General
Full URL
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 04:02:43 GMT
expires
Tue, 17 Dec 2024 04:02:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/
0
480 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_160x600_hawt160&pdc=0.10464315712451934&ucv=null&e=tcp&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447877
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8374830c289f2605-NRT
ads
securepubads.g.doubleclick.net/gampad/
818 B
413 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1279931576994282&correlator=2379043686709021&eid=31080057%2C31079963%2C31061690&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2Ca1ed0be8-d1df-45ae-b794-6a876bb23354&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&didk=2896977995&sfv=1-0-40&ists=1&fas=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702872163227&lmt=1702872163&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=667190260.1702872163&ga_sid=1702872163&ga_hid=1693293107&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRjxxdzYxzFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjxxdzYxzFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGPDF3NjHMUgAUgIIZBIZCgpwdWJjaWQub3JnGIbG3NjHMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRjxxdzYxzFIAFICCGQSFwoIcnRiaG91c2UY8cXc2McxSABSAghkEhQKBW9wZW54GPHF3NjHMUgAUgIIZBIZCgp1aWRhcGkuY29tGPHF3NjHMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y8cXc2McxSABSAghk&dlt=1702872162359&idt=470&prev_scp=ti%3D88839566-4a26-41da-b49a-5a7fcf3cdb54%26interstitials-bid%3D0.3%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D92&adks=2148765004&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb258de819233d19079183f383e36f2535e6d39da0cba5751c7578fd425a6370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
382
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/
39 KB
14 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl_page_level_ads.js?cb=31080057
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75f3eaaa770eff2dd12e4ad3de6868aa06091c8a8fd1b62f3524f6ad522f0c58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 23:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
15265
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13829
x-xss-protection
0
server
cafe
etag
3470722564403224980
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 16 Dec 2024 23:48:18 GMT
hawtcelebs.com_160x600_hawt160
api.demand.supply/v17-24-0/a/
385 B
693 B
XHR
General
Full URL
https://api.demand.supply/v17-24-0/a/hawtcelebs.com_160x600_hawt160?&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
780a5296906e2857cb4a1de5d18a86976897fe2a07e1643d67620240b8679429

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1032
etag
W/"181-QG1rb0vg7dUkwy6GAZgzQ7PkQjM"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
8374830c38ac2605-NRT
alt-svc
h3=":443"; ma=86400
hawtcelebs.com_extra_large_video_btflargevideo
api.demand.supply/v17-24-0/a/
392 B
704 B
XHR
General
Full URL
https://api.demand.supply/v17-24-0/a/hawtcelebs.com_extra_large_video_btflargevideo?&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9f5b311b51dd07a82760c59cc443a4a6065554e9f3dc8ad0ca68f0979b43a73

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2831
etag
W/"188-kIyQupl+IHG9Wy1lKtDoZzA7L5A"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
8374830c48b92605-NRT
alt-svc
h3=":443"; ma=86400
hawtcelebs.com_extra_large_video_btflargevideo
live.demand.supply/cp/
21 B
364 B
XHR
General
Full URL
https://live.demand.supply/cp/hawtcelebs.com_extra_large_video_btflargevideo?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
8374830c58cd2605-NRT
alt-svc
h3=":443"; ma=86400
content-length
21
e.js
live.demand.supply/e/
0
483 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_native_multi_native_under_related&pdc=0.6140875339508056&ucv=null&e=tcp&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447877
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8374830ca92e2605-NRT
hawtcelebs.com_native_multi_native_under_related
api.demand.supply/v17-24-0/a/
2 B
442 B
XHR
General
Full URL
https://api.demand.supply/v17-24-0/a/hawtcelebs.com_native_multi_native_under_related?&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
cf-cache-status
HIT
server
cloudflare
age
1032
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
accept-ranges
bytes
cf-ray
8374830cc95a2605-NRT
alt-svc
h3=":443"; ma=86400
content-length
2
ads
securepubads.g.doubleclick.net/gampad/
29 KB
12 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1279931576994282&correlator=4203114499424286&eid=31080057%2C31079963%2C31061690&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C0ab12ccf-1c79-4c31-a189-91e8fff1193d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=3&didk=4281532350&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702872163351&lmt=1702872163&adxs=272&adys=416&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=667190260.1702872163&ga_sid=1702872163&ga_hid=1693293107&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRjDx9zYxzFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBjxxdzYxzFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGPDF3NjHMUgAUgIIZBIZCgpwdWJjaWQub3JnGIbG3NjHMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRjxxdzYxzFIAFICCGQSFwoIcnRiaG91c2UY9cfc2McxSABSAghqEhQKBW9wZW54GPHF3NjHMUgAUgIIZBIZCgp1aWRhcGkuY29tGPHF3NjHMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y8cXc2McxSABSAghk&dlt=1702872162359&idt=470&prev_scp=ti%3D88839566-4a26-41da-b49a-5a7fcf3cdb54%26chrand%3Dy%26pof%3D0%26bid%3D0.1%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D92&adks=3888679435&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8f6b29c7ffa226e8adf83305b5957cb3d1c30f99df7724dfa9a48fce8f3b9d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12755
x-xss-protection
0
google-lineitem-id
5564061269
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332681208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/x/
0
481 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=da&r=hawtcelebs.com_fluid_sky%2Bsq_hawt_desno_23&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HEWCMVPVG2SZ1MYE7CQW3ZQP
date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1642687
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"901b70ae40b5b064aef6259e869a717e-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8374830d09cc2605-NRT
ads
securepubads.g.doubleclick.net/gampad/
94 KB
29 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1279931576994282&correlator=3961589766198947&eid=31080057%2C31079963%2C31061690&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2Cfc61caa0-7c25-46e8-95bf-5d8216a82e5f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x600%7C160x600%7C300x250&fluid=height&ifi=4&didk=446397842&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702872163373&lmt=1702872163&adxs=1029&adys=396&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&psz=300x616&msz=300x616&fws=512&ohw=0&ga_vid=667190260.1702872163&ga_sid=1702872163&ga_hid=1693293107&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRjDx9zYxzFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBjxxdzYxzFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGPDF3NjHMUgAUgIIZBIZCgpwdWJjaWQub3JnGIbG3NjHMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRjxxdzYxzFIAFICCGQSFwoIcnRiaG91c2UY9cfc2McxSABSAghqEhQKBW9wZW54GPHF3NjHMUgAUgIIZBIZCgp1aWRhcGkuY29tGPHF3NjHMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y8cXc2McxSABSAghk&dlt=1702872162359&idt=470&prev_scp=ti%3D88839566-4a26-41da-b49a-5a7fcf3cdb54%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D92&adks=3821021178&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a23e252e48aedbb307faf81316c26cfd14342ef0789982ae740764eb712837e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30089
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 2816
0
167 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 18 Dec 2023 04:02:43 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447877
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8374830d4a202605-NRT
ads
securepubads.g.doubleclick.net/gampad/
1 KB
609 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1279931576994282&correlator=87730599281574&eid=31080057%2C31079963%2C31061690&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C542ffbc7-3cd8-4f42-9269-0fd2787d1ee3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&didk=567249318&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702872163411&lmt=1702872163&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=667190260.1702872163&ga_sid=1702872163&ga_hid=1693293107&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRjDx9zYxzFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBjxxdzYxzFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGPDF3NjHMUgAUgIIZBIZCgpwdWJjaWQub3JnGIbG3NjHMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRjxxdzYxzFIAFICCGQSFwoIcnRiaG91c2UY9cfc2McxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVZGTlFWMDV5TUhSUlQyMWtSbFpDYjBSb1JWQlRVVDA5SW4wPRjDyNzYxzFIABIZCgp1aWRhcGkuY29tGPHF3NjHMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y8cXc2McxSABSAghk&dlt=1702872162359&idt=470&prev_scp=ti%3D88839566-4a26-41da-b49a-5a7fcf3cdb54%26interstitials-bid%3D6%26bid-p%3Dgoogle%26bsc%3D92&adks=4148235607&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
816e501db51f88ee3d200c8b64500aedd0276f3cc5b6eb81950034e2bfd5ce00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
578
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/
0
480 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?l=1&ga=0&i=300&v=2&s=loaded&p=4&es=undefined&e=ciu&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447877
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8374830d6a362605-NRT
e.js
live.demand.supply/e/
0
482 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=d&sc=hawtcelebs.com_native_multi_native_under_related&err=Cannot%20convert%20undefined%20or%20null%20to%20object&e=as&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447877
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8374830d6a382605-NRT
container.html
861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6775
6 KB
3 KB
Document
General
Full URL
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 04:02:43 GMT
expires
Tue, 17 Dec 2024 04:02:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/
0
482 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=hawtcelebs.com_fluid_sky%2Bsq_hawt_desno_23&sy=2b795f7b-d9bb-4827-b2a5-4f478742f879&ts=92&cd=2&pud=432&pus=c&pue=3154&pid=98&pis=c&pie=3253&ppd=594&pps=a&ppe=3748&pcl=2845&ttc=3545&tti=3929&ttif=0&lca=3748&lcak=ppe&lct=3748&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=300x600&mlbw=4g&mlcs=NaN&mltp=88839566-4a26-41da-b49a-5a7fcf3cdb54&e=lm&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447877
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8374830e5b3d2605-NRT
view
securepubads.g.doubleclick.net/pcs/ Frame 9E14
0
0

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9E14
0
0

ads
securepubads.g.doubleclick.net/gampad/
426 B
199 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1279931576994282&correlator=1769670664987793&eid=31080057%2C31079963%2C31061690&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2Cf2517206-6718-4305-8513-e43258ca83c1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=6&didk=4281532350&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D6038cdfcd01d53d1%3AT%3D1702872163%3ART%3D1702872163%3AS%3DALNI_MYRXuI2033B8iv9QtSih9k-6AxVKA&gpic=UID%3D00000cb34eaac839%3AT%3D1702872163%3ART%3D1702872163%3AS%3DALNI_Mbo9lTSy2cwlS9Dpxc2OhK6BDRClg&abxe=1&dt=1702872163599&lmt=1702872163&adxs=272&adys=416&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=667190260.1702872163&ga_sid=1702872163&ga_hid=1693293107&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDc0Mjg3YzAzZTlmYjdjMzNlYjRiMmQwMWU4MGMxODVjYTAyYzZjYzgxODljNDkyOTMxZmYyNjc0MWY4Yjg2MTUY2cjc2McxSAASGwoMMzNhY3Jvc3MuY29tGPDF3NjHMUgAUgIIZBIZCgpwdWJjaWQub3JnGIbG3NjHMUgAUgIIahIYCgl5YWhvby5jb20Yw8fc2McxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGPHF3NjHMUgAUgIIZBIXCghydGJob3VzZRj1x9zYxzFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVkZOUVYwNXlNSFJSVDIxa1JsWkNiMFJvUlZCVFVUMDlJbjA9GMPI3NjHMUgAEhkKCnVpZGFwaS5jb20Y8cXc2McxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjxxdzYxzFIAFICCGQ.&dlt=1702872162359&idt=470&prev_scp=ti%3D88839566-4a26-41da-b49a-5a7fcf3cdb54%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D92&adks=2443245878&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e6bca11ff84ace8c1d7e306cf6c242debe74e69c54ce067ac04a56cc85c7255
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 6775
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 01:44:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
8285
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 01:44:38 GMT
css
fonts.googleapis.com/ Frame 6775
8 KB
846 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 03:53:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Dec 2023 04:02:43 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 6775
15 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 16:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41335
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Dec 2024 16:33:48 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 6775
376 KB
131 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 16:33:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41334
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133672
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Dec 2024 16:33:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6775
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 01:44:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
8286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 01:44:37 GMT
csi
csi.gstatic.com/ Frame 6775
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lqae4aqd&c=5702684397138&slotId=2851342198569&qqid=CObejpONmIMDFYeW6QUdj4IJuQ&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6775
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 09:21:58 GMT
x-content-type-options
nosniff
age
153645
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Dec 2024 09:21:58 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6775
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 19:42:53 GMT
x-content-type-options
nosniff
age
375590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Dec 2024 19:42:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6775
0
349 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CUWlnY8R_ZaahEIetpt8Pj4WmyAv1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEtAJP0J2ioVEDabUuJHHGsAskP4-nAmv5CJc_03aqVR9WU9fFoeAcTskWblJq_etiGTpJwMUftd5-wjqd4H9qkMdxTuTQPjWGfXwaXbgciYJ0k_AlvBMjAuYbW_HqA_R61uqkdOhf1tfPpSdzuctYc42i_rOqQC6GvYjPAs1Tf4fKslceldLPLqqB4ay7b0zw0FYLInGFNw0XKz22WjqVvQLG6dbSwAo4WlPCzMa-PZ8YNZGl70XPXwzRsumHV0onN_Mpz95f_xFwky_6bDn7ksxzBY-hgLUodP99r0g_JW21ko0kdXjeHLPZf6n2BixIkbr1WqT36jMULcHZZNjw6xgWWPlRBd1d3O7x5CyXchOH_TXIY-C318CgY-u2qj86JaLFk8YdsIBp0jrsBBwwMLFLKpmqn8AEyZHuzckE4AQDiAWBoM65TZAGAaAGdoAH6pCVvgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOliHr42TjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAeALAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJKUOINEwjI2Y2TjZiDAxWHlukFHY-CCbmwE8qjyBXIE96B9-MD2BMKiBQC2BQB0BUB-BYBgBcB6BcD&eventType=clickstring&clientTime=1702872163675&ai=CUWlnY8R_ZaahEIetpt8Pj4WmyAv1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEtAJP0J2ioVEDabUuJHHGsAskP4-nAmv5CJc_03aqVR9WU9fFoeAcTskWblJq_etiGTpJwMUftd5-wjqd4H9qkMdxTuTQPjWGfXwaXbgciYJ0k_AlvBMjAuYbW_HqA_R61uqkdOhf1tfPpSdzuctYc42i_rOqQC6GvYjPAs1Tf4fKslceldLPLqqB4ay7b0zw0FYLInGFNw0XKz22WjqVvQLG6dbSwAo4WlPCzMa-PZ8YNZGl70XPXwzRsumHV0onN_Mpz95f_xFwky_6bDn7ksxzBY-hgLUodP99r0g_JW21ko0kdXjeHLPZf6n2BixIkbr1WqT36jMULcHZZNjw6xgWWPlRBd1d3O7x5CyXchOH_TXIY-C318CgY-u2qj86JaLFk8YdsIBp0jrsBBwwMLFLKpmqn8AEyZHuzckE4AQDiAWBoM65TZAGAaAGdoAH6pCVvgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOliHr42TjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAeALAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJKUOINEwjI2Y2TjZiDAxWHlukFHY-CCbmwE8qjyBXIE96B9-MD2BMKiBQC2BQB0BUB-BYBgBcB6BcD
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 6775
0
225 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lqae4aqk&c=5702684397138&slotId=2851342198569&qqid=CObejpONmIMDFYeW6QUdj4IJuQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.d5&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 6775
33 KB
18 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DyTf2_SOIupztjRiZ3n8-gzyewZRqZ8dCt_2-QRKd0tPsVB28VepGgrolw2SMnAAz1jtj21humphuZnZiNTV5anXd_eQ&cry=1&dbm_d=AKAmf-B5l--bVqv5GIi3euloTrPFGyhJZ-BzW2Ro92m4fJoSGZ7ip4E4gXZTEJtvQYyApK8iPZ_WFIgRF9dGHV72-G88pKlHUA6FFWTz0-7zPUoJ64l5Mz-K-veAP8mS2YNXS1d6L1TpYFVBV5ryDdfCiNI9RCu_EAIvnEcasswx8ooqY9krlwyMjQVm42s6qcio2svcFNw4_aCtKs_D3_RMv7C5i_6TiAr6mEf4NUMesHUuU5GXKxG5mlqk0TOpda6XtpmuMiO1z9bGJXTVN7XENxgCABJ1Da96rryHgQrMxitRJnjTpceUMm-cqf4DR9C6kYtN8AUekKTx9GzsrnVHn-YHUzZDHOyXcML-vwM-NYM7PybbrbnCmogCzPbMcRzZ0K1aCSXSvF2y_tCBY-ypb5PkGyYCo3t_QTH_89ZyzP2lPNA_0kea3JuuzJujIF4_jLI3VRKCPjHgB39FL1hbUMIvt8vNuFCCPIvgnKgqJ1_Qi60g23NoatIP3QTHWRe_FME_HEv7w6hS66LO9udPm4egc_kC_rHuRn-rVhegV2KwOjfL9vDmDb3UjzndBfHfl-q464HJDvtfLKk7xbB_X34SPiC24KKbH1Q7VQ59I1s5NBIPiN5DmJ0_EUs7LagLTbU1w0LRpB-eeKyg67LLq-c0WIdkh6foMxbTyFGOM94_6ggdZHdYJ7WeKXBbb0XDC_Q6rX37KMlmAhDHwyuCVIAgAgzD-jq2YYH-5NiMZp7XbmFi1qirx6rxu6MGYzVPnBTaUiUs2ia15Umqh9SIDQ_BXO1tMAGNZ0gTECY_gzq2Thp1F93S_JOLQeNbUlfaovqFkqoQYnOHvGPS1aXuc7KrCcU1lkPhdaMbapr_pccBnrO5KObHuAdSCoezeX9ZHQejz5wSEx8PB1AueEFRCMbHfaWcp9KX-xN71kXhx3TRF0HOBrHAfiodGdlZJNQLIDynnLOiEIlJnO3K4Bf2RjmrVLHWRzwOB0Jlr3nJeXyIlQDdccCZs_sITBfRtXh2Sz392Mq81UTZGQlRpa7jSvWWVQW_97I0qqaqPFS4GUw4Uuc6wHzPxBjggaW_wueoa0fhMx4PPi0Xxg0pEcnoprODBdbJ0ml97fOWxPP2o_z43ef3aI6VBI5u7ubg6bfAoRugs2GBkQl-d02aPZtJsO6EdQFRwyVJ0yIx85qyZzm8BH8q80QRnEtea4pK6m3UKVeFTnmVkYEkskjwSCUoral2g46wGFdION1-Cz53vJi6xDx0vrZQ40CRUgmYTjZD-ueE9ULgVe-i4E0XQnaq4oZx0b5kkt0j-79R7sSos_InG15pGSg3Ea96VAQGZoRfpjyl2nxedNvLO_GKw0stA6gH9EsNHIUrWaleA3Tk7o2q2JPzgiCHbSeLfik5IrvCJwKH4T-xwiqAr_xaoLxGGZCxTsQM76jELXOYNBruqu0McJQ3PMMDaI0Xrnrwb_jyl49u6Y0L8DUx1btsjmN7b-MVK5qJtQ7VCNbqJuvlGKJUVihZgj49x7GwZRnE_U58Qpb8i3oEr0QChH9Sz6lUkYxRQG-TF1725k50g0790H1tLeu1sRlR2cizhnONVm19X0UB-J4fy2rpSuoV1XcOCRWzc2aySlM78_RchWsdO2_jUOSBbcBQseJaDPATJoTSdlfbzE1ytUDFaKcwLtD54z3Lhh0OdBR4cEYhOZ_dnf2Rr8epDgUBfxOdBSSDUnL8-Bq2dZ4rFKZWU_laTn1ckBgnwKFpD6xxVlX3nwV-lWjUM7XepX-IVzVG8-TvpNUQdrwnHbH1eidAGi9gtKUwrWQXZRcC8RsETC9or7sCSTDlN9hEyFOoyF-YiDYzF0Fcnv-ZFCPL_wYhWPODW-fS70I0iKXN2l_8XugOUe60F_dmYkUEezGPtldETbx7d3l4L_xh1HtrYHAnaxbWHduBqe05rF_jE6ojnW5Pjw1cZevlPhUMqeD86P5IcE_6qnGoMw3kz8xvJXDLhxz2NUut9M75CW1zDzkq2wF25Ht2jKIHnpNFTmci1GBvSqdR4i-fuv0GWBUjvHyWH34SCA75PsPEXB4eoEaD1YstN_-LWdKxW85k0qT-rS0B1XSLdemQoG4F2-rbN8g6CxvQDAJvqZNdm-BrAuDOPGiNfnuAINEG4hbCqqYlCBaSYSYuYNRU7Vk7_h7XU9XmnLMIYEbNGhNSG3jUMNil5j_mapsrToJwvCv_awwT492Ibr1avLZ6eiaXXDaCBqMf7GbKaBE89pr_PK3r52dI46pQCyKODSxw09LOacn75En8jTRJHvC9Mm6MtMzedJ4Kv9DRlcgOXxzw18olhwRz0IIKiA_KPlD95ZizJ9LFUf5Ns689M3o7jU97ciMSF6zcDLIvA5BicZePrWYRP_Zo2Pyg2HdWzC5YuxgxywCRyFH-U9-GUmZSdXqnL8jXwhBS3QO13Alj2g5xdH8yBZqWPCYGtTKY6XWNibmEiSdT4HEHJ9Eg5xt_FeNpcmjoH_otZi_SwOGhCkgBe1ejZD-Kbbv02XTsanY7BeUfgj1qAY1ba7-MaQUthDnrHqFTDKQN29S__G5KFNIGisRtvgu0W5BfAfobhW0SfsU4PwJ7wbg0Kba6JKkKShP54fcz0VHghHFdk1oI94ngEhH-INHxmB6cjuDh_cAc2oqSWTfbTXXmPq0S_Lvj3dSa3Gri8m20Q_vvy0xYgEe9_qyEHKA1H-_7niWJSGFMV0rPaDV95uPeH53TBMbvusZapUXJdS8OwZlKKKG_Autalf4GRZJROjGR8_uB0g61JiuxH4TqwU6q-Rh5i6U0fnr9m7F-xsCXsm7clpYDwac9GSj36FmhDPO4yuwXicVcliF0Nx3zl5gdFAsVxhvtT2rD-vuP_gg063L1ezXqwKcSmTnycV21fjQak52hKBG2AX5VUfWrfAchb_NW353_z-pTqXkNQszHoK3UoXPvpPUiaIlGp7ouNNr22nOpEJd8ziAzwSpvyT5wmY_FMLWgRkZLoZ9un8QCU6vAYS0ErGoiJmt3Xg-rL-oA2iHpoleCsfy5971X2jT2Drs9svlHmMQYQh6PuYC-ndR078PjSOjeweFaoUq86oB77ZdCJeh3DAfk3Gj9GgxA2Fs1hjBbB8-0zFW3eYTovUTjbAbpmpiuXPkHdR1dsuazBZhnRETVtBwclI0OUbEDehamsvs7RS2gX_isGSs6I2ZAyAkc-CcC48AFuTzVXDVUGuttlVCqOy2RUUOc8cgYYiXXsgpWilr8TfkM2gBrlMfaMW60qDM8hi_g6eN3LG0AyxuPl9mIfbkz6RMPA6qJCKiBEwDw3hpVORYucNWivv46ryqpVmgYxfJBJ1e0F1OqJtNYopZEuNQWzqNQ__FPUwbTO9kaF1xsiFj5g1xIXfFnZKp_aFctxUwic084QFDR18sQVsWh2v83u38_ohsb8ilhiTQvo9vyv8UObPp-TmNHrsBUATd5F-UJiHQBFUxpbz67OonsOmQfNq_rxMDhS608V5jDNUZI9GOq9fceZUBbVbJgdvgsBC2idTYndtLtYm9bCUlJyXG_er0xfPaNOAS4y6F5jOUA236j21UuNlJu8LlJMElcqumJDLBuXi0wzo5sfgv7OyN_OQIu3kB99LEp0fTk5Bjlkvv1Sxsa3k232NEkFSmyaFB16ZE6z07gopG_k0RLJk4ErU-k5JrwZIZnY-XONHlNKS9llQfK3yJyiGNkHXNcI0WVnQakRnJTy0UWu0vMfS9HrN5owA1tJIHSsfXS3JdVFBt7PSsoMEoB7mp7LkqVPZa8Q7lbjTCy3qp0tZ2NNQimJCVoxKgO2c498-L4NgDoFDbqwu8aBvRcPSoKvDaBza04gtBtd-zZKlDmrL9nvdASulSMve5q6cFaOFuh3zteAv7mNSYnzfUceBgMLqi5ldnXOL_MKHQE9QzR9PkTKxlTRocr5H85mnoFy0v_KV6ZQHnGTXHy5BNF2DLujDDoZugbDFS7FIfsBDbDpHFesy-PDxVyUK57RCjGic0ePTHGZYsMUOlR17wO8Ftz_tZZ7dWEGLrALZpTpsarmDQXKrczbSPNNNef1q5u8hnK7kT6gM7n4nzpoN13XuxhARU_X6enp8xcxEVgIo7pa5dh1NXeViUQUCcocsBXTh6Lf-yqI_Qhm_gGns7j7WLMwIn2-ySKHz_tRiaoo6QTn7VOkqJWc_0gC0mwJlY7LxPtZKrQXESwMYaToepwSfbtrZ-8wJQdz5vDuB_gxn2ao8GquG5TqTnZriCH8IfwlTOoZAt9-g977lZQ-JOO3OfdohLUYJNg9kV_R9k1O_D43HW_4G-q3Wo8PbDbTP46Fv2Vt1QdcVos-LhfcUwPAqNQGxvlXkVHtTJ-dutryIljSBq5Z4GMHjgHcQXJRPoBneKvLmQGfD4anaKJElZ-AL8YypD3vHmU1eYim-pl34sNQT-CuMfXvfL0wsiGjC5_PelZLGaMQngfhjqawwwQk1UMaaDx0HNOmgy4UFW37dcBPaPms13SnFE_uBMouqxPrr10lj05EBdX-agdcCTs6ykRlam7mAbmEUso-R-YgFw-67TKPr_TJd0WAgVRwcbC2-8hFaTKryxLf0YoeYhGvOkfN9vh-U-pka2UL3vpyEjCx2HIDva8CFg7ASWJVNEzn4yFWi-5L0QXF3D46jYHLoXROhOIwzrJnz4Q2IRJZ9OIdJ848n7E31cRMeTyuxq3AIBaS8XyxGQk2YZr17UdmrLrjXEtrvGiOVw4YouJN9OmFH9xjUYsqde-x-4PNyVZz5bKCUdydvifrkqmumJiToDE0C_iCr37CoO-X4Rx2bvk0YKYYBcRrX_-jG9P118rNraExwsrHqwGlniPYS4H0kM6RzznizMskOkrBEkqK37HjZ0eFAuifvc&cid=CAQSTgAvHhf_YJlZ-ZvCOT-PQl99i0DAxjz4JPpLzG8B4FS84QzpsCxbPC9RsS9aadoBMYvhWNSsGc28mr3th5ofAZfspFUXTVQ_catM6sexPxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.174.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f155.1e100.net
Software
cafe /
Resource Hash
7a8491eef543cf338abda3282b3460df6a8c0efa668223039f34e2e2b3eba99f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18060
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
576 B
267 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1279931576994282&correlator=2894353664976335&eid=31080057%2C31079963%2C31061690&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C061c5cf4-d3fc-48ab-826a-d8818d546656&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&didk=2601836615&sfv=1-0-40&ists=1&fas=1&eri=1&sc=1&cookie=ID%3D9d652933b49b6363%3AT%3D1702872163%3ART%3D1702872163%3AS%3DALNI_MYbIv867hrRAUy88sv-ngWoI-ESSQ&gpic=UID%3D00000cb34febfae4%3AT%3D1702872163%3ART%3D1702872163%3AS%3DALNI_MYJG4nMbE2_k4xp1GTIw9Z9sYb3rg&abxe=1&dt=1702872163701&lmt=1702872163&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=667190260.1702872163&ga_sid=1702872163&ga_hid=1693293107&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDc0Mjg3YzAzZTlmYjdjMzNlYjRiMmQwMWU4MGMxODVjYTAyYzZjYzgxODljNDkyOTMxZmYyNjc0MWY4Yjg2MTUY2cjc2McxSAASGwoMMzNhY3Jvc3MuY29tGPDF3NjHMUgAUgIIZBIZCgpwdWJjaWQub3JnGIbG3NjHMUgAUgIIahIYCgl5YWhvby5jb20Yw8fc2McxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGPHF3NjHMUgAUgIIZBIXCghydGJob3VzZRj1x9zYxzFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVkZOUVYwNXlNSFJSVDIxa1JsWkNiMFJvUlZCVFVUMDlJbjA9GMPI3NjHMUgAEhkKCnVpZGFwaS5jb20Y8cXc2McxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjxxdzYxzFIAFICCGQ.&dlt=1702872162359&idt=470&prev_scp=ti%3D88839566-4a26-41da-b49a-5a7fcf3cdb54%26interstitials-bid%3D0.1%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D92&adks=2345590153&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
678d9bdfb8af0485c319c05611f694e1f87a3289b47faed50c40c6a6b1130540
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 6775
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b553f424485a9da85b33613677534de714910c6037e4976fa359a95b771cbb4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_auto_interstitial_desktop&e=nai&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447877
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8374830f5c192605-NRT
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447877
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8374830f5c1b2605-NRT
ads
securepubads.g.doubleclick.net/gampad/
907 B
469 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1279931576994282&correlator=600796346205260&eid=31080057%2C31079963%2C31061690&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C05d68e4b-c539-4fe7-b7a0-36adfe74d624&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=8&didk=3119848368&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D56c6e5ded1be2663%3AT%3D1702872163%3ART%3D1702872163%3AS%3DALNI_MZyGom67QGcT1mNVfzVL0Sl-9z2CQ&gpic=UID%3D00000cb34e172b4d%3AT%3D1702872163%3ART%3D1702872163%3AS%3DALNI_MYlQAa91UnfabtujejbPEKlFzHjPQ&abxe=1&dt=1702872163742&lmt=1702872163&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=667190260.1702872163&ga_sid=1702872163&ga_hid=1693293107&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDc0Mjg3YzAzZTlmYjdjMzNlYjRiMmQwMWU4MGMxODVjYTAyYzZjYzgxODljNDkyOTMxZmYyNjc0MWY4Yjg2MTUY2cjc2McxSAASGwoMMzNhY3Jvc3MuY29tGPDF3NjHMUgAUgIIZBIZCgpwdWJjaWQub3JnGIbG3NjHMUgAUgIIahIYCgl5YWhvby5jb20Yw8fc2McxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGPHF3NjHMUgAUgIIZBIXCghydGJob3VzZRj1x9zYxzFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVkZOUVYwNXlNSFJSVDIxa1JsWkNiMFJvUlZCVFVUMDlJbjA9GMPI3NjHMUgAEhkKCnVpZGFwaS5jb20Y8cXc2McxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjxxdzYxzFIAFICCGQ.&dlt=1702872162359&idt=470&prev_scp=ti%3D88839566-4a26-41da-b49a-5a7fcf3cdb54%26interstitials-bid%3D2%26bid-p%3Dgoogle%26bsc%3D92&adks=3396334874&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cefce1f43fc3ac05ed8d2817454b6f4101a009e93105d5fb0e27144efa25498
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
439
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 96FB
6 KB
3 KB
Document
General
Full URL
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 04:02:43 GMT
expires
Tue, 17 Dec 2024 04:02:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=hawtcelebs.com_fluid_sky%2Bsq_hawt_desno_23&sy=2b795f7b-d9bb-4827-b2a5-4f478742f879&ts=92&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=300x600&mlbw=4g&mlcs=NaN&mltp=88839566-4a26-41da-b49a-5a7fcf3cdb54&e=lm&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447877
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8374830f9c792605-NRT
adview
securepubads.g.doubleclick.net/pagead/ Frame
0
0
Preflight
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2cYoY8R_ZaahEIetpt8Pj4WmyAv1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMBqgSxAk_QnaKhUQNptS4kccawCyQ_j6cCa_kIlz_TdqpVH1ZT18Wh4BxOyRZuUmr962IZOknAxR-13n7COp3gf2qQx3FO5NA-NYZ9fBpduByJgnST8CW8EyMC5htb8eoD9HrW6qR06F_W18-lJ3O5y1hzjaL-s6pALoa9iM8CzVN_h8qyVx6V0s8uqoHhrLtvTPDQVgsicYU3DRcrPbZaOpW9Asbp1tLACjhaU8LMxr49nxg1kaXvRc9fDNGy6YdXSic38ynP3l__EXCTL_psOfuSzHMFj6GAtSh0_32vSD8lbbWSjSR1eN4cs9l_qfYGLEiRuvUCpQ0_oOZLUyKQJN455DDCLmSsCnNvQ5VWqbFUGS_0HNCSbHjiaVWnxZiy1auQxnccSDKcmJAT3sLWFfgbQxYtwATJke7NyQTgBAOIBYGgzrlNkgUGCBsQARgBkgULCCIQARgBSK7_kwKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB-qQlb4BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQ2KMDGMWr5f4B0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOliHr42TjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLiDRMIyNmNk42YgwMVh5bpBR2Pggm5sBPKo8gVyBPegffjA9gTCogUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35E-gXAw&sigh=hostz1IrTAU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_YJlZ-ZvCOT-PQl99i0DAxjz4JPpLzG8B4FS84QzpsCxbPC9RsS9aadoBMYvhWNSsGc28mr3th5ofAZfspFUXTVQ_catM6sexPxgB&vt=10&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 6775
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2cYoY8R_ZaahEIetpt8Pj4WmyAv1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMBqgSxAk_QnaKhUQNptS4kccawCyQ_j6cCa_kIlz_TdqpVH1ZT18Wh4BxOyRZuUmr962IZOknAxR-13n7COp3gf2qQx3FO5NA-NYZ9fBpduByJgnST8CW8EyMC5htb8eoD9HrW6qR06F_W18-lJ3O5y1hzjaL-s6pALoa9iM8CzVN_h8qyVx6V0s8uqoHhrLtvTPDQVgsicYU3DRcrPbZaOpW9Asbp1tLACjhaU8LMxr49nxg1kaXvRc9fDNGy6YdXSic38ynP3l__EXCTL_psOfuSzHMFj6GAtSh0_32vSD8lbbWSjSR1eN4cs9l_qfYGLEiRuvUCpQ0_oOZLUyKQJN455DDCLmSsCnNvQ5VWqbFUGS_0HNCSbHjiaVWnxZiy1auQxnccSDKcmJAT3sLWFfgbQxYtwATJke7NyQTgBAOIBYGgzrlNkgUGCBsQARgBkgULCCIQARgBSK7_kwKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB-qQlb4BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQ2KMDGMWr5f4B0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOliHr42TjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLiDRMIyNmNk42YgwMVh5bpBR2Pggm5sBPKo8gVyBPegffjA9gTCogUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35E-gXAw&sigh=hostz1IrTAU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_YJlZ-ZvCOT-PQl99i0DAxjz4JPpLzG8B4FS84QzpsCxbPC9RsS9aadoBMYvhWNSsGc28mr3th5ofAZfspFUXTVQ_catM6sexPxgB&vt=10&cbvp=2&vis=1
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Dec 2023 04:02:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 96FB
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 01:44:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
8285
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 01:44:38 GMT
css
fonts.googleapis.com/ Frame 96FB
8 KB
750 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 03:48:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Dec 2023 04:02:43 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 96FB
15 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 16:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41335
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Dec 2024 16:33:48 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 96FB
376 KB
131 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 16:33:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41334
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133672
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Dec 2024 16:33:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 96FB
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 01:44:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
8286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 01:44:37 GMT
csi
csi.gstatic.com/ Frame 96FB
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lqae4aut&c=1324699826774&slotId=662349913387&qqid=CMaxmJONmIMDFfWc6QUd-J0DWQ&fb=outstream-lima&sei=44752538%2C44807615%2C45401791%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 96FB
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 09:21:58 GMT
x-content-type-options
nosniff
age
153645
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Dec 2024 09:21:58 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 96FB
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 19:42:53 GMT
x-content-type-options
nosniff
age
375590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Dec 2024 19:42:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96FB
0
56 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CHIWLY8R_ZYb0GfW5pt8P-LuOyAX1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEtAJP0DbzkXxr76XuaKkAMrME5jPxg7JKoE9U_BCsYiMVOCMK__Nj5NIW2ofc0_vMGYBXbSxXyKC7fM7AWow5QDLi1ckV5fTJxKVGXo_6rok0aBmQgGwCfZT15ZoTiRJzFSC2w2S_gipooA6JU6_bYL2Eoxz6Gd7Wy5iUwI0rl7_LI5AibGaDhdR8EM-GHoJissMzbJGVkkJN7pVAG64hIdPYFUvhuE9eiqQqDeA3YWnFBU9IR1cu_GUD84Aq_JDeG9XclBeM_xmG9xw7oQygWGquk_ZFjddJ-ITpjb45FaHYuJYo0odsw4tnEBkP2bnvoXJKDBgCX8eNyec7vKQ0K5RyNOw-Qo987pKScaNuMioPFjUeGKSt_pDgx_uQWL4--07-CF1_uIx3H_DguCBorQcBVR0SIcAEyZHuzckE4AQDiAWBoM65TZAGAaAGdoAH6pCVvgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOljF6paTjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAeALAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJKUOINEwjenpeTjZiDAxX1nOkFHfidA1mwE8qjyBXIE96B9-MD2BMKiBQC2BQB0BUB-BYBgBcB6BcD&eventType=clickstring&clientTime=1702872163833&ai=CHIWLY8R_ZYb0GfW5pt8P-LuOyAX1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEtAJP0DbzkXxr76XuaKkAMrME5jPxg7JKoE9U_BCsYiMVOCMK__Nj5NIW2ofc0_vMGYBXbSxXyKC7fM7AWow5QDLi1ckV5fTJxKVGXo_6rok0aBmQgGwCfZT15ZoTiRJzFSC2w2S_gipooA6JU6_bYL2Eoxz6Gd7Wy5iUwI0rl7_LI5AibGaDhdR8EM-GHoJissMzbJGVkkJN7pVAG64hIdPYFUvhuE9eiqQqDeA3YWnFBU9IR1cu_GUD84Aq_JDeG9XclBeM_xmG9xw7oQygWGquk_ZFjddJ-ITpjb45FaHYuJYo0odsw4tnEBkP2bnvoXJKDBgCX8eNyec7vKQ0K5RyNOw-Qo987pKScaNuMioPFjUeGKSt_pDgx_uQWL4--07-CF1_uIx3H_DguCBorQcBVR0SIcAEyZHuzckE4AQDiAWBoM65TZAGAaAGdoAH6pCVvgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOljF6paTjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAeALAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJKUOINEwjenpeTjZiDAxX1nOkFHfidA1mwE8qjyBXIE96B9-MD2BMKiBQC2BQB0BUB-BYBgBcB6BcD
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 96FB
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lqae4auy&c=1324699826774&slotId=662349913387&qqid=CMaxmJONmIMDFfWc6QUd-J0DWQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.cv&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 96FB
33 KB
18 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CDXvRMyursheDuu5nREn7Xe6KNyvtuoqCbxcDhgazqWnZ4ZkA0XqZ2fam8D8gb9I5utKmJP3eRHlkZF2jAGxgNK2AshA&cry=1&dbm_d=AKAmf-C6Q1kpaF5Jt0BGlLLsAIVsd_u_UZftfJs6RUhdUNiNW2jvK6jbZqoN0GryieqzEe1ROdU8sRGImFyAFRB69xWTE3dM8u24fCa-Gx1zNAJHsi51DL0XIZH1i2c3e4mZqcGr2MYfuhx3SZbkX0M3J5ODNsL_eVeuzShtPqh4vYORHfTn3KUbvDbfFscs8IBVmJ27DltdZJqKONH2uWyOrDnsoFsvXOSBaR9ZJzHU83vbRkwMs0Fb0DdEhGaenoDCjzPJ1lhdFVqVYKZ4Tu1aSuFLmVJGQ92R76flR7pCfaXbVj63QbfwjGsOmY8ybat6dsSkfAAUhw__eqXG2K7abm3HmI8MmmNqk5lLad_L0pJ4t2ArB0lV5utvt04UlcUDz3CIEMeZwLGSAvWWEhew6F-mZQhqa_xMHglv905PsfcagQMuzhJt08V1E8z-vuwIB0IEYKPYACPSuJA0cbSB07hBP8tcSgLAMpku2qlZX1zgZuZDuz9oN9sSumbgmEXtstGxcbhLECpAYwqx0v3-rJVrE6fubZVaFynczH6vaGClIe_dpTlTshpOkRA195Grr3n3Ek1t50ZNQt0Pd3G5g9GacKElSyxXHhzBib2J9pdKScjwewAgUBXO126H8arHgiABEtTF_OAccGPB9fKXbgYJNfa9sKPTnJp8smRFboozAqPfGXnm9Cr-M2-Gf8TpTnHhW39IH857UZ9vTAHR7vNCLtk-0chNUPMREMvFS4LwKxdBqT6FXC01fqe34tnH3L-FzDMA6kS4UXRpMXTM2g2mU7J2G1ruxqpUtoPqglkr0ljtqf5cxk3m3jQFW1uBnWgcoQlvUtf0VV-tjYTR4njimOvk95dakh8x1OBW2r0RZ-3yEWievBOIa5NZnp1s6wcUwiQOSU0wg4vW3hGQiZD4sp26a_yCkbcaZEMcgixfnMEdyeqdvgaJWmoaxCdC-0n9W2LMKcqdwn3O2GP9X_1HfGW05-GVwWTzN_k9tbad5Fpe0CO5soykt_9iYootyxGALYv9HiBgOwVmWwah8kJSBqvkd2eC-lD3SkU6WFdxZZEfmRli8qwuEvU3y8x6cHWrAVKyL1zSX-Gz5r47huIj58Y8dkGanjqtrDX_rPboJrYqBoiH4YNsyw4SFwp-AZQ1LXBVc7IBLu_CZ71IF_ghF3R6fWyELuna3stNkBeavz7XyzUDlTgQiwZ4L-rtvy6jub2d1hGrt7NrGV9PGg_H8SHh2fRh-AyJwJKjE-0uEpLUQanuI747xBL2mWOO6nCirFwoVR6VVlGf3CYtnUMniCPDS7oP5tpq3h_xLKrg58tOPesohwrZYfxCMKj0tSVIuUlR1UdO0NNQavk0eEu0ja1K5yeLYLlyHbFKyem2ugD_uRx3vw-aj0r74UZe40hjTuKu1ejXWNXLFdMicTcHtN6fAiXLu5qV7oNL2bFgyyNKIKCGnO61BVg2cPUBRNQisG4tx-65Ws4F3adMByt9R5AUeXvIAZEJ5yoHw1PdEYBZ_mdstwceG8owKxWgUB1rsAIIshts9cwOXCO3HW47w-D8RNrnKWSbqIL6PBJXLS-d2Iny7h7T7G2RrCkZrezmpYFwruB_cP0Jq0pkbV0oYQnAjXhPeatwjgH8lMqx7azf-5kSpQUu-DiA8RcWEq6GC99N3zar9k7lpF-uUl16OgqMd6CTJsetL2qIFUFifWNRT3jtnGU16CoGJgUBXPnA_Bn96Da8QolPb8c7d8MYomkH2ShhWxgVjx1R6Ty3NWr2BDdN7QfNvIktt-8xmTH64TXX77rGtfWd-aG5SEKcKJo5TPnLQX9NKt6Ix_RFXtne41Hl6e-8CuMNRbRvWA5aIP3l8BIQq6qvA2SE9yThBpJCwYV5I1fd1ByU0d34f5KpVydFOR146q4vPkXZqQkEYBZzJVOKrMCcLf3LePrRfc3_duKN1XiCGrMoVCYe0MnSoEB_MP3cxEnDtVvoqIYm8ZD37qVKPKv2fcvY9PLAYa3EvC8lrBcS2Kin4RJCJ-3ntyleqxcJd6OyNPnGG4wkdTO8zEyIMGdwIcM5Eo8CYpSY8yRopqLq4VL9ir8cKXPGfotlVGVau9Eu1bFKIdPKd_PngQ_JUnyCCas4gIWctQglUVFl09woLinOQtSpyCtapjs7igrD7x3a0gP9Xk29147dOr6xg70cx36OA3bTu2VnlfcQBxnMZCYvFTMbJ6ntzUjKyUudzYoSGQO4895gxRhYBww_18RR2N_gCvTXrX5764YvBjJJ1Oh_e47BUaaH7sm_Kee9EV6ATZJYUZN7N1fxySFSqqFGSODscauGluJfGurk1tGDwaXPwbq9_UpHl0-tV0l6VP7RCutGhWqTunFj6npnm-eWq-jG_jkj1FCeFrW0cDGpTx6l9KbR_fQkKCFKDCW2RPLDg1mKI1k4vf-b3V5O0q1sSJrzPGM7gA-R_MNhPhYG40g7lDmjfysGFxn9vYsQw0CBzkN9z1kscesc-Ps-_YdzkMixVuIpagNe2fpDLYVDrFOUJHmZbUQVMKB_0DB3p831yAlWnr1vp6l33TYfF7RzF5GUrrF8zkJtSZdlDWtv40EUxWyezKTHkIUhMJ-DpdBOl7cqmL1paUtFihpvsuaL9HgxlZOik11dLk87H1iKmj_WsRxpDzGTRipYzAxX-rEPA4SAwMNIKCyABMxDFrEaObMUICTtfZ1LFfd87t1soHrrjfq_g85DuolCutwcbvY9EdRXzXVZATGIlFnhwn25e8353y4Z70eBkGAVD6hisRAIKMjnyj_lvQANwGAycCgoj8bw3Thk-dzb7OvoC7GksmfFMGVz9dMoo8KEaugOZF0jv2sEAdd579cidBSfF61DR9hUFxhuNBx-28xe176XYFEXNHWhv1esiUO0OhDdC_pJpSQjo3TaI3IowXPlBbGvhhIcgeeu0jBruH-lN6mF0NdKQR1zGGLqtoUVtea5PH2wtIK_nKb4zZb4tmpaRNbulO2txNfT8KHe-xAd5L4Vo3p1GVMtkUCxzkfTv8ZAAEtxjk2nzdDL9CJ_61UZ6QZnvGgvoFoCaUr7pnexD_IAobggVi5tlxw1QGU5X4pn7SbWXzLM4sEVCHBxf3q0S53ydGxRvoBrEByto0vaDAdoW-6U3IBA3-rF9IyElCJ5Sur6khr8-gHrV0KGuJNgYUd7N1THYhXs_jmwuCGCFoPLDCSJ1ITbtlkZUzAmZRI1VoqLhr9VgugGBLsaIY-wUcF1Derjbj6ZlaNW8RmIOubUZIuLfHNeusCk3u1xywWz0LsM_YN6QmBvc2AdlQRFt82NKd35YXvK7homQh_n7o1M3F7FBu4N-1kER-TXCyeVd81J3zO4wz1Y1PUc4XALqLOGO4Jg2kth0IdBPnjl_Y230aYP7fXLcQFCV8WVyaXZuui8rzbJPxM2ZRvj5O6qczNXH6M9huoiI2MoWSEeBo6vqmKc7F8KgqqwJrpaiEuJY5MiKgOHTe53id2caQrFJ6b8qsLnuWoJlPGdhKFgX2lO4lvzEhTTriA1CONcJ2IJskuwe3GBWgeKtly4Nc52bdvHrMsnlJZGRbivtPSgMHmd6SlyQ1sQqXC7pCbISgUkmsTWQzyo8SdqwuL79BzRk4KiKTDGpnKOdIWNmMra1_PsU0CgTxQkDAoRC3v7jFo1NDInulNeVgVAQtmDBFL2io3TTgLO_xNJRTpnlzoh9uc4hw2nv7dUzI2gLzB90S3hsF7iYHWmMAE0PK-SKhmYMGAPlgMszRvWD59wJRgMPh4i64YowKDGszC86jC3ZNVOuQ-WTSDuD7Xb_DySo_HeVIWj93Z-0SHoRhc39h257aGeXtEn4ARSTQYW18-Pi7AylbxRYAyqScqo4tGfxDG1UQcIXnT1ZcNNrSBEBBFmzPwjOgKKmQjg57PvMEsD0VQ-csNzClXUS1y2p3nAGbxLT2HY3bsU9EQr43lwxzXe91lpilogPN6ffLNIJxXn_Tu0W5pciDYb9CTkcgEqKd6nbBZ82D9fWbWzBFTXDewWCehCrcf2QCUIN_p22sP9xEwFeElpIRyTZE2SIDga17vjfKufEZxLCmoDCNNCuZtYbs4f5ypd7f6lYVV32Ty_GGUS1eHImijGFt5WbLku--r1scQ_oMebxhcfWtW4u7CgjE5ke_2COzlcWwK_F3RKy5_-Cwdrz4BLr4LkSFoc67qqKTjoGFfMZIOCMOGF41uxf5GB0s15jXSiNqI8YWisVuCeLPGNXJAuRtbg5BTztCjjuKWRYufCVOd_SvDOVKLgZtB3oszzxQmYA35bEe50Zcmr3fXgCQyCiLIViOEw0cHH6QaDHNI5VnVhLG9k3chDwdzeRSP_QEd_QBm7gOPcbDYGeCTdmLnKCBaejqrNKJA1YRCyQDLR4KwVL-xpm1fVFrTJjflYl-E4kLDeuIqkOsXrYL1mDKfq_QBDvvaIlqYh7pgo4zN1UlVP3Tmr5k8s32spmiOPba_c4g3NrKREMUp_IL2NaKgXu_7e5EX7yqvsFsy9ztAnvnXXv6nnfu8g-PakK2wfh7o76XIXMNoazD0aD01r1WL9TWFyw-BHbCD6fQHAzSbS9lOL7gcmV8A-plXaARdOzLwhhdC9gVFiozteLX902DEoQnkxGTDUX5fU3IPu8qZx22CI98q6Tyn_DiD_gDmam2aCpokJLRKrVxgHVZHXBTSVQDXEkyGNgTCHc3UnMzlUm5sJc4-UFBH0DBlHqmq40gh7Y117q7gMxb4bX42084VKZKnQeKbeN7Joaty06qBJcGTjYT725uVLMBlp2ukTQu2plbemZUAmAyrg7N-BObgpI6_5lKw-F0WtrvUrLovgIKuuE9Vj&cid=CAQSTwAvHhf_iRiOLW1GIisVlHLNhZMzjrC4s_iPWwpPRd9Cso9beA7qbo95jAANc-ecRBhtPaUSNN5YmyAnax70VjCs-vPvYbwZY-NrGx0xQRMYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.174.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f155.1e100.net
Software
cafe /
Resource Hash
98160e3c9ef7b95a2e2d03c445d3e4cbae21e116fc8abaa82fc9703b66423edb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18248
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 96FB
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a71f277a32c3a3a5bfbfdeb8555bf451c7932438e6e5420fbca77e79a038eb51

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame
0
0
Preflight
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cc9ZgY8R_ZYb0GfW5pt8P-LuOyAX1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMBqgSxAk_QNvORfGvvpe5oqQAyswTmM_GDskqgT1T8EKxiIxU4Iwr_82Pk0hbah9zT-8wZgFdtLFfIoLt8zsBajDlAMuLVyRXl9MnEpUZej_quiTRoGZCAbAJ9lPXlmhOJEnMVILbDZL-CKmigDolTr9tgvYSjHPoZ3tbLmJTAjSuXv8sjkCJsZoOF1HwQz4YegmKywzNskZWSQk3ulUAbriEh09gVS-G4T16KpCoN4DdhacUFT0hHVy78ZQPzgCr8kN4b1dyUF4z_GYb3HDuhDKBYaq6T9kWN10n4hOmNvjkVodi4lijSh2zDi2cQGQ_Zue-hckpUGfiKVH-vdcBIWBr5aFSuOwvrWFJdP_bDJkgUIKcfHAbpKGLLORUD1b5AVK9OKkyH01CUlI7eFM5qKaCG9VxSwATJke7NyQTgBAOIBYGgzrlNkgUGCBsQARgBkgULCCIQARgBSK7_kwKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB-qQlb4BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQhrcEGMWr5f4B0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOljF6paTjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAaIMECoOCgzktLEC7rWxArW4sQLiDRMI3p6Xk42YgwMV9ZzpBR34nQNZsBPKo8gVyBPegffjA9gTCogUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35E-gXAw&sigh=Tc3hwBsnXuA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_iRiOLW1GIisVlHLNhZMzjrC4s_iPWwpPRd9Cso9beA7qbo95jAANc-ecRBhtPaUSNN5YmyAnax70VjCs-vPvYbwZY-NrGx0xQRMYAQ&vt=10&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 96FB
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cc9ZgY8R_ZYb0GfW5pt8P-LuOyAX1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMBqgSxAk_QNvORfGvvpe5oqQAyswTmM_GDskqgT1T8EKxiIxU4Iwr_82Pk0hbah9zT-8wZgFdtLFfIoLt8zsBajDlAMuLVyRXl9MnEpUZej_quiTRoGZCAbAJ9lPXlmhOJEnMVILbDZL-CKmigDolTr9tgvYSjHPoZ3tbLmJTAjSuXv8sjkCJsZoOF1HwQz4YegmKywzNskZWSQk3ulUAbriEh09gVS-G4T16KpCoN4DdhacUFT0hHVy78ZQPzgCr8kN4b1dyUF4z_GYb3HDuhDKBYaq6T9kWN10n4hOmNvjkVodi4lijSh2zDi2cQGQ_Zue-hckpUGfiKVH-vdcBIWBr5aFSuOwvrWFJdP_bDJkgUIKcfHAbpKGLLORUD1b5AVK9OKkyH01CUlI7eFM5qKaCG9VxSwATJke7NyQTgBAOIBYGgzrlNkgUGCBsQARgBkgULCCIQARgBSK7_kwKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB-qQlb4BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQhrcEGMWr5f4B0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOljF6paTjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAaIMECoOCgzktLEC7rWxArW4sQLiDRMI3p6Xk42YgwMV9ZzpBR34nQNZsBPKo8gVyBPegffjA9gTCogUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35E-gXAw&sigh=Tc3hwBsnXuA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_iRiOLW1GIisVlHLNhZMzjrC4s_iPWwpPRd9Cso9beA7qbo95jAANc-ecRBhtPaUSNN5YmyAnax70VjCs-vPvYbwZY-NrGx0xQRMYAQ&vt=10&cbvp=2&vis=1
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Dec 2023 04:02:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
036e05035cbef88431e89138f2969605.json
services.vlitag.com/cli/
42 B
366 B
XHR
General
Full URL
https://services.vlitag.com/cli/036e05035cbef88431e89138f2969605.json?hn=https://www.hawtcelebs.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46dbfb21f5a98e6d1b272c6b0f26c38aeb811c6d8a76bb9e1565bd8cb0c7edb2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
cf-cache-status
BYPASS
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
private, no-cache, no-store, must-revalidate
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
837483106a5a80dd-NRT
content-length
42
alt-svc
h3=":443"; ma=86400
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
91 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cfaa98231c293ed2ec269908bba9b412ed4c5330c887ef70157175b76a6a54c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29631
x-xss-protection
0
server
cafe
etag
984 / 19709 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 04:02:43 GMT
e.js
live.demand.supply/e/
0
482 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_160x600_hawt160&e=nai&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447877
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
837483106db42605-NRT
e.js
live.demand.supply/e/
0
479 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_160x600_hawt160&pn=2&sn=3&pc=0.10464315712451934&ds=false&e=wdp&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447877
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
837483106db52605-NRT
csi
csi.gstatic.com/ Frame 6775
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lqae4aqw&c=5702684397138&slotId=2851342198569&qqid=CObejpONmIMDFYeW6QUdj4IJuQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 6775
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 23:33:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102530
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Dec 2024 23:33:53 GMT
file.mp4
r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408163/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 6775
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408163/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408163/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0
Fetch
General
Full URL
https://r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408163/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/515220E5F2F86B7352DB10BE6AC0125B3B902365.12A67CE97DE9CBA88CA60956B2902D70892455AF/key/cms1/cms_redirect/yes/mh/Tm/mip/2001:ac8:40:1e::2e/mm/42/mn/sn-ogul7ne6/ms/onc/mt/1702871579/mv/m/mvi/2/pl/48/file/file.mp4
Protocol
HTTP/1.1
Server
2404:6800:4004:1f::7 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:44 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
3187475
Last-Modified
Fri, 17 Nov 2023 14:18:30 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Mon, 18 Dec 2023 04:02:44 GMT

Redirect headers

date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
647
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
location
https://r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408163/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/515220E5F2F86B7352DB10BE6AC0125B3B902365.12A67CE97DE9CBA88CA60956B2902D70892455AF/key/cms1/cms_redirect/yes/mh/Tm/mip/2001:ac8:40:1e::2e/mm/42/mn/sn-ogul7ne6/ms/onc/mt/1702871579/mv/m/mvi/2/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 6775
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lqae4awx&c=5702684397138&slotId=2851342198569&qqid=CObejpONmIMDFYeW6QUdj4IJuQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2014&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.jb~videopreviewvisible.jg&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/
0
247 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-2CJZ9YTX9G&gtm=45je3bt0v894694930&_p=1702872163885&_gaz=1&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&cid=667190260.1702872163&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702872163&sct=1&seg=0&dl=https%3A%2F%2Fwww.hawtcelebs.com%2F&dt=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4286
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2CJZ9YTX9G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
256 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2CJZ9YTX9G&cid=667190260.1702872163&gtm=45je3bt0v894694930&aip=1&dma=0&gcs=G1--&gcd=11l1l1l1l5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2CJZ9YTX9G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c13::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/
42 B
408 B
Image
General
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2CJZ9YTX9G&cid=667190260.1702872163&gtm=45je3bt0v894694930&aip=1&dma=0&gcs=G1--&gcd=11l1l1l1l5&z=1469298014
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
px.gif
servg1.net/
842 B
1 KB
Image
General
Full URL
https://servg1.net/px.gif?ch=1&rn=7.810514412800048
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.244.5 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-244-5.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
63e8352da534a05dafb13e5aa106693d66074b5f96aaf7b9b0949d026f578f49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
last-modified
Tue, 07 Nov 2023 15:34:56 GMT
server
nginx
x-powered-by
Express
etag
W/"34a-18baa6c2500"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
842
px.gif
servg1.net/
842 B
1 KB
Image
General
Full URL
https://servg1.net/px.gif?ch=2&rn=7.810514412800048
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.244.5 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-244-5.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
63e8352da534a05dafb13e5aa106693d66074b5f96aaf7b9b0949d026f578f49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
last-modified
Tue, 07 Nov 2023 15:34:56 GMT
server
nginx
x-powered-by
Express
etag
W/"34a-18baa6c2500"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
842
o.js
servg1.net/
9 KB
9 KB
Script
General
Full URL
https://servg1.net/o.js?uid=a6a9ff0d0f1e980b3cea04fa
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.244.5 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-244-5.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
8686b06af6c14e26e8f538f55341864f24308723e1d39b8977c1353c4e66859c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
server
nginx
x-powered-by
Express
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=5184000
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
9410
e.js
live.demand.supply/e/
0
480 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?l=1&ga=0&i=300&v=2&s=loaded&p=4&es=undefined&e=ciu&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447878
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
83748310adfb2605-NRT
csi
csi.gstatic.com/ Frame 96FB
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lqae4av2&c=1324699826774&slotId=662349913387&qqid=CMaxmJONmIMDFfWc6QUd-J0DWQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 96FB
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 23:33:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102530
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Dec 2024 23:33:53 GMT
file.mp4
r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408163/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 96FB
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408163/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408163/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0
Fetch
General
Full URL
https://r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408163/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4144989C5A7C893C7917DD1482F03AD029193A29.7215039065EBE48FD89885BB0A2AE7C51C5C1CBB/key/cms1/cms_redirect/yes/mh/Tm/mip/2001:ac8:40:1e::2e/mm/42/mn/sn-ogul7ne6/ms/onc/mt/1702871579/mv/m/mvi/2/pl/48/file/file.mp4
Protocol
HTTP/1.1
Server
2404:6800:4004:1f::7 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:44 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
3187475
Last-Modified
Fri, 17 Nov 2023 14:18:30 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Mon, 18 Dec 2023 04:02:44 GMT

Redirect headers

date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
647
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
location
https://r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408163/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4144989C5A7C893C7917DD1482F03AD029193A29.7215039065EBE48FD89885BB0A2AE7C51C5C1CBB/key/cms1/cms_redirect/yes/mh/Tm/mip/2001:ac8:40:1e::2e/mm/42/mn/sn-ogul7ne6/ms/onc/mt/1702871579/mv/m/mvi/2/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 96FB
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lqae4ay2&c=1324699826774&slotId=662349913387&qqid=CMaxmJONmIMDFfWc6QUd-J0DWQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2014&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.fx~videopreviewvisible.fz&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 3764
23 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
317164
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 11:56:39 GMT
expires
Fri, 13 Dec 2024 11:56:39 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 5BCA
23 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
317164
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 11:56:39 GMT
expires
Fri, 13 Dec 2024 11:56:39 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 3764
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 13:34:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
224867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 13:34:56 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 5BCA
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 13:34:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
224867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 13:34:56 GMT
ads
securepubads.g.doubleclick.net/gampad/
95 KB
31 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1279931576994282&correlator=3203747329751436&eid=31080057%2C31079963%2C31061690&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C173a4ffc-0056-488c-8328-5adf301e9800&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=9&didk=2208336221&sfv=1-0-40&ists=1&fas=1&eri=1&sc=1&cookie=ID%3D856128fbdaf7cb4e%3AT%3D1702872163%3ART%3D1702872163%3AS%3DALNI_MaCaSkjlpkSSjfEuZvcoGP1vL6D8g&gpic=UID%3D00000cb34ee6121f%3AT%3D1702872163%3ART%3D1702872163%3AS%3DALNI_Mbo_APU2J5Lqig4D1ZRFQ8e8aiNGA&abxe=1&dt=1702872164029&lmt=1702872164&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=667190260.1702872163&ga_sid=1702872163&ga_hid=1693293107&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDc0Mjg3YzAzZTlmYjdjMzNlYjRiMmQwMWU4MGMxODVjYTAyYzZjYzgxODljNDkyOTMxZmYyNjc0MWY4Yjg2MTUY2cjc2McxSAASGwoMMzNhY3Jvc3MuY29tGPDF3NjHMUgAUgIIZBIZCgpwdWJjaWQub3JnGIbG3NjHMUgAUgIIahIYCgl5YWhvby5jb20Yw8fc2McxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGPHF3NjHMUgAUgIIZBIXCghydGJob3VzZRj1x9zYxzFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVkZOUVYwNXlNSFJSVDIxa1JsWkNiMFJvUlZCVFVUMDlJbjA9GMPI3NjHMUgAEhkKCnVpZGFwaS5jb20Y8cXc2McxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiuzNzYxzFIAFICCGo.&dlt=1702872162359&idt=470&prev_scp=ti%3D88839566-4a26-41da-b49a-5a7fcf3cdb54%26interstitials-bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D92&adks=530119389&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33711d3233efa3e498853a99b6346e52ec4793442d7c5cce3c4f62e84f5eb2eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31245
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
vl.json
services.vlitag.com/vld/1702609962/
12 B
280 B
XHR
General
Full URL
https://services.vlitag.com/vld/1702609962/vl.json?page_url=https%3A%2F%2Fwww.hawtcelebs.com%2F
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bd89d0776acdb8565abd79559d140909e68570f7d74a6f0141d21aed4122f4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
cf-cache-status
HIT
last-modified
Fri, 15 Dec 2023 03:13:59 GMT
server
cloudflare
age
157356
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
837483117bb580dd-NRT
content-length
12
alt-svc
h3=":443"; ma=86400
036e05035cbef88431e89138f2969605.json
services.vlitag.com/obj/1702609962/
35 KB
5 KB
XHR
General
Full URL
https://services.vlitag.com/obj/1702609962/036e05035cbef88431e89138f2969605.json?cc=JP&hn=https://www.hawtcelebs.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62438b28293ed4798e7bb29f539da4f041b1f2647bbad1e1067bd1f8f7d52fba

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Dec 2023 03:44:31 GMT
server
cloudflare
age
221538
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
public, immutable, max-age=31536000
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
837483117bb680dd-NRT
alt-svc
h3=":443"; ma=86400
prebid-8.21.0.js
s3.vlitag.com/vli-assets/prebid/default/
615 KB
187 KB
Script
General
Full URL
https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-version-id
76c869ee-7e97-429c-95e5-0bc6d6795360
cf-cache-status
HIT
x-amz-request-id
17A0489274637F73
age
3893
cf-polished
origSize=630565
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Tue, 05 Dec 2023 07:41:10 GMT
server
cloudflare
etag
W/"0c22764ab01c0856416dc5824cf45dee"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
text/javascript
cf-ray
83748311beeae38c-NRT
gpt.js
securepubads.g.doubleclick.net/tag/js/
91 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f29d3e23c44e9321522cd27c03a0c840038bd07b6950379d1eaa583e1532a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29633
x-xss-protection
0
server
cafe
etag
591 / 19709 / 31080056 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 04:02:44 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
367 KB
126 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8322c76053c917801fed702192c48c58ffe98d3f3bab828c03dd75b3ba71873f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Mon, 18 Dec 2023 04:02:44 GMT
sf_host.min.js
s3.vlitag.com/vli-assets/plugins/safeframe/src/js/
38 KB
17 KB
Script
General
Full URL
https://s3.vlitag.com/vli-assets/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-version-id
3719e857-24af-48f6-94aa-43f986411778
cf-cache-status
HIT
x-amz-request-id
17A05315AB8848AC
age
414867
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection
1; mode=block
last-modified
Tue, 05 Dec 2023 07:19:33 GMT
server
cloudflare
etag
W/"70e454e451af63d76af1fc5b9b2ce1e4"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
83748311beede38c-NRT
e.js
live.demand.supply/e/
0
479 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_auto_interstitial_desktop&e=nai&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447878
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
83748311bf642605-NRT
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_auto_interstitial_desktop&sn=3&ific=false&e=iar2&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447878
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
83748311bf662605-NRT
ads
securepubads.g.doubleclick.net/gampad/
907 B
472 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1279931576994282&correlator=1457945884358348&eid=31080057%2C31079963%2C31061690&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C42d64542-ad30-45c9-9859-6b93dc8b1e0c&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=10&didk=3065928106&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D856128fbdaf7cb4e%3AT%3D1702872163%3ART%3D1702872163%3AS%3DALNI_MaCaSkjlpkSSjfEuZvcoGP1vL6D8g&gpic=UID%3D00000cb34ee6121f%3AT%3D1702872163%3ART%3D1702872163%3AS%3DALNI_Mbo_APU2J5Lqig4D1ZRFQ8e8aiNGA&abxe=1&dt=1702872164120&lmt=1702872164&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=667190260.1702872163&ga_sid=1702872163&ga_hid=1693293107&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDc0Mjg3YzAzZTlmYjdjMzNlYjRiMmQwMWU4MGMxODVjYTAyYzZjYzgxODljNDkyOTMxZmYyNjc0MWY4Yjg2MTUY2cjc2McxSAASGwoMMzNhY3Jvc3MuY29tGPDF3NjHMUgAUgIIZBIZCgpwdWJjaWQub3JnGIbG3NjHMUgAUgIIahIYCgl5YWhvby5jb20Yw8fc2McxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGPHF3NjHMUgAUgIIZBIXCghydGJob3VzZRj1x9zYxzFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVkZOUVYwNXlNSFJSVDIxa1JsWkNiMFJvUlZCVFVUMDlJbjA9GMPI3NjHMUgAEhkKCnVpZGFwaS5jb20Y8cXc2McxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiuzNzYxzFIAFICCGo.&dlt=1702872162359&idt=470&prev_scp=ti%3D88839566-4a26-41da-b49a-5a7fcf3cdb54%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D92&adks=1978351858&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a9c48a299f11184f4c8cb9b12b89635bce33a16560a00cdbf3bce24dfa3baca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
438
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3764
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B9_QQY8R_ZY3jMv6gid4P3LuBoA4AAAAAOAHgBAI&bg=!ycqlyoXNAAY3kmNgF5I7ADQBe5WfOHRR1lF6RnzSJugLR64-zWODwTJu4Ua78OfgWFFdCrVK7SEoAG8ulbL13mNuNe1VAgAAAHFSAAAAAmgBBwoAJBOpzMw9j5Ty2zVqe-kSkDfUA6YKP-mlu8DNDhhprPHZ4s53SpkDHKafNKzSpgaKYXoRQb1rzlyLqCRKFb_uiJbwZP07eNhkmPMU051lF_71Xhsepz_Wvi52WjUh8cuU9skmev8MI84pAd7GRLXd3NK5__8Ieqn3Grd0boqphCsgukoO17a7k37yliOalrCsv3HuRia8ImENq50PJ_3TJOrWc9cezHv2IxRNr_kuF64IXhZCq2sYvU9-1i6rEeftLR7RTHcJ6UdfV4XMpiB0M_1niBjvnBIFIj0dgMsJPTmhL5t4guCefzSRtdUQByXltDifj1pE-oxCfUbzNLR_VLx-pXz8bn8wSRGtM0uXo5481P2F_f6PsKJClB3P-MF01yhKW3RykccFsni1ktvIogLhuN8GN2m0xMIEqL2IVg8elpPbBTlaACl0Aq-xBnzEISP7w438svJ9SYzdwKIIXAi5KZ8Z6ymClsWsmyp_HlVE5_-vltfqphDV9Z6GZOOIabtuZQeIyBRTghzwUO2rfzn9XTbnkgm5Btw8BnAafJtIcMkTUs3BUSlGuDZPHWag0JPpdVdL4Tq8X56Ew18wksj6Y_IwO_TnrYimecT_JtT0OIbIjc92o3opE-4iYcjTohMks_CvEz1yzyKV_iwlJmhUbCoTywbEhOAg5KBml4NfxGcyIrNEv6-uDUjqXmdguldcak7NluuMUtn_cymoothX70K3q72qruP19Lx0bK8-jqVzRAv9vJGO4riJaB_DM-XNTVhG8R6sIHNLe49_7T5Fl78m7mBxoPkAlaAAfaT0WaHo8MbGGYHy2jLvbuCyOkTnlqoeKuJi1D0bZmmj6GpT6XVYARk8K_rE-lPNg0fYZAxdXob6QaBW3-tUi9QjSoR2IeEANy5-MIQXQe_FycUC2QQrdypdnMERk9rl398Ap5-UZtiss2v0tkwfOyIX0d0_iQkTXhifLLbx16BHw3YKKtVcU1j6O26lRcd72Y5EupSsX1b7ObCTanHXrsYY4gh7yd2uM2mZQgHh8TDe6Fk9JmawuX29zhyIzolCxGBRtRxS4rXKKRgw406KEhvl4jG-DQxEQkhdKJuqUWf_e-DRtXc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
vastserved.com/
40 KB
40 KB
Script
General
Full URL
https://vastserved.com/?uid=5da50738fbeb116b83fa5b94&w=300&h=250&puburl=https%253A%252F%252Fwww.hawtcelebs.com%252F
Requested by
Host: vastserved.com
URL: https://vastserved.com/?uid=5da50738fbeb116b83fa5b94&w=300&h=250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.136.237.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-237-229.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
8996d3b3138f7d5f0aef8a6890172042a84249da0746dedbe79369e1a9cb3b06

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
server
nginx
x-powered-by
Express
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
40569
expires
-1
adb.js
static.adxadserv.com/js/
1 KB
1 KB
Script
General
Full URL
https://static.adxadserv.com/js/adb.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d300::22 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7bccb036fc4379abc145f8e81bdc9ba147157fb772b97b840bb65013226fed53

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop
tokyoJP
date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
gzip
x-age-lb
95217, 224628
x-77-cache
HIT
x-accel-date
1702647536
x-77-nzt
EwwB1GYyFgH3dG0DAAwBj/QhpAH38XMBAAwB1GY4mQHXQNgDAA
x-accel-expires
@1703337151
x-77-age
571813
x-cache-lb
HIT, HIT
last-modified
Tue, 05 Sep 2023 14:53:26 GMT
server
CDN77-Turbo
etag
W/"64f740e6-510"
x-77-nzt-ray
aa4e0e32e117f97964c47f6505f29a07
vary
Accept-Encoding
content-type
application/javascript
js15_as.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
28632
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
837483126b66268f-NRT
content-length
4547
ads
securepubads.g.doubleclick.net/gampad/
28 KB
12 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1279931576994282&correlator=1457945884358348&eid=31080057%2C31079963%2C31061690&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&iu_parts=22287008444%2C270__hawtcelebs.com__default__300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=11&didk=2750574080&sfv=1-0-40&sc=1&cookie=ID%3D856128fbdaf7cb4e%3AT%3D1702872163%3ART%3D1702872163%3AS%3DALNI_MaCaSkjlpkSSjfEuZvcoGP1vL6D8g&gpic=UID%3D00000cb34ee6121f%3AT%3D1702872163%3ART%3D1702872163%3AS%3DALNI_Mbo_APU2J5Lqig4D1ZRFQ8e8aiNGA&abxe=1&dt=1702872164131&lmt=1702872164&adxs=1029&adys=1644&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&psz=300x1498&msz=300x-1&fws=512&ohw=0&ga_vid=667190260.1702872163&ga_sid=1702872163&ga_hid=1693293107&ga_fc=true&dlt=1702872162359&idt=470&adks=4231134318&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54822fb3d0b5197a8aab8b9e59bf814a888fa7fae30c0a34bcc6443b6d762ba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12148
x-xss-protection
0
google-lineitem-id
6018429349
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138391948703
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
28 KB
12 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1279931576994282&correlator=1457945884358348&eid=31080057%2C31079963%2C31061690&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&iu_parts=22287008444%2C270__hawtcelebs.com__default__160x600_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=12&didk=1875980051&sfv=1-0-40&sc=1&cookie=ID%3D856128fbdaf7cb4e%3AT%3D1702872163%3ART%3D1702872163%3AS%3DALNI_MaCaSkjlpkSSjfEuZvcoGP1vL6D8g&gpic=UID%3D00000cb34ee6121f%3AT%3D1702872163%3ART%3D1702872163%3AS%3DALNI_Mbo_APU2J5Lqig4D1ZRFQ8e8aiNGA&abxe=1&dt=1702872164133&lmt=1702872164&adxs=272&adys=1036&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&psz=160x600&msz=160x-1&fws=512&ohw=0&ga_vid=667190260.1702872163&ga_sid=1702872163&ga_hid=1693293107&ga_fc=true&dlt=1702872162359&idt=470&adks=3526967685&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b0b13cf6cbdf5c71524f6d42f7c44ad793053587380f2d0874c7a504009ca70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12174
x-xss-protection
0
google-lineitem-id
6056997279
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138397869554
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
ads.adxadserv.com/ Frame EDE9
1 KB
1 KB
Document
General
Full URL
https://ads.adxadserv.com/ad?spotid=6523ec2361d6e22ad53d3fd1&type=300x250&output=html&extra1=0&ref=https%3A//www.hawtcelebs.com/&dt=1702872164135&screen=1600x1200&tags=
Requested by
Host: static.adxadserv.com
URL: https://static.adxadserv.com/js/adb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.156.19.151 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
8b0df36f2d6227ab9cd31428b79e8a46a92475ce80b05b1528ac4db81c0aa586

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache
content-length
1063
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 04:02:44 GMT
server
nginx
/
smart1adserver.com/
550 B
814 B
Script
General
Full URL
https://smart1adserver.com/?uid=5eaaf9fcd3f40068832d608f&w=728&h=90&click=&puburl=https%253A%252F%252Fwww.hawtcelebs.com%252F
Requested by
Host: smart1adserver.com
URL: https://smart1adserver.com/?uid=5eaaf9fcd3f40068832d608f&w=728&h=90&click=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.18.237.172 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-18-237-172.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
2e40f7075c6cae2fbc414e7001b6522d1e59d68c429906dcc3ad6bf3eac6d712

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
server
nginx
x-powered-by
Express
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
550
expires
-1
ads
securepubads.g.doubleclick.net/gampad/
29 KB
12 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1279931576994282&correlator=1457945884358348&eid=31080057%2C31079963%2C31061690&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&iu_parts=22287008444%2C270__hawtcelebs.com__default__InFold&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=13&didk=3473034383&sfv=1-0-40&sc=1&cookie=ID%3D856128fbdaf7cb4e%3AT%3D1702872163%3ART%3D1702872163%3AS%3DALNI_MaCaSkjlpkSSjfEuZvcoGP1vL6D8g&gpic=UID%3D00000cb34ee6121f%3AT%3D1702872163%3ART%3D1702872163%3AS%3DALNI_Mbo_APU2J5Lqig4D1ZRFQ8e8aiNGA&abxe=1&dt=1702872164141&lmt=1702872164&adxs=252&adys=10496&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&psz=1097x106&msz=1x-1&fws=0&ohw=0&ga_vid=667190260.1702872163&ga_sid=1702872163&ga_hid=1693293107&ga_fc=true&dlt=1702872162359&idt=470&adks=84074055&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b993d3716ae52eac71875e384579f52fa3aca65f30c085a742029af0ebddc7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12171
x-xss-protection
0
google-lineitem-id
6059230949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138397374420
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BCA
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B_beYY8R_ZdeaNc-did4P9e-6uAIAAAAAOAHgBAI&bg=!sbKlsv3NAAY3kmNgF5I7ADQBe5WfOCtYsZD2YGb4_TAjRnQBebiJ2FioVTXt3VenSfoMJpTSTu1NsyKiCWwZIz71hD_BAgAAAHBSAAAAAmgBB5kDL29EbbkcQ04qHXxNaANp1Cryaauras9sPi6tlu_GAkE_OhZTLXQ-LU3AOzj3th7D0lzmhfseQFfO4WFGhBUlOypxtrTw4I8q73Y7SLiMrFkJdBp58wnNYbm3OQY72YVwRRIWwzHcitroKoUIgcwC4tpqJ6p7haJaOao0_CwTg3ocmao7plStwPFABwLJfbD7psITQlR5G2rdQqBXS7b9J6NBiEG9nKTrI049JvvPZLJq4_koq7ZDixoefuGNQQ0wOLEU1CXg9bFrTC-0NI3OCUWTgI6vkFF44nUc87cJ3z4xi_zF0zEmsbkFTK1KppelCkMO0dqlOjje063McwD7sNW6OxasGg2V2KOIwuHAtTa-jrBfieQrmtum9JYOUh0NEdBwcSO96lYDEPvMdLXlBKzf9fq2LspV6u7m3Drm7rNGCcxNe5Kn1VdELNQCVDd6JdaNJe32Zo3WxgWbypX367hwr54h_HtpGMtMLxSfue7f88yetC9WjW_ZAdviV_YoysTZNwQgqf5AK65sXNCc0KfOEzo4CuI9fXcccuewGS0X4-9kHh6yK1d-vBl5QZrLL2uH2XPK51XG0rjvoVQwcgA_ShaQwHZk-RLDaoeCSvSEmrNpgAGvJc3PHIpH1B4A45PA6dpi84romyZvNMHrUAMenNXAHi6102X3UrEB52veV4M9fS31UKERe4lHlyFrpOSzdQXJ4TgqlPU3BMV3BubdpE1CPekC3MVcAnEr6v4GYF2EpLHC8H4RpUk_DKhMJT8psfPL2-quCZcOs2LMz57uf6QIctq_-zE0_7_lkTIir-kXb-syRMO_0zU13O8ja9FmIm5P0zhcGjj9OXUsvW8k5ectUrKzqpZKhrtqnbE67EXOvZMn2iIAXJad1mnFsCbQVre4XdfCBAgFlckMMG_SsMX2o8fczIeINtfj6QmUhUkkb0yyPZisxPIrL_BQxhj5urd2XUc71YIQfuAOrHC2ehP5UgxJxh9QlSwoTDB4R9UaPPDu7Q8DmlmAO0j6Bi8cPOl99cX5sO51iv3fa6Nf4i2so1F4GlriYAwyMJF3tx-OaN3Inm0oLlm6zTtv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
t.dtscout.com/i/
7 KB
3 KB
Script
General
Full URL
https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Requested by
Host: waust.at
URL: https://waust.at/c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42f93c43d0c37a86684b3353354bfdd76934659a6a04606c7a27f4224c488334

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
x-t
0.299
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzxu9LNrWLJgKOdlPwUyvV8e2hqYvP%2FWbQu85gsJMDF2P0vJiZK9UD1Oyj4lVDVxWY8HeTmSV4yJh%2FUjOJUUvwKCoEy486SsLFl8Ksq8OytDgq5RcXYnlahac1QRCXZWcLMvBgFapSGtMZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl1
cf-ray
837483121e261d7b-NRT
expires
Mon, 18 Dec 2023 04:02:43 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/
222 KB
67 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:25:40 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=160718
accept-ranges
bytes
content-length
68444
expires
Wed, 20 Dec 2023 00:41:22 GMT
delivery.js
assets.revcontent.com/master/
161 KB
48 KB
Script
General
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-20.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd0a3a3e7028948f84a3a14f7bb2b62b78becf5be750c8a67031d534db0d94de

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 16:33:58 GMT
content-encoding
br
via
1.1 632916f9e737cfec58885186f21c18d2.cloudfront.net (CloudFront)
last-modified
Fri, 15 Dec 2023 16:33:54 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
41327
x-amz-server-side-encryption
AES256
etag
W/"03b316c7023aa5b2fa8bb01938871a21"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
C9WSU42aUY89HgYTc7G_uiO6oAKVGRCZxvQGwbVUqsLjHzM-2Y1--w==
/
whos.amung.us/pingjs/
29 B
183 B
Script
General
Full URL
https://whos.amung.us/pingjs/?k=a9etg89wet&t=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures&c=c&x=https%3A%2F%2Fwww.hawtcelebs.com%2F&y=&a=0&d=2.832&v=27&r=4412
Requested by
Host: waust.at
URL: https://waust.at/c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1984c77f7b28ace226acc20d92385bbc6134e31321509175806ba28c35f6b6d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
837483121cc8e3af-NRT
content-type
text/javascript;charset=UTF-8
file.mp4
r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408163/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 6775
3 MB
3 MB
Media
General
Full URL
https://r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408163/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/515220E5F2F86B7352DB10BE6AC0125B3B902365.12A67CE97DE9CBA88CA60956B2902D70892455AF/key/cms1/cms_redirect/yes/mh/Tm/mip/2001:ac8:40:1e::2e/mm/42/mn/sn-ogul7ne6/ms/onc/mt/1702871579/mv/m/mvi/2/pl/48/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:1f::7 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
9129173d5280e244bb3245890e87656d5fa9cc94c4911ef3f95023224a7ace3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

expires
Mon, 18 Dec 2023 04:02:44 GMT
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-3187474/3187475
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
3187475
last-modified
Fri, 17 Nov 2023 14:18:30 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
client-protocol
quic
file.mp4
r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408163/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 96FB
3 MB
3 MB
Media
General
Full URL
https://r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408163/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4144989C5A7C893C7917DD1482F03AD029193A29.7215039065EBE48FD89885BB0A2AE7C51C5C1CBB/key/cms1/cms_redirect/yes/mh/Tm/mip/2001:ac8:40:1e::2e/mm/42/mn/sn-ogul7ne6/ms/onc/mt/1702871579/mv/m/mvi/2/pl/48/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:1f::7 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
9129173d5280e244bb3245890e87656d5fa9cc94c4911ef3f95023224a7ace3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

expires
Mon, 18 Dec 2023 04:02:44 GMT
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-3187474/3187475
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
3187475
last-modified
Fri, 17 Nov 2023 14:18:30 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
client-protocol
quic
delivery.js
assets.revcontent.com/master/
161 KB
47 KB
Script
General
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.42.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-20.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd0a3a3e7028948f84a3a14f7bb2b62b78becf5be750c8a67031d534db0d94de

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 16:33:58 GMT
content-encoding
br
via
1.1 54732db85fb7104550b661299a2972ac.cloudfront.net (CloudFront)
last-modified
Fri, 15 Dec 2023 16:33:54 GMT
server
AmazonS3
age
41327
x-amz-cf-pop
NRT12-C5
x-amz-server-side-encryption
AES256
etag
W/"03b316c7023aa5b2fa8bb01938871a21"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
eBGQHeNomU921eoHQ9BZmk8qc3DU7dHtTdabzynR1yakF5DHIhayrg==
/
trends.revcontent.com/api/demand/
54 B
316 B
Fetch
General
Full URL
https://trends.revcontent.com/api/demand/?w=274806&gdpr=0&gdpr_consent=undefined
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-rc-region
us-west-2c
date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
content-length
54
sync
trends.revcontent.com/
0
0

/
trends.revcontent.com/api/demand/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/api/demand/?w=274807&gdpr=0&gdpr_consent=undefined
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-rc-region
us-west-2c
date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
content-length
54
sync
trends.revcontent.com/
0
0

/
trends.revcontent.com/api/demand/
54 B
316 B
Fetch
General
Full URL
https://trends.revcontent.com/api/demand/?w=274805&gdpr=0&gdpr_consent=undefined
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-rc-region
us-west-2c
date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
content-length
54
sync
trends.revcontent.com/
0
0

px.gif
fundingchoicesmessages.google.com/img/
43 B
68 B
Image
General
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=6.704988809379854
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iyiAW2_4yD-3-cCwtB0SpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-iyiAW2_4yD-3-cCwtB0SpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/
43 B
68 B
Image
General
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=4.515201217022217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SIp_NhScBCyT1rDMb8Rojw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-SIp_NhScBCyT1rDMb8Rojw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 24D7
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWeeuQOeTjVLVEzzFNsgYXiS-q8iTaHUnm4cZv7aWn_2Tg6HNyex9SZnMkRCgy-JaBCTSQoxFXKBMruen6VDz3I7Tsh8rzJdXlzmXrJjIrp5Z811BKkPOPKDsT91xz_YYIneyche-wZuv-Lp5n4NNQUrOAPH3U7Vdm36gwNQ_HrlFPpb8iH0D8JvIQff8AJLUdk5qVYDwHFfc89NAsNHmshCy3UkFOXNzs5dFjq8QSTmb1opV0lm3hVoiLE_k3UQ9Bk2GrvUiP4HGZFB3afdL43CCiXDXjteveAKCUVMvFgL4qxFiKQNbVHDfZr3O3EGhgwHQwEWzzoHNYMRx2h6YNmtLcIt1gm5k4lXivyCWs0eu-lIPO2GSE4iWl3MVK5to&sai=AMfl-YRVpOzb4Bj9zjbuUDad7ZFaMxC8xldlzGffTEw6veLWaPBd7wqBo5K68RibN3-pTH86fJQuHmGbucT7OWBtEUdbqyRQRYcC1GYUrWxZrvGmMoCxGQVQs-_iozUq8IY&sig=Cg0ArKJSzC27C8HqR_dyEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adserverPlacement.js
onetag-sys.com/tag/ Frame 24D7
5 KB
2 KB
Script
General
Full URL
https://onetag-sys.com/tag/adserverPlacement.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
045d2118123dd438309aec9df012404bb89c0448a4ab9a38915bddbaec060cc0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
last-modified
Tue, 12 Dec 2023 16:41:42 GMT
etag
"b85e881cc274c5a870536aa150e9c9dc-gz"
vary
accept-encoding
content-type
application/javascript
cache-control
public, max-age=1800, stale-while-revalidate=43200
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
2186
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 24D7
203 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 04:02:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E358
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUZ_pV1RynzdPrYnkUFlsuUx7NZs12e7_H6cQWDUyTehzADCtWECF_m5mq6bH7IiQ65KbeGKMAAarFN_uMmi3ZJ4gX_eI8iVDCL6bMQmBUfLKusNLH192oMp8fpoN_GJYD0ZcNm0yjG34qbjcmoRcyaA-SZNI6G8smC-EUl_54fLympHv-IpDhWyTjbawPIFZS7WtnySjWdhwMPvJSXtA9T0fhmgtOFSUGE7N9FrpqkfPdXXhkizg6hPig8YqYIE9cLlCVTZLMvUP3m4i6Plgb4K9NDx4u1340S38bB21ewAPpMlKg1d7yzluOF9QRN13fXyEcUmm0ltPdu5YT76ly8mXgCu8wVCN9NGt-UZxFxgdMfqoYMy-3dKL_1Q&sai=AMfl-YSVHThLP0Mlm8njr__1A7eJqoH1_jYmSRK6wSrIdl-BXXWT17Yv6bvUmj1O0sjMP0FKnIO4nrwDnvXJJGlMivofcbLX8FRqBHwoP8J-MlQGye1klPAZBXJvdUIoS5Q&sig=Cg0ArKJSzBn7beGRCvY0EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
infolinks_main.js
resources.infolinks.com/js/
4 KB
3 KB
Script
General
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4df1f5d0c1e98a55ac867822edb1be9512f46668b3cbd8ebc0fac7796d597ed

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 17 Dec 2023 18:13:48 GMT
server
cloudflare
age
6522
etag
W/"107c-60cb8983f8b65"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
83748312cc5d6848-NRT
expires
Mon, 18 Dec 2023 03:14:02 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E358
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 04:02:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3FB6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuM1WL0WsgnvFQ6Cb4gFvM7NtOk0O-_mxKH2odIeNpofGE2kzVVfgNSSCv8ppuTmDq0RIZORbCHHvbU3k46Vmvrzwwixw4Ruc3-83kJBLW3p0IFGOJZYJLzxMD0yTPKe_sziYx1IPQmtPx5OvdTbqGKjvVvHFanz42nsHaeqgPN5PDtlb-zamevmUcSHUma9hResQubYAMU8Dk8u3qgLiED1RgTAjDxFio7KXSEBX0s5WQeEO3AEBAwT1_JtLZ11aiJ3XmOVNhTsVC1_RonuvrlHpC2jBD7-0jTX-FBJ9dhQO1RJzjpGsjrPZvHhtkK0W8BA0wJJw1CVYQR1K-sqNKNapkSAJW_OrtT_B4IUX5r1o8xp6D3sMBN9UZtIIw&sai=AMfl-YS6Lz1yb93S_Ipn4Br6vW4O1y2mXJ0lE5GmSQI4rIqQrhSoR8BUWR5GeC3RbPNFzAo8tfZ2niZaOLPlrGobYbFSuIwcFXyk_G_5icX9j7yIKjQI6E04Sm7Zzz63ziI&sig=Cg0ArKJSzLrX5GnETpBxEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen.js
ads.themoneytizer.com/s/ Frame 3FB6
4 KB
3 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/gen.js?type=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d300::19 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-nzt
EwwB1GYyBwH3zuQDAAwBWbuiMAH3DgAAAAwBJRPCNAH3JgAAAA
x-accel-expires
@1703221730
date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
gzip
x-77-age
255234
x-cache-lb
HIT, HIT
x-age-lb
14, 255182
server
CDN77-Turbo
x-77-pop
tokyoJP
x-77-nzt-ray
aefca1171437e7e364c47f656bc64212
vary
Accept-Encoding
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
x-accel-date
1702616982
requestform.js
ads.themoneytizer.com/s/ Frame 3FB6
168 KB
21 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=96761&formatId=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d300::19 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d76c13f41d362895f9834204344595fb81a5717e031e7d605fa573044403d025

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-nzt
EwgB1GYyBwFBDAFZu6IwAfdK1AMADAElE8IuAfe2CwAA
x-accel-expires
@1703223012
date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
gzip
x-77-age
253952
x-cache-lb
HIT, MISS
x-age-lb
250954
server
CDN77-Turbo
x-77-pop
tokyoJP
x-77-nzt-ray
aefca1171437e7e364c47f6586e84612
vary
Accept-Encoding
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
x-accel-date
1702621210
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3FB6
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 04:02:44 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/
222 KB
67 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:25:40 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=160718
accept-ranges
bytes
content-length
68444
expires
Wed, 20 Dec 2023 00:41:22 GMT
main.js
www.hawtcelebs.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame DD26
Redirect Chain
  • https://www.hawtcelebs.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.hawtcelebs.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
7 KB
4 KB
Script
General
Full URL
https://www.hawtcelebs.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Protocol
H3
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6d9d3d70149e8625f86bab35c21395b69a79e6104cc27ac6035a0deae55325
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMtKLeVzPLg0%2BV82ugckQk0SZk9%2FqzmJggkXkkwB1WOPt0kbr8z26C9ASj%2Fw2NCMB93J8CKm%2FPUbsHwNTc4Tx3GP17HLJd0JtH%2BZi8tDctpHHRqoi9TlJcO3kBkPv3HrlT%2F%2FnSAdL0HeaTA0qdr1Bmc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
83748313bbe57352-NRT
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 18 Dec 2023 04:02:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPYNhLVlL7j5d2yn%2BVNnry%2FM2ikSeh6yNLylZ6kUaMyZMGFfML6S0QVTll8g5CzHd72o8a4k6do%2BaWORDAlSt5fBog69Tadwa3RQ3LaYzq0PGEg20cizecQtEk1GOF%2BUc%2FEErTYztKOejhs998Xnx5g%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
83748312eb587352-NRT
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/x/
0
481 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HEWCMVPVG2SZ1MYE7CQW3ZQP
date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
1642688
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"901b70ae40b5b064aef6259e869a717e-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
83748312f89d2605-NRT
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?l=1&ga=0&i=300&v=2&s=loaded&p=4&es=undefined&e=ciu&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447878
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
83748312f89f2605-NRT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312070101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
624e534cf66cddb89debb5e1ed46b0ac5618fca81036bd08954552ee409d1e02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12303
x-xss-protection
0
AGSKWxXp-vHaLu3efs0WEEZwQeg0hBx5A0rwxWvnHvnTnWMoCQm35dOsQGUV5TqFyEYX9DZj19cvah_PAiQL1DljuZK9EXPcpTYvkhx5L-Tao0AXrBz3UWQa4NXtfhqv2sM6xkqi-uOwSA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXp-vHaLu3efs0WEEZwQeg0hBx5A0rwxWvnHvnTnWMoCQm35dOsQGUV5TqFyEYX9DZj19cvah_PAiQL1DljuZK9EXPcpTYvkhx5L-Tao0AXrBz3UWQa4NXtfhqv2sM6xkqi-uOwSA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hJq0wevhXCzvH_lVv4yFeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-hJq0wevhXCzvH_lVv4yFeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIl9izk42YgwMVz07CBR31tw4nEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCMaxmJONmIMDFfWc6QUd-J0DWQ;dc_rmcid=CAQSTwAvHhf_iRiOLW1GIisVlHLNhZMzjrC4s_iPWwpPRd9Cso9beA7qbo95jAANc-ecRBhtPaU...
ade.googlesyndication.com/ddm/activity/ Frame 96FB
42 B
401 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIl9izk42YgwMVz07CBR31tw4nEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCMaxmJONmIMDFfWc6QUd-J0DWQ;dc_rmcid=CAQSTwAvHhf_iRiOLW1GIisVlHLNhZMzjrC4s_iPWwpPRd9Cso9beA7qbo95jAANc-ecRBhtPaUSNN5YmyAnax70VjCs-vPvYbwZY-NrGx0xQRMYAQ;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOljF6paTjZiDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D11520%26vmtime%3D17%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D758656306%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702872164319;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 96FB
42 B
443 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHIWLY8R_ZYb0GfW5pt8P-LuOyAX1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEtAJP0DbzkXxr76XuaKkAMrME5jPxg7JKoE9U_BCsYiMVOCMK__Nj5NIW2ofc0_vMGYBXbSxXyKC7fM7AWow5QDLi1ckV5fTJxKVGXo_6rok0aBmQgGwCfZT15ZoTiRJzFSC2w2S_gipooA6JU6_bYL2Eoxz6Gd7Wy5iUwI0rl7_LI5AibGaDhdR8EM-GHoJissMzbJGVkkJN7pVAG64hIdPYFUvhuE9eiqQqDeA3YWnFBU9IR1cu_GUD84Aq_JDeG9XclBeM_xmG9xw7oQygWGquk_ZFjddJ-ITpjb45FaHYuJYo0odsw4tnEBkP2bnvoXJKDBgCX8eNyec7vKQ0K5RyNOw-Qo987pKScaNuMioPFjUeGKSt_pDgx_uQWL4--07-CF1_uIx3H_DguCBorQcBVR0SIcAEyZHuzckE4AQDiAWBoM65TZAGAaAGdoAH6pCVvgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOljF6paTjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAeALAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJKUOINEwjenpeTjZiDAxX1nOkFHfidA1mwE8qjyBXIE96B9-MD2BMKiBQC2BQB0BUB-BYBgBcB6BcD&sigh=1Bd1ouNDuoc&label=part2viewed&ad_mt=17&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D11520%26vmtime%3D17%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D758656306%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702872164319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 96FB
0
557 B
Image
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcyZs9K3Z2dV6Mnx__8qX9Sk_yRd5MiI6uBkf3dEUXMgYEWWUCN3n7ytuiC69cYha6ZKlc0khBz2kTYFkf361AKMJTmAkfuhYS9iye12L1OgQAIhg22dpOkB-p9sFvoAN9i1ykuKR1ZfvwwDXN53A-VDjuCYXBeiik5kOi8MV7zRxchvjZFrXwTitBRdgh-AdyVA42xJat9U_f7PFrHUKmb4d-Y38psc53FcswOqX0rX7g3caJJnK4Pf8x8R4nTvQcWZBTD6POthfjv5TIrZFhx7l5Od26EGg_RS_saxBip2id4IEiBewZGnYlXBe33ltD04tPy74DvstYzoLXsNXuQrkChGGDfE9cu7gBj1hL5YIlvFWJ-pJ26gKfZYTX0GA7MSQUZ9OVhqJwpfgMGtwj_8QZbY17b_4xRd4Y8BYMd7GCxc8msPrQmcugi00GgvDx8beVKgJfas-387VIHUgmiRcmQ93WMet1PwynsNbvov5z5LdPemyQBx4GwijGMRF4slOiOY0q88lGqoyZWrsbZM6KG54DzmK9JPiTKZzNIEsCFFMlm_4eKjIykmEhbHyiiv4kd7l_wW2hnlwFArmim0yM4w-tuvbQeWW8styrgwW-M8Egs2_-dWW7yPiHPYxmXPDk0qYu-eQn1rri3fESPIrp6qS-bbr74ELmqn_oE3uJpP31LTAlu69FxUiNwhm27f9UGN6kJta3UUp1UDFPD8Z6V2k3VirKJo-SOzB4VXbx32J4KrwaBdFovnbIQlUC5vb9Qqwh_C1vJg8sq7gw4LjNN4M9Arv1Mt8PhXqhQso2oapCa6PZlHwN3zYyVeC4z2_7BmO6Ikqe1OA4sT8UIW-LhHVHtsgdjVCyQ-w96mjr1wjRXMjEMIPiTW03S8oq6OVznTm_3lr8_PCA-ULVIJxK5wmLzHcunao7Uhd-bu4O2fI8Jqr6So20nIhjZHBYvYWP4xInI6bPKgT-p1XuUhMYdomNLQIwnbBh3KmKg1KCq8op74CO1Sz0v2v0QW-fKhReh0uWoS5DDr_iuruQ_UYijozTbvj4UZ5goQ7-UuaiK5kEgpCqcKbd6L7of4gC-fMd12XCaevvJvOIEetjcj51r394zIuJ5tCSlXcwva-6n-qRwp9edfH-V-IDyWp5Hsu7SO7smGoAu5EkpV-q0AGCTh-gexcbjuqwXMndb7ydPtp2gTF-sVvAnxL7tZ2k5mKOZBoX0gAB2_N26xEgbCSdAIgvDQMMhr3Ern-rr-Fs656RmCHzujj_PEnBwOI5TOyCK3snRLpwf_6wUvolorr2HIklSkfgdpbqc78srD9rS2wokx7czM8mBRx1zsrNZyzhENe1epHHvwo7FsHbqv3-eH7q-L30R1rQBBVNnDDyPoZ1sEeBGiLDFPdpPMfe3xZxtQj_lmmWy8HeFk-OUzAu0wH-lyvyCuzuNeBzzbCBZr9Esj6pbpZTIngQe62tJw4cdMPc_sEH-l1oZ0cZumsWvQuG5wYnB8KMNfOu7k-270xF&sai=AMfl-YR2eXwi9vQhbSIRZP586o60XJNZmkkQBgfeCp3Hg7E-9tZt00LZpNcfDp48EQ3rPjZUwi0HEXZOPbZbgYvWlb--NH707-S_EgzfI9169W62v1oElMaDaXF7-YeT_pAzeld9EMfgH3c7JhaeVjhtvDqv_Vg3-ILX0QrsJ5CWQLyfEqlUyzQBBt5rXeC4yZddzvdjLS_23MBn2RfUooL6xcOIcGGO5ytEVJ6ebzL2ls_tUtTfOKopS6Fa4miY2A6mUuY1c6XVF4rPUmKylVuFzeDeEJCMrFScANkjOHE2O_Lp0Z5J_n0NrSGFkLTg66PsWbM&sig=Cg0ArKJSzKKeue9kGliCEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 96FB
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_EvwIQ_OjYAhjFq-X-ASABMAE&v=APEucNVEhfnZ9je6jk_oHThDx2RgXm0LniQ07AVccXxdPCy50tNZ4wyudHS8dTclMHO3tdxiiGzMYzKa_IPwrdildDW6NXY9rNaIA9kU2OwgC7ojcKbrC2I
  • https://s-cs.send.microad.jp/cs?key=google_1&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
170 B
409 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Protocol
H2
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96FB
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 96FB
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvI1UArh7-UihHOmx_hivfMHit7pX2PdxCyl2S9QpJHiUqh1sENeZXoMMtzWXZEJv3_82UPdv7IwpYiX6V0-D9_3Jv03KJ7WMoSV1QLif2Ne06yUnaffglbLidSKS8mbk3_9G3SaOV0T_c&sai=AMfl-YSDEJiqsKGSFzqkODc9PqIuNipwBMNtAOEZXTFjjxCVw93w9xTrG7ADziaSUDw3QuCMvPVJ8j3hzM42SREcgPrhy6ELsEPLf23FuAdboJxIISQOB0WSI7N0xkfYymqkv09oA9VW3_dlJuNgpk_aAQ&sig=Cg0ArKJSzHUqI51oWDksEAE&cid=CAQSTwAvHhf_iRiOLW1GIisVlHLNhZMzjrC4s_iPWwpPRd9Cso9beA7qbo95jAANc-ecRBhtPaUSNN5YmyAnax70VjCs-vPvYbwZY-NrGx0xQRMYAQ&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D11520%26vmtime%3D17%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D758656306%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702872164319&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 96FB
42 B
108 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHIWLY8R_ZYb0GfW5pt8P-LuOyAX1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEtAJP0DbzkXxr76XuaKkAMrME5jPxg7JKoE9U_BCsYiMVOCMK__Nj5NIW2ofc0_vMGYBXbSxXyKC7fM7AWow5QDLi1ckV5fTJxKVGXo_6rok0aBmQgGwCfZT15ZoTiRJzFSC2w2S_gipooA6JU6_bYL2Eoxz6Gd7Wy5iUwI0rl7_LI5AibGaDhdR8EM-GHoJissMzbJGVkkJN7pVAG64hIdPYFUvhuE9eiqQqDeA3YWnFBU9IR1cu_GUD84Aq_JDeG9XclBeM_xmG9xw7oQygWGquk_ZFjddJ-ITpjb45FaHYuJYo0odsw4tnEBkP2bnvoXJKDBgCX8eNyec7vKQ0K5RyNOw-Qo987pKScaNuMioPFjUeGKSt_pDgx_uQWL4--07-CF1_uIx3H_DguCBorQcBVR0SIcAEyZHuzckE4AQDiAWBoM65TZAGAaAGdoAH6pCVvgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOljF6paTjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAeALAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJKUOINEwjenpeTjZiDAxX1nOkFHfidA1mwE8qjyBXIE96B9-MD2BMKiBQC2BQB0BUB-BYBgBcB6BcD&sigh=1Bd1ouNDuoc&label=vast_creativeview&ad_mt=17&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D11520%26vmtime%3D17%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D758656306%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1702872164319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 96FB
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lqae4ay5&c=1324699826774&slotId=662349913387&qqid=CMaxmJONmIMDFfWc6QUd-J0DWQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2014&mt=video%2Fmp4&vs=1280x720&dm=11000&ple=0&umsem=0&event_name=first_play&asset_bytes=199308&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.q8~ff.qk~videopreviewstarted.ql
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 18 Dec 2023 04:02:44 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 18 Dec 2023 04:02:44 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
Fetch
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231218
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
43ba72b01c71a8f174727370335990c884f93923d7d41a1aebe12a74201dadce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
content-encoding
br
age
111
x-jsd-version
1.0.1907
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
853
x-served-by
cache-fra-eddf8230103-FRA, cache-tyo11920-TYO
x-jsd-version-type
version
etag
W/"63a-G6KC6p9rpwBWHk8z3EA4ei3GR6o"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/
483 B
1 KB
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:44 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1522065
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
Server
cloudflare
ETag
W/"922cffdd75f7192f75231d92684885aa"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BUy06qvI5nSyciLmdPa0%2FnPfM%2BceoQP%2FhSNCPA3XpipuGI2aft3p0fAFHzj%2FSxkugmlbKSsssGqS4qukCf597%2Ftn2XcySBVqfCjbf2O9SNffdCGvw41FOPp3IH85tpn8HrRhjLtSAYbDEZB"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
public, max-age=1800
CF-RAY
8374831358ed264e-NRT
Expires
Mon, 18 Dec 2023 04:32:44 GMT
/
prebid.smilewanted.com/
0
0

bids
prebid-asia.creativecdn.com/bidder/prebid/
0
181 B
Fetch
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
header
hb.aralego.com/
0
180 B
Fetch
General
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772A2DB77778DAD8029A88BA72B224B&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=231286dc-7bbe-468b-a244-e0e553e9246d&u=https%3A%2F%2Fwww.hawtcelebs.com%2F&host=www.hawtcelebs.com&ucfUid=31b8eac5-f448-4ac3-af3d-70e694d2bb8a&w=320&h=480
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.98.2 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:44 GMT
access-control-allow-credentials
true
connection
close
cdb
bidder.criteo.com/
0
196 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=82938789712&lsavail=1
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/
361 B
925 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
20e56955bc8799b3dfa70a9926ff11a4029afc5e1d1b8a7839f68cdd3b51ed7a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
an-x-request-uuid
5aa7225b-b2a2-429e-90aa-766ad25eeaa6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
361
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/
0
374 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:44 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
server
envoy
vary
origin, Accept-Encoding
auction
tlx.3lift.com/header/
19 B
760 B
Fetch
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.21.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.251.173.5 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-173-5.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
accept-ch
sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch
x-auction-status
29
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
unruly_prebid
targeting.unrulymedia.com/
11 B
207 B
Fetch
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
unruly_prebid
targeting.unrulymedia.com/
11 B
208 B
Fetch
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
pbjs
useast.quantumdex.io/auction/
0
269 B
Fetch
General
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:44 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8374831378d3f6b5-NRT
access-control-allow-methods
POST, GET
prebid
mp.4dex.io/
1 KB
1 KB
Fetch
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8a4de0535e6ca3a5a62947c800e9732ba04f0e4f172e6b446dd338d51375da5

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-tyo
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8374831378eb3bf9-NRT
expires
0
tf-v1.jpeg
px.vliplatform.com/
0
267 B
Image
General
Full URL
https://px.vliplatform.com/tf-v1.jpeg?e=rNKMRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNkggzR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNATKYATew-MyKe-PeMy-qrYU-tqZrBABKPZPTRzyzNhqut_cotvRws0NT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Dec 2023 04:02:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V565BiKqv4nBu7bFrPlP1VNm9afO%2BuNQ8T3B0bMaLIg4hfEA7ZfxhKrUEWhfKcNz2KGi1K8jxC1ty%2FYPNHJgHvAKS69iN4rP9cFtMaBreXk3Fbp2jmjgO3vRYMcKDa0zleAurx1q910JcF980VovLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
837483138b362669-NRT
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/
0
527 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNkggzR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNTTTYUMRzdNMarqwTKA-KtrP-PtTe-aUYU-ttKAaBaaZPMKRlmNBBUbPMARdzNwqfftkRqxeNco_KMTTTYUM_wqfftkRwkjNAR_yszuNyqsltRkjmNBYAbPMA,BBUbYMA,BAAbYZARwlNldostvqfztr,kzwigxlt,xeyxffts,ekoztg,gyzdtroq,qdb,zkohstsoyz,jxqfzxdrtb,qrquogRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Dec 2023 04:02:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gAN8SZi7REzfJx2okFJ7c1%2BApxAZeYhMvr5CdWHovJ%2F%2BhMpf8Vj0lwcGZLdTvpbFoTJeUCJeurrn2Sv%2BbUv6ktX7H6YpgvzoYwYVn1a8NAVbVrdDnlylML4Mut6XlYWZKFq8yIHzsl5m2VTQZAb8pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
837483138b372669-NRT
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/
0
268 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNkggzR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNTTTYUMRzdNetqweBTU-attt-PPqB-MAPt-TMeUKwUtatATRlmNPTAbYBTRdzNcortg%20gxzlzktqdRqxeNco_KMTTTYUM_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNPTAbYBTRwlNekoztg,gyzdtroq,qdb,xfkxsnRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Dec 2023 04:02:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gKLTTirtWGINRu5EhTy9ng1%2BbQbG2Wf2DZ5jjv2gNdVUMtjMfNDIRV84kNHg1RwmejT4XHf1HNA5pcbzjpK%2B76ToqKFg9EcABxt4jOQIqhoy8iqEwgcVZcUyWBaAjmaMsmcnHLkOYuE8M2HqYbkxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
837483138b3a2669-NRT
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/
0
270 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNkggzR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNTTTYUMRzdNTPrMKyBU-ZUrq-PwZt-MtyP-BTPaArPUwZwBRlmNUPAbPMARdzNcortg%20oflzktqdRqxeNco_KMTTTYUM_oflzktqdRwkjNAR_yszuNyqsltRkjmNUPAbPMARwlNekoztg,gyzdtroq,qdb,zkohstsoyz,xfkxsnRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Dec 2023 04:02:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPPZBKMYro1XTQWYbAKMrrs36XsC7HwBoCSTfrm9Q80vTNJXghzyqxmPcemVJcCi2qNSDpps%2FfAlKYqTMiQIBxSEKWifHcSolD0sOnY57gT1akyNP%2B700AucYuck42mdQSNQ21nDcFP%2F1mF5OMBa%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
837483138b3b2669-NRT
content-length
0
alt-svc
h3=":443"; ma=86400
0.php
s4.histats.com/stats/
52 B
186 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?1890596&@f16&@g1&@h1&@i1&@j1702872164393&@k0&@l1&@mHawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-185202870&@b3:1702872164&@b4:js15_as.js&@b5:540&@a-_0.2.1&@vhttps%3A%2F%2Fwww.hawtcelebs.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns561935.ip-54-39-128.net
Software
/
Resource Hash
23e28a741e1816e42e43b9041b4cc25cbdcc24d12f3d6a4db0bda2a26cf160dc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:36 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
pbjs
useast.quantumdex.io/auction/
0
134 B
Fetch
General
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:44 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8374831378d5f6b5-NRT
access-control-allow-methods
POST, GET
cdb
bidder.criteo.com/
0
197 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=97839561593&lsavail=1
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
tlx.3lift.com/header/
19 B
744 B
Fetch
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.21.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.251.173.5 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-173-5.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
mp.4dex.io/
1 KB
1 KB
Fetch
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c78cd18af9119636ec716458669c55bcc03d863c58c0ebaa494b181e326f9e8

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-tyo
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8374831388ee3bf9-NRT
expires
0
bids
prebid-asia.creativecdn.com/bidder/prebid/
0
180 B
Fetch
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/
139 B
704 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
f81bde43fa67ee8e66118be314b4b5d71e9a11df401f5372a1f17cbf24eeeadc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
an-x-request-uuid
9027cdc7-1029-4600-80b6-9e414160a2dc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/
0
522 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:44 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
server
envoy
vary
origin, Accept-Encoding
cc.jpeg
px.vliplatform.com/bi-v4/
0
273 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNkggzR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNKYUZTRzdNZrwrtteY-eTyA-PePK-atqZ-AyMPTTPBMBtARlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNAR_yszuNyqsltRkjmNaKAbaARwlNjxqfzxdrtb,zkohstsoyz,qrquog,kzwigxlt,qdbRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Dec 2023 04:02:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpqAIerZf3NieTCZrW%2BJO9vYDknqqYHyIZ4YEVLtZL5zU%2FJW2XTlUBHuCAfvFFCx%2BM2Mo2kNoFqIIETs8QpJppHnERwG8vBOzBENNz5ZtxcPutkpDREPI27NwxFpEaDlYCWp81kO8BtyPONo2D573Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
837483138b3f2669-NRT
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/
0
277 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNkggzR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNKYUZTRzdNBKBZAUaU-YKAy-PaZZ-wwTM-weAUBUKwKyYKRlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNAR_yszuNyqsltRkjmNKYMbaARwlNjxqfzxdrtb,ekoztg,zkohstsoyz,qrquog,kzwigxlt,gyzdtroq,qdbRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Dec 2023 04:02:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7oTqEU7v0fWV76XzBR8EGGCC1TzznPv1P%2BHXKqV%2B3q%2BHCOh1d0repZ%2FJ8k%2FIkatQX4qPDzGo9K3htYll6Dd%2F86MtNOXgNOSl5cP8wuwcBt%2BBMS%2BZUbdfqXWR1A9m0vRJKx7a1pYi8Fdi31I7fl3JVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
837483138b402669-NRT
content-length
0
alt-svc
h3=":443"; ma=86400
c
prebid.a-mo.net/a/
0
375 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:44 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
server
envoy
vary
origin, Accept-Encoding
bids
prebid-asia.creativecdn.com/bidder/prebid/
0
180 B
Fetch
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
useast.quantumdex.io/auction/
0
133 B
Fetch
General
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:44 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83748313a8fcf6b5-NRT
access-control-allow-methods
POST, GET
cdb
bidder.criteo.com/
0
196 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=71784459485&lsavail=1
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
1679645040.png
s3.vlitag.com/vli-assets/widget/2023/03/24/
137 KB
137 KB
Image
General
Full URL
https://s3.vlitag.com/vli-assets/widget/2023/03/24/1679645040.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b640db060bd6c45e02eb82c75a7f0f087e7b0b30f47bcfa6aa892c310778fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-version-id
adca3e5c-ed21-49da-be40-eceb038cd834
cf-cache-status
HIT
x-amz-request-id
17A057D9DC1379DE
age
414866
cf-polished
origSize=323185, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
140071
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 05 Dec 2023 07:24:10 GMT
server
cloudflare
etag
"8fff64cc4c3dbfebc6cacdb99278ef9d"
vary
Origin, Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83748313b8f7e38c-NRT
1648753545.jpg
s3.vlitag.com/vli-assets/widget/2022/03/31/
112 KB
112 KB
Image
General
Full URL
https://s3.vlitag.com/vli-assets/widget/2022/03/31/1648753545.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9c91163fa78badc3ecdcc01a732409c9575abbe1bd870523ca5430a7769bf38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-version-id
037169fc-3451-426a-8099-17be3499b9eb
cf-cache-status
HIT
x-amz-request-id
17A05315EB14D708
age
414736
cf-polished
degrade=85, origSize=133932, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
114388
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 05 Dec 2023 07:24:21 GMT
server
cloudflare
etag
"0b780e1f9c3aa56f100c9ca8332275fe"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83748313b8f9e38c-NRT
1572962830.jpg
s3.vlitag.com/vli-assets/widget/2019/11/05/
170 KB
171 KB
Image
General
Full URL
https://s3.vlitag.com/vli-assets/widget/2019/11/05/1572962830.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24a1cdd313ab6fa435e1a0f9f4f0395f864a11c9a5ff9610beafe91548d1a8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-version-id
55e34521-3833-490a-b03b-194faa9f277e
cf-cache-status
HIT
x-amz-request-id
17A05315F350B920
age
414044
cf-polished
degrade=85, origSize=227959, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
174276
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 05 Dec 2023 07:24:05 GMT
server
cloudflare
etag
"15d375954b394555f7722650c272486b"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83748313b8fae38c-NRT
1592801729.jpg
s3.vlitag.com/vli-assets/widget/2020/06/22/
84 KB
84 KB
Image
General
Full URL
https://s3.vlitag.com/vli-assets/widget/2020/06/22/1592801729.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f97e558653de10d9db3cd82e72aaba6389aff7fcb30f32b286a271444478838d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-version-id
af70391c-ccef-4f3b-ac36-00807edfdec9
cf-cache-status
HIT
x-amz-request-id
17A05315FF2F01A3
age
414044
cf-polished
degrade=85, origSize=103053, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
85602
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 05 Dec 2023 07:23:39 GMT
server
cloudflare
etag
"d86500b32a982028f620e769f21ecb13"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83748313b8fbe38c-NRT
1572962870.jpg
s3.vlitag.com/vli-assets/widget/2019/11/05/
123 KB
123 KB
Image
General
Full URL
https://s3.vlitag.com/vli-assets/widget/2019/11/05/1572962870.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fd17b37a80684f1fada310c8dde6e979db05aeb791efdcd4156e76816def578
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-version-id
df079db1-db09-4867-baca-a27d88918c96
cf-cache-status
HIT
x-amz-request-id
17A053161224A335
age
414044
cf-polished
degrade=85, origSize=151033, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
125466
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 05 Dec 2023 07:24:05 GMT
server
cloudflare
etag
"390869649b0b6764a3eba50cd2a8e0ea"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83748313b8fde38c-NRT
1596163502.jpg
s3.vlitag.com/vli-assets/widget/2020/07/30/
119 KB
119 KB
Image
General
Full URL
https://s3.vlitag.com/vli-assets/widget/2020/07/30/1596163502.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b8c285afac732675bbbfc8b052f4033ff296428769c8333fdef3416d30fd8e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-version-id
145d690a-adff-4e79-b568-97c575285910
cf-cache-status
HIT
x-amz-request-id
17A05315D5A10E84
age
414736
cf-polished
degrade=85, origSize=140376, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
121769
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 05 Dec 2023 07:23:43 GMT
server
cloudflare
etag
"ffdc9e3142a9c78c522b619bbbabd658"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83748313b8fee38c-NRT
cc.jpeg
px.vliplatform.com/bi-v4/
0
273 B
Image
General
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNkggzR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNBaARzdNZBAeAwyw-KyeY-PMaT-qyrP-MPATtPtYZwUKRlmNBAAbYZARdzNwqfftkRqxeNco_KMBaA_TRwkjNAR_yszuNyqsltRkjmNBAAbYZA,qxzgRwlNqdb,kzwigxlt,jxqfzxdrtb,ekoztgRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Dec 2023 04:02:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3E%2F4o3vDyeBa%2B2pAhnIqV0jeHkxL0bRNkz6%2FjJVHsSppkdCfrSSeCO9f%2BOgugnvaH7cKbnAhlhr1D1agQSaJcZd5gDM9OrrSs8Wnv1vFW6g1t%2BGK%2B5cQ%2B6EtDJohyVBZXuBU4oi8ctVucAmAEThTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
83748313bb602669-NRT
content-length
0
alt-svc
h3=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 04:02:44 GMT
videoplayback
r3---sn-v2u0n-ntqr.googlevideo.com/
Redirect Chain
  • https://services.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y
  • https://redirector.googlevideo.com/videoplayback?expire=1702891364&ei=BLt_ZdauCJ-ulu8Psqe7EA&ip=23.92.64.170&id=o-AJA5mcMNJOdtkQDLKAD2ZSRdgb6wEE31jBnvO4m9wuXL&itag=18&source=youtube&requiressl=yes&...
  • https://r3---sn-v2u0n-ntqr.googlevideo.com/videoplayback?expire=1702891364&ei=BLt_ZdauCJ-ulu8Psqe7EA&ip=23.92.64.170&id=o-AJA5mcMNJOdtkQDLKAD2ZSRdgb6wEE31jBnvO4m9wuXL&itag=18&source=youtube&require...
828 KB
0
Media
General
Full URL
https://r3---sn-v2u0n-ntqr.googlevideo.com/videoplayback?expire=1702891364&ei=BLt_ZdauCJ-ulu8Psqe7EA&ip=23.92.64.170&id=o-AJA5mcMNJOdtkQDLKAD2ZSRdgb6wEE31jBnvO4m9wuXL&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9fyUe30UvvW1mhE70L6hJETfZBbUioDg0NVWdjw&vprv=1&svpuc=1&mime=video%2Fmp4&ns=mgZHbNJWhlNYgklrPZ3vFrMQ&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&beids=24472445&c=WEB&txp=6219224&n=-BKPWC-sWGEifAfaW&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AJfQdSswRQIgKc6LEkgAaN0iIJoUcAYzRab-mhyvxaiylkRZ9ogrB6ICIQClfZjYKAoewtpA_u8a3cago8eE7OBZn7071jbSDCUiPg%3D%3D&cms_redirect=yes&mh=d6&mip=2001:ac8:40:1e::2e&mm=31&mn=sn-v2u0n-ntqr&ms=au&mt=1702871852&mv=m&mvi=3&pcm2cms=yes&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pcm2cms,pl&lsig=AAO5W4owRAIgf4A0V1Umps1uOoRlM51MAH2yh2jxHse6XDf2unbVyVQCIBprXiPaS-IVdBWymylp0d6vH9hEBNAjZML6AMtmYGGU
Protocol
H3
Server
2405:dc00:ef02:3::e , Australia, ASN4804 (MPX-AS Microplex PTY LTD, AU),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

client-protocol
quic
date
Mon, 18 Dec 2023 04:02:45 GMT
x-content-type-options
nosniff
last-modified
Sat, 03 Jun 2023 08:32:55 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-14185952/14185953
cache-control
private, max-age=18899
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
14185953
expires
Mon, 18 Dec 2023 04:02:45 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r3---sn-v2u0n-ntqr.googlevideo.com/videoplayback?expire=1702891364&ei=BLt_ZdauCJ-ulu8Psqe7EA&ip=23.92.64.170&id=o-AJA5mcMNJOdtkQDLKAD2ZSRdgb6wEE31jBnvO4m9wuXL&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9fyUe30UvvW1mhE70L6hJETfZBbUioDg0NVWdjw&vprv=1&svpuc=1&mime=video%2Fmp4&ns=mgZHbNJWhlNYgklrPZ3vFrMQ&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&beids=24472445&c=WEB&txp=6219224&n=-BKPWC-sWGEifAfaW&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AJfQdSswRQIgKc6LEkgAaN0iIJoUcAYzRab-mhyvxaiylkRZ9ogrB6ICIQClfZjYKAoewtpA_u8a3cago8eE7OBZn7071jbSDCUiPg%3D%3D&cms_redirect=yes&mh=d6&mip=2001:ac8:40:1e::2e&mm=31&mn=sn-v2u0n-ntqr&ms=au&mt=1702871852&mv=m&mvi=3&pcm2cms=yes&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pcm2cms,pl&lsig=AAO5W4owRAIgf4A0V1Umps1uOoRlM51MAH2yh2jxHse6XDf2unbVyVQCIBprXiPaS-IVdBWymylp0d6vH9hEBNAjZML6AMtmYGGU
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api-errors
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-west-2c
access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:44 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
server
envoy
vary
Origin
api-errors
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.hawtcelebs.com
content-length
0
date
Mon, 18 Dec 2023 04:02:44 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
3
x-rc-region
us-west-2c
dc_oe=ChMIzaCxk42YgwMVflDCBR3cXQDkEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCObejpONmIMDFYeW6QUdj4IJuQ;dc_rmcid=CAQSTgAvHhf_YJlZ-ZvCOT-PQl99i0DAxjz4JPpLzG8B4FS84QzpsCxbPC9RsS9aadoBMYvhWNS...
ade.googlesyndication.com/ddm/activity/ Frame 6775
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzaCxk42YgwMVflDCBR3cXQDkEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCObejpONmIMDFYeW6QUdj4IJuQ;dc_rmcid=CAQSTgAvHhf_YJlZ-ZvCOT-PQl99i0DAxjz4JPpLzG8B4FS84QzpsCxbPC9RsS9aadoBMYvhWNSsGc28mr3th5ofAZfspFUXTVQ_catM6sexPxgB;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOliHr42TjZiDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D11520%26vmtime%3D37%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D667307141%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702872164468;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6775
42 B
108 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CUWlnY8R_ZaahEIetpt8Pj4WmyAv1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEtAJP0J2ioVEDabUuJHHGsAskP4-nAmv5CJc_03aqVR9WU9fFoeAcTskWblJq_etiGTpJwMUftd5-wjqd4H9qkMdxTuTQPjWGfXwaXbgciYJ0k_AlvBMjAuYbW_HqA_R61uqkdOhf1tfPpSdzuctYc42i_rOqQC6GvYjPAs1Tf4fKslceldLPLqqB4ay7b0zw0FYLInGFNw0XKz22WjqVvQLG6dbSwAo4WlPCzMa-PZ8YNZGl70XPXwzRsumHV0onN_Mpz95f_xFwky_6bDn7ksxzBY-hgLUodP99r0g_JW21ko0kdXjeHLPZf6n2BixIkbr1WqT36jMULcHZZNjw6xgWWPlRBd1d3O7x5CyXchOH_TXIY-C318CgY-u2qj86JaLFk8YdsIBp0jrsBBwwMLFLKpmqn8AEyZHuzckE4AQDiAWBoM65TZAGAaAGdoAH6pCVvgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOliHr42TjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAeALAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJKUOINEwjI2Y2TjZiDAxWHlukFHY-CCbmwE8qjyBXIE96B9-MD2BMKiBQC2BQB0BUB-BYBgBcB6BcD&sigh=nSVoW9JCFIY&label=part2viewed&ad_mt=37&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D11520%26vmtime%3D37%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D667307141%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702872164468
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6775
0
65 B
Image
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv5m_b1pwlOZkApH3v8y7-5O8OYqYC9rm9n0ICp_0Gx5-5VcQpJJPG2QIrdYzQWMqC_4gCMQMvb4t6XMDrbZct6nYJ6TNArjQyDmrhKDv7uFHkjgxoBjcJ6lyebn77I9w0yIvIT33dpKL202gdlDvJOASbKrL4FTjHu8z1EOHiFTxK5CAqavl3DawsHLHq8yNIE_QYWLNU5eF9BCFeMtFQRpmK4WggKoZxfAKz6bZx_7HhustEXIiy-vjJqfFFXgZfuBxl9ih2IOqSGzuwlJNrcQt1y2i_aJLBck3HJEZsisqDLsGSo0vUnGegQwRVVpYhjZJRzmlB5lfqNoQiCffjZ75oAu1sXt6yv0E08XaU7R6BspYMwRc3wrqWGRKtEIQCsqJHyCzL4d4sZfd3aRsFSPz3dF3trWVbPA3PvHI0cRS_cYO8YD32fNtK086fdA7iUCQaBJidP8c7Wib2PQgIh6AuqxLP7HbaRo18QJiNCe8vv5bJXfQbhPqdwo41hT7cC8yYxf75vXIOfcShYZjp_Im-MxRyqmwTEQFYyQyuTpY7hWEjhHuBstBvzeFlWd-toiwliKIJbQJF-M0AM0Fxv_wy4X3RQzvB1nj__cuWW4gQTxQaanunPSsIoEfxFwPZ7ON4MnL7fcXFjhuswRNXjNgL1IbpS7I0AMw79LIOmpSqOF6YUxcePTViHt03dCmAc1mie2a3oYwpZeiDaUoO-7VSjWCUZsy3VDCAFp1rFEP_fZz0o3yGF0foxLgo50uS49O2-wHfJSOiL5JoldVTbcl_LXWeMJ0_l71rNcaNUuOa-ZuX38PWXuxoyxy-0YdezDcUNwZZRQQqVlyeWOOc1UUJvY2LJ0QxpPxeTwuOP6SCrCnZnXIPpZOQDLrBaY7_kOAqz66xq-8zV7Ny4Z8umr5h8ZrJwptKZjFHG0Qjn-MygTdFnQRviFe0wNqSTdKiLCmIHQ9Z1ac6_Ed1_QtMBOWz6uj7mpkdGj6Q7WYmQ8CtoJfelQqIdMATPVlNEgmpuX8Itpe6kq3gkdTRglwqVxr_VQ8S7Ig2L09nXxCjwzhWynNg63x7yKioV07i7cM5foCth1wj6m8SuAvS0hru9PWh7iAyTdK_cjR3yyWi8ksm0Gi7HyUilK78X7uSHq3zXTNt6FDbHnsBMaPB2RT5Z1U67tuJKbSknsAKXWuUFqzBCjmS9s4ayMRQIPOGE1jKBDDkcz44vtUjwa8afnKqfYUJt1hYWUdZb69FQPSDizz5IstT_UrJ57cQW6L2_XbVzRmNelkIExV9QKrVJKXCmgEprMg-U4ljs9lYd2QlugpuaMYE-o085YpttX-5isZ9xc0W2UBDROLLv19fCJXxPoADuUsSAy2l1wMV6Kn2mMGvl-qt4O1qhk87moJ9VK5KQNunO1RFe8jLmKx1V3Sm2qkB5o9ZBwRjV-xvqCjo0KSsJbA2gZQO-VL7ZEODCX8KNi4E9BQq4hn2cdawZipC4Vyo5i6sZcVicaD2fK7WXc6rUkI__k31Fga1C8NpBs0y4RRZiYg&sai=AMfl-YSj_xZrlCkTQyMYJK6prYk5p0Xu1Q7jqLtcE97az7Frx7Ic9FwAdHhZGjyNxgxCEI2sNM4HxUAxdU8aDqjvTMcUMQpwhuaEoG8vDhSD5RvJguMX91xJdM_NZhG6qsgPJ4uv2p_xqE6GPgoB64Ymx3TjrWFfLf3gm3rZhYhucoY06I9gl3c_6wqSNWgjC2rIY3G9aA4xVRt9eZl8J1rZZJ3-8s4fDeAKkFnH-WqrnqD3xfUdEB0hffJVSZCO5OH1648l7Hb7YMvDrKv6KT-YGhyKU6vLCzZCL8SwApEqUR8BkQjluA0Rddp8jsXcFhU&sig=Cg0ArKJSzDkWtlUoL_zHEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 6775
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_EvwIQ_OjYAhjFq-X-ASABMAE&v=APEucNWk6UsCpKMqoC4oXNqxdFMS7A_8IBUT023sCkDmqXF8gJUfsOmfVogCwtgFCi35XchzgJb8KEVLoLNaZye05LPdpBFBAgiIPXWgq63VcjcObGcDv-I
  • https://s-cs.send.microad.jp/cs?key=google_1&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Protocol
H2
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6775
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6775
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkXOm8HqU5_9TdoaijOAMQ5wwXnMov3wxw2ejC1QoNpwN92Npf7pQIxolItgV9T-lDcc9YwZSe8AJfxew9A72QBlaFXDe8usbxYKN4_EGjhYNI2WLTP5xAY3HNXQVeqCqeff7wIKyex9o&sai=AMfl-YTWAmToPWvgJQNmdNbDNoEsS8GO9T3nNg1Xp3C29ZGTNUV9HQttA0YXUfrfaoEqvS7KSWq12BScoFJ8mTgclwuOhRmrUjMJK1bEAh8VqCuV4dJnaSyIdKsCPI6yLccgjOfEu_VxYlC25PbYl-a9&sig=Cg0ArKJSzHjYaNsCc1PhEAE&cid=CAQSTgAvHhf_YJlZ-ZvCOT-PQl99i0DAxjz4JPpLzG8B4FS84QzpsCxbPC9RsS9aadoBMYvhWNSsGc28mr3th5ofAZfspFUXTVQ_catM6sexPxgB&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D11520%26vmtime%3D37%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D667307141%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702872164468&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6775
42 B
108 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CUWlnY8R_ZaahEIetpt8Pj4WmyAv1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEtAJP0J2ioVEDabUuJHHGsAskP4-nAmv5CJc_03aqVR9WU9fFoeAcTskWblJq_etiGTpJwMUftd5-wjqd4H9qkMdxTuTQPjWGfXwaXbgciYJ0k_AlvBMjAuYbW_HqA_R61uqkdOhf1tfPpSdzuctYc42i_rOqQC6GvYjPAs1Tf4fKslceldLPLqqB4ay7b0zw0FYLInGFNw0XKz22WjqVvQLG6dbSwAo4WlPCzMa-PZ8YNZGl70XPXwzRsumHV0onN_Mpz95f_xFwky_6bDn7ksxzBY-hgLUodP99r0g_JW21ko0kdXjeHLPZf6n2BixIkbr1WqT36jMULcHZZNjw6xgWWPlRBd1d3O7x5CyXchOH_TXIY-C318CgY-u2qj86JaLFk8YdsIBp0jrsBBwwMLFLKpmqn8AEyZHuzckE4AQDiAWBoM65TZAGAaAGdoAH6pCVvgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOliHr42TjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAeALAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJKUOINEwjI2Y2TjZiDAxWHlukFHY-CCbmwE8qjyBXIE96B9-MD2BMKiBQC2BQB0BUB-BYBgBcB6BcD&sigh=nSVoW9JCFIY&label=vast_creativeview&ad_mt=37&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D11520%26vmtime%3D37%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D667307141%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1702872164468
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 6775
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lqae4ax4&c=5702684397138&slotId=2851342198569&qqid=CObejpONmIMDFYeW6QUdj4IJuQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2014&mt=video%2Fmp4&vs=1280x720&dm=11000&ple=0&umsem=0&event_name=first_play&asset_bytes=199120&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.yw~ff.z0~videopreviewstarted.z1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api-errors
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-west-2c
access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:44 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
Origin
api-errors
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.hawtcelebs.com
content-length
0
date
Mon, 18 Dec 2023 04:02:44 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
us-west-2c
/
servg1.net/
971 B
1 KB
Script
General
Full URL
https://servg1.net/?uid=613bb0d66b6a5524b8fb18d3&oab=1
Requested by
Host: servg1.net
URL: https://servg1.net/o.js?uid=a6a9ff0d0f1e980b3cea04fa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.244.5 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-244-5.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
c8d363f0c57ad5f9f0d20cad9d5203a410c7118401ef737385b366c897a83109

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
server
nginx
x-powered-by
Express
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
971
expires
-1
container.html
861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6EB9
6 KB
3 KB
Document
General
Full URL
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:828::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 04:02:43 GMT
expires
Tue, 17 Dec 2024 04:02:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sda.css
live.demand.supply/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://live.demand.supply/css/sda.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
649af545f5efd2a265363ceeb7fdf9dc6dc8c85dfba4d7d3a538930c3d181b39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGBT2QSHKRTSSRN72B94ZTRT
date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
1578456
etag
W/"505b1404b8e3597f62714f70edb3d993-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
837483140ec6f5d0-NRT
alt-svc
h3=":443"; ma=86400
api-errors
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-west-2c
access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:44 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
Origin
api-errors
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.hawtcelebs.com
content-length
0
date
Mon, 18 Dec 2023 04:02:44 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
3
x-rc-region
us-west-2c
e.js
live.demand.supply/e/
0
482 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_auto_interstitial_desktop&e=nai&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447878
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
837483141a032605-NRT
vueling728x90.jpeg
elasticbeanstalk-us-east-2-734424706109.s3.us-east-2.amazonaws.com/images/
5 KB
5 KB
Image
General
Full URL
https://elasticbeanstalk-us-east-2-734424706109.s3.us-east-2.amazonaws.com/images/vueling728x90.jpeg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.133.140 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
fa6c9d53c905d9bd112be662ee6c97d8cb116d110f897629f25cab498cad8cd0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:45 GMT
x-amz-version-id
null
Last-Modified
Thu, 29 Apr 2021 15:59:23 GMT
Server
AmazonS3
x-amz-request-id
GZ5E1D1JMSNV7EVA
ETag
"4d79c571427c4a759298c63d64f2f08a"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
4674
x-amz-id-2
Gt9o/PgqL1soq8ZgKDWwlZi/OhvMl7DlzanXAs7txlGWdX1AdAyUPeSZxWMVi2X6YZ7q2GmZzOnsVWlmtMTDuw==
/
c.tmyzer.com/c/ Frame 3FB6
0
280 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=96761&f=20&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96761&formatId=20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
server
nginx
x-iplb-request-id
9246C9E8:A220_36264064:01BB_657FC464_CBBED73:0F25
x-iplb-instance
58017
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
geo
rbx
smart.js
ced.sascdn.com/tag/1097/ Frame 3FB6
108 KB
36 KB
Script
General
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96761&formatId=20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.216.153.76 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-153-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39109b62bfd99a39e5105acb335eb7b72c1fb63bf6427d7fa8d0b4dea09556ff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:44 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Connection
keep-alive
Content-Length
36437
Expires
Mon, 18 Dec 2023 06:02:44 GMT
sync
gum.criteo.com/ Frame 3FB6
49 B
291 B
Script
General
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96761&formatId=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
247866
expires
60
libJsLP.js
tag.leadplace.fr/ Frame 3FB6
4 KB
4 KB
Script
General
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96761&formatId=20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
97c32278e8275102822dd3f18f9de62b7ff1f796bb43cf04c0845114ec912d16

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
last-modified
Wed, 06 Dec 2023 10:36:32 GMT
server
nginx/1.20.1
x-iplb-request-id
9246C9E8:CD18_91EFC0A6:01BB_657FC465_1ABE4C75:27B4
etag
"65704eb0-f36"
x-iplb-instance
54293
content-type
application/javascript
accept-ranges
bytes
content-length
3894
/
onetag-sys.com/usync/ Frame 102B
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1702872164499
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96761&formatId=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/ Frame 3FB6
23 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96761&formatId=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800e:21:a878:7c6e:cf7b:3362 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 25 Dec 2023 04:02:44 GMT
px.js
p.cpx.to/p/12763/ Frame 3FB6
4 KB
4 KB
Script
General
Full URL
https://p.cpx.to/p/12763/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96761&formatId=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.140.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-140-7.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
af4f7e4c1f7dd598660eafe196804ef8a702b26688cdbef1fe0bdaf516428d7c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
cache-control
public, max-age=2419200
content-length
4396
content-type
application/javascript; charset=UTF-8
mailNotification.php
adtrack.adleadevent.com/ Frame 3FB6
0
859 B
Script
General
Full URL
https://adtrack.adleadevent.com/mailNotification.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96761&formatId=20
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.155.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-155-110.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Dec 2023 04:02:45 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ice.js
resources.infolinks.com/js/1895.006-3.034/
187 KB
57 KB
Script
General
Full URL
https://resources.infolinks.com/js/1895.006-3.034/ice.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54eacec863498628814d62c486eca8cd1c580c77a4dda865b5941006e40c6e66

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 17:45:04 GMT
server
cloudflare
age
13237
etag
W/"2ede2-6099387d9981d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
837483142d636848-NRT
expires
Wed, 17 Jan 2024 00:22:07 GMT
truncated
/ Frame 3FB6
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91b209d2aa36b3131a26bed655592d65daee1f43f34f68256871ef9ae318d78d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
tc.js
cdn.tynt.com/
26 KB
9 KB
Script
General
Full URL
https://cdn.tynt.com/tc.js
Requested by
Host: waust.at
URL: https://waust.at/c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df92371a548b99f90afb3caeb15fdd106cbb37809b0f3f9db3db055e581ac28a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:09:06 GMT
server
cloudflare
age
11678
etag
W/"651ed192-66a6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83748314ff886843-NRT
expires
Thu, 21 Dec 2023 04:02:44 GMT
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ Frame E358
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ee520f8609020eb0bc838cf7a2242b979217c7655a8abd495c283ab784b94f1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame E358
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-lek2VqWREejS-yrW8ib7PGKrohuypqT9e8SU49ax59AG1nxAwWN7uHox2VC3DdOzylM3i011RlCl1tOHLZI5PWCUa6vD3MOKouVhWM1vgRjmVgNvslI4Xx1r0uEN5JV4QpWJEzfetjP1xhgnttUzWm4ZXgVUSAiRgg8cTQRulZak5Ct5RIU0DmyuPWYxFZzYOLZswHnoLGRj_x64i3ry43SJCPZ3PA3AQc2uvWxBNijUnAtx7fj_rZFp6bJZnXLcM8ZEYKf4x6WRLhS9ZdhI1An8YcUo_iKE7VyO6FdbAJ4to9--lBrUH92Cf8jBgQnVkeBAHV7dDe8g3rdeMxXmq6tNC545YBgsWHyPSxzqECundnIUY3w3M5I3Z6vC&sai=AMfl-YSDuR-19t2agIa2Vmb_W0KJmh09WxpiZrcE7Bcf5fqBtFDtlGx6JXj4TAIuVUU380kHqXmclUXrMVqxU_ojTJpofkVkgHc7HFFC-yikHg1zPZvTKEei_Me6wjsw4xs&sig=Cg0ArKJSzMY2jbt041k5EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 18 Dec 2023 04:02:44 GMT
adagio.js
script.4dex.io/
75 KB
24 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:44 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1570165
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98VrznRt%2BbKt2sJanDqMDkpWw04n6yGsrGlvNRKJFWqXP877NpYXZyhCVQAXbR5588VpujfCCpSyKKu2iZlH1T2AfExIUZUjidUrPZRBbkX1AlvuX3DCAyFF9rOUctgbBCmNxE%2FLTp8v1%2F3b"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
83748314f9f920a1-NRT
truncated
/ Frame 24D7
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d588992293e94158c2a2e8bd8608a7293129cc908f68564b0ee29987b302d25a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 24D7
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvm6kwQSN7KqWyZB0j4imht7vEOpEgxUufn3nSUbWAz3pgD2qZALOECd92vN25eFcS82Wq2zHR3TtCg4mg-in1gwHI9TGPraIQe25ZUk3SUtKwuIO1vlvW4DH8kkSws3qsDJPLo-er2M14IZAqGQfMyPsJo0oNZw6yxmQ3bUivP0kqMiT33KE9J-mheewhz1SbafzMw2FLSuUsYYEeB8P4UvTPb7tj1CybP4sTke5aeEvRG9N0QIbK9cbrbXsPWqxsxncemrqjIA7LW39vPI8oONg61C1D8NQuFYX-x38MJ19d1GJF6lN2f98OjOflxSahBx7QaoId87AgOpFpfsHVgVNn8Rg8z9wuDgDFFUiv-m9Zbm-SvssolEOdfuK_M6g02eQ&sai=AMfl-YT0qa4rCcCScxQVHTFxynxzrIxKFlUc8k1isbDzgvTHu8gu4jmJeIP4c2nRW9URnhyjZ-0ww9a0r7VUoxuAI4PNY6lOmDn-CXahi8Iwf61SDSY1VUB8tGZ1_ECkQ1Y&sig=Cg0ArKJSzA3DrHLM3FS9EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 18 Dec 2023 04:02:44 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 6EB9
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 01:44:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
8286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 01:44:38 GMT
css
fonts.googleapis.com/ Frame 6EB9
8 KB
750 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 03:22:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Dec 2023 04:02:44 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 6EB9
15 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 16:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41336
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Dec 2024 16:33:48 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 6EB9
376 KB
131 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 16:33:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41335
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133672
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Dec 2024 16:33:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6EB9
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 01:44:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
8287
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 01:44:37 GMT
l
www.google.com/ads/measurement/ Frame 6EB9
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzLtNZ4QoeUnXvRiOcgvCNIUxNTIvJQT5mIucx6-rJx4QOYaXHPCXuNwfjGtnWtmdcIR7VaXqVTuppHdF_MJGaDEWfPw
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

837482f7ca40afdc
www.hawtcelebs.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame DD26
0
555 B
XHR
General
Full URL
https://www.hawtcelebs.com/cdn-cgi/challenge-platform/h/g/jsd/r/837482f7ca40afdc
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BgCQHkHAQctiOu6nVgPRmaIGFn%2BMzn768g7VGs1hZ6QtDaRibD9tuwT9ASEpOk7mUTx1TFNkjQ3nbWKdvA6iDWJpSNz9QIFVY8KUSBueHe89JwL1GMNbEZ2srblt5zbNY1Aa0c70SZ5ySRyV%2Feh01ts%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
837483158d1c7352-NRT
alt-svc
h3=":443"; ma=86400
300x250.jpg
sc.cx732.com/main/ Frame EDE9
29 KB
29 KB
Image
General
Full URL
https://sc.cx732.com/main/300x250.jpg
Requested by
Host: ads.adxadserv.com
URL: https://ads.adxadserv.com/ad?spotid=6523ec2361d6e22ad53d3fd1&type=300x250&output=html&extra1=0&ref=https%3A//www.hawtcelebs.com/&dt=1702872164135&screen=1600x1200&tags=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fae0f231008e535f7c90a6cc4f5326ad7634e78c6134d0214a55889c85f9635a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.adxadserv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 13:51:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5689
etag
"63c6a7ce-7356"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9%2B213sriJkrvghoyzny5wEFJjzHskyP2IgDOsheIXaf2szM0K1rIPSgtdMZmBbz4GOAcChgu5qqnBsxwIZk4Fk8C9P%2Bh8LRUhZfM2KY4lOdrshutWO7VY93KxpfffTLW9lYrmU2QAy74bc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83748315b90a80c9-NRT
alt-svc
h3=":443"; ma=86400
content-length
29526
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95abaca5a5f710cf478b0360960174ac2153a14f8e875794d2dda4df164263ae

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
api-errors
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.hawtcelebs.com
content-length
0
date
Mon, 18 Dec 2023 04:02:44 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
4
x-rc-region
us-west-2c
api-errors
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-west-2c
access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:44 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
Origin
/
trends.revcontent.com/api/delivery/
12 KB
7 KB
Fetch
General
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=274807&width=1600&gdpr=0&gdpr_consent=undefined&rev_allow_cookies=undefined&site_url=https%3A%2F%2Fwww.hawtcelebs.com%2F&icr_url=&va=0&user_uuid=undefined&time=1702872164738&up=pc&bn=chrome&bv=120&widget_width=300&style_id=0&an=false
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
3b6811ba12ddf9060360d16f1bb1ed19bae1e8cca1cc9b804abbd0eb4b843b64
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-rc-region
us-west-2c
date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=931536000; includeSubDomains
content-encoding
gzip
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
43
/
onetag-sys.com/pub-config/ Frame 24D7
4 KB
2 KB
XHR
General
Full URL
https://onetag-sys.com/pub-config/?pubId=710ea6b8672dcc0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/tag/adserverPlacement.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
d190d1a3aced3533570452b8280253419201734a0872791848ebdcf0f5573b22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
1217
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
postscribe.min.js
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/
17 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Requested by
Host: vastserved.com
URL: https://vastserved.com/?uid=5da50738fbeb116b83fa5b94&w=300&h=250&puburl=https%253A%252F%252Fwww.hawtcelebs.com%252F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
812275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5117
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-45f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evaaMxWsvH65z2i%2FAduQWzGrYFqpIA5jDbBn4t%2FHCBQLx5zQDPtXuYJ4EDOZE39Y5LoQPR0riLIhM9a54pPKPcmIJlertH35bHsQ31EjF%2B%2FfL81WwkaGlvXWTzGASud6bxNKCVhVqdrjEgeLO4XD7KJ2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83748315bca3f5c0-NRT
expires
Sat, 07 Dec 2024 04:02:44 GMT
pxl.js
adxadserv.com/ascripts/ Frame EDE9
76 KB
25 KB
Script
General
Full URL
https://adxadserv.com/ascripts/pxl.js
Requested by
Host: ads.adxadserv.com
URL: https://ads.adxadserv.com/ad?spotid=6523ec2361d6e22ad53d3fd1&type=300x250&output=html&extra1=0&ref=https%3A//www.hawtcelebs.com/&dt=1702872164135&screen=1600x1200&tags=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.98.53.29 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
9c983adf86ebc949957bdf55d524dfa278a79bea8d13f2efa9512c6dd37b86f5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.adxadserv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-77-POP
amsterdamNL
Date
Mon, 18 Dec 2023 04:02:45 GMT
Content-Encoding
gzip
X-Age-LB
0, 72191
Transfer-Encoding
chunked
X-77-Cache
HIT
Connection
keep-alive
X-Accel-Date
1702799974
X-77-NZT
EwwBw7WsGQH3/xkBAAwBuUwKAQHXAAAAAAgB1GY4EQFB
X-Cache-LB
HIT, HIT
X-77-Age
72191
Last-Modified
Fri, 25 Sep 2020 09:55:41 GMT
Server
nginx/1.20.1
ETag
W/"5f6dbe9d-12fee"
X-77-NZT-Ray
f5ba462344f924a765c47f651fdd1415
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Expires
Mon, 18 Dec 2023 07:59:34 GMT
/
t.dtscout.com/idg/ Frame FA85
1 KB
767 B
Document
General
Full URL
https://t.dtscout.com/idg/?su=6D001702872164961943D5DB294AB097
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f94f6041a02be24de279f885476f75fd2ca4aac6dd1bbe4ddad59d4ef2534ffe

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83748315b8b91d7b-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:45 GMT
expires
Mon, 18 Dec 2023 04:02:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDXZOW4wzaOiAkYpvbf%2BAs5VsNBM89ukSRUDMcxIplwgy6cLfDmwGfT5pz%2Fi3wem%2FR5KaPq61ho%2BLK42mAS81n8Z0WPnkMA%2B6K1o0jYN4XBL4yeZxaBn0gTIqdEeIP7Z9kFeLNZ4ZrwDrd8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
t.dtscout.com/pv/
51 B
392 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=hawtcelebs.com&_ss=723a4e6rj4&_pv=1&_ls=0&_u1=1&_u3=1&_cc=jp&_pl=d&_cbid=2qj2&_cb=_dtspv.c
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb04c4821f4d0e5803fb5e23cf7217059edbfb04d6c109bdb4361c996eea9e44

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
x-t
0.129
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdieHnj13QCHAQnnFn%2FuU7g0YlbbgPbZIytxNAlMWzsP95oYmGAKFX%2FWEfGVvWOKpEY8p5eAhBQyZXrDG0jtjl7HOLXXZ5Ym%2FlCyCsIKPL8%2FURcz8P9znL61PxnzU6IFEbpu4ezP8aXZM20%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83748315b8bb1d7b-NRT
expires
Mon, 18 Dec 2023 04:02:44 GMT
/
trends.revcontent.com/api/delivery/
10 KB
6 KB
Fetch
General
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=274806&width=1600&gdpr=0&gdpr_consent=undefined&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.hawtcelebs.com%2F&icr_url=&va=0&user_uuid=undefined&time=1702872164758&up=pc&bn=chrome&bv=120&widget_width=577&style_id=0&an=false
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
9f404685ec191c8a093f63909f0e63efd8dd5d617f5b1327ef56ef65c878145d
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-rc-region
us-west-2c
date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=931536000; includeSubDomains
content-encoding
gzip
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
56
manage
router.infolinks.com/usync/ Frame 12B9
13 KB
3 KB
Document
General
Full URL
https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
250de4ccf84f1d5398d8ab9002568c639137449d0490e466595cfbed04745c37

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
83748315ee946848-NRT
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 18 Dec 2023 04:02:44 GMT
p3p
CP="NON DSP NID OUR COR"
server
cloudflare
via
1.1 google
lcmanage
router.infolinks.com/usync/
0
36 B
Script
General
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
cache-control
no-store
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83748315ee966848-NRT
content-length
0
gsd
router.infolinks.com/
329 B
531 B
Script
General
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3363059&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F&jsv=1895.006-3.034&_cb=17028721647910
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2838f851826ce9808416e0cd933946406bc5581dedad0581c406d4f67f45a473

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/javascript;charset=UTF-8
p3p
CP="NON DSP NID OUR COR"
cache-control
max-age=0
cf-ray
83748315fe976848-NRT
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
trends.revcontent.com/api/delivery/
16 KB
9 KB
Fetch
General
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=274805&width=1600&gdpr=0&gdpr_consent=undefined&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.hawtcelebs.com%2F&icr_url=&va=0&user_uuid=undefined&time=1702872164797&up=pc&bn=chrome&bv=120&widget_width=577&style_id=0&an=false
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
59acf0f75019cdf63085091d4e96b1fefadb526eade0f3326ac54a652df2c27f
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-rc-region
us-west-2c
date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=931536000; includeSubDomains
content-encoding
gzip
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
51
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C136
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
8282
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 01:44:42 GMT
expires
Tue, 17 Dec 2024 01:44:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 39CF
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e9594b1b4181ae3c589ab641561a92d68de2bc06980a95e17586ec6bda002fa8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AmgtS5laFFVCAPkMktRQlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-AmgtS5laFFVCAPkMktRQlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 04:02:44 GMT
expires
Mon, 18 Dec 2023 04:02:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
102.json
id5-sync.com/g/v2/ Frame 3FB6
630 B
1 KB
XHR
General
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
2167dfbf43e1793ff7927e153de4314cbf03f82c7b654af874c56ccfd1aaeedd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
/
servg1.net/
39 KB
39 KB
Script
General
Full URL
https://servg1.net/?uid=613bb0d66b6a5524b8fb18d3&oab=1&puburl=https%253A%252F%252Fwww.hawtcelebs.com%252F
Requested by
Host: servg1.net
URL: https://servg1.net/?uid=613bb0d66b6a5524b8fb18d3&oab=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.244.5 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-244-5.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
a86ef4d972ed3d98642adcb265ac6acd0186423eeee3d5123c4bd47cf40e0302

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
server
nginx
x-powered-by
Express
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
40045
expires
-1
csi
csi.gstatic.com/ Frame 6EB9
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lqae4bmr&c=2538611180369&slotId=1269305590184.5&qqid=CPqVwJONmIMDFWOK6QUd5WsE1g&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6EB9
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 09:21:58 GMT
x-content-type-options
nosniff
age
153646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Dec 2024 09:21:58 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6EB9
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 19:42:53 GMT
x-content-type-options
nosniff
age
375591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Dec 2024 19:42:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EB9
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Ch3KfZMR_ZfrTBOOUpt8P5deRsA31ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEsgJP0GQ-M7jkGyOGSgT_SYKQNbGmoJJmclm3X8E8p6KOZIpE3uNSuUqySrVy3_QlPT8Bv-mvNErVsm3Hb1eOy07clyiBmKrOIQWOyvSx5DV060OcE-9H30CFvI_l8YTVMfo34PhO7ZooL5JKzTGSI9RBtY3l6siKTRKFAFMvXN0xLG2gSEl9CTDqSSWj9ln4RTHVtC8KztqG_wENUu-Zsyj70DzqbrhAePfatIZ8X_RicdsNh8fmlA-N5umn5FrdEhhgzcq_ok3cwSws-LM3ZoCE9bcnYmJoLifx6v_GmM2xbMTHXeFavgWGlZ2BIwst8O-Ugn2tvPwGJij5jUMS3tJNWYRWMN0rJp3Zna_nwzMezFlXWhHPilXB2t7MukVqJv_NdHiAjfPnU-jPbkmbPMDWZ3PABMmR7s3JBOAEA4gFgaDOuU2QBgGgBnaAB-qQlb4BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYl-y-k42YgwPyCBthZHgtc3Vic3luLTk5Mzg1NjU4MjIwMzQ2ODCACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAqoNAkpQ4g0TCLyWv5ONmIMDFWOK6QUd5WsE1rATyqPIFcgT3oH34wPYEwqIFALYFAHQFQH4FgGAFwHoFwM&eventType=clickstring&clientTime=1702872164840&ai=Ch3KfZMR_ZfrTBOOUpt8P5deRsA31ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEsgJP0GQ-M7jkGyOGSgT_SYKQNbGmoJJmclm3X8E8p6KOZIpE3uNSuUqySrVy3_QlPT8Bv-mvNErVsm3Hb1eOy07clyiBmKrOIQWOyvSx5DV060OcE-9H30CFvI_l8YTVMfo34PhO7ZooL5JKzTGSI9RBtY3l6siKTRKFAFMvXN0xLG2gSEl9CTDqSSWj9ln4RTHVtC8KztqG_wENUu-Zsyj70DzqbrhAePfatIZ8X_RicdsNh8fmlA-N5umn5FrdEhhgzcq_ok3cwSws-LM3ZoCE9bcnYmJoLifx6v_GmM2xbMTHXeFavgWGlZ2BIwst8O-Ugn2tvPwGJij5jUMS3tJNWYRWMN0rJp3Zna_nwzMezFlXWhHPilXB2t7MukVqJv_NdHiAjfPnU-jPbkmbPMDWZ3PABMmR7s3JBOAEA4gFgaDOuU2QBgGgBnaAB-qQlb4BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYl-y-k42YgwPyCBthZHgtc3Vic3luLTk5Mzg1NjU4MjIwMzQ2ODCACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAqoNAkpQ4g0TCLyWv5ONmIMDFWOK6QUd5WsE1rATyqPIFcgT3oH34wPYEwqIFALYFAHQFQH4FgGAFwHoFwM
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 6EB9
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lqae4bmw&c=2538611180369&slotId=1269305590184.5&qqid=CPqVwJONmIMDFWOK6QUd5WsE1g&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.mn&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 6EB9
33 KB
18 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BXvnASq8Pnu4dWH2BkFpPoVgARl84s4Z8doF0YhMLSJ9rZqcuFiwmnjTtpuwcyOjmqd_AkfeAsrzJojbU8ECIw4gH2Zg&cry=1&dbm_d=AKAmf-Df7pYQ1G7plkq9xJKatf_rB_3LXB2x9x29QHZ2J2ZHwr7Q1sxg2FJbwVTIPtbY48R4KTqE0ImD6WPtnyRiOs8mrBdx77IInOfYgTTWE_36N8TLres5k7csl3oTnCDlMomfLgaFc1VrWRpFcf55Ii7oYZ8FrYP2AE_QsmYRisDPBT5A32UZuK2tUHTvmYmk5CP65i3SLpkmu6pXqGLAfN1p-0Aabe63i1bD3mtDWXC-TUcO4l45ma9eSnqJWG6Mpl57Vu7q8yneqHi3F7OpALwsLrqoOkIRdPXSvBLj8It8Vx1ijUeqF55j6LGkvcHVoTeqyV16kqwW-3nIG99_G0ZGIib544vhvuPixTs2qBPWeM-qIkiLtXQS7xNg00-6Qv-lz5pwyV3eytSmz761PwJdajviW_4b52CVoD8LUzTNWEQPvzc5X2H6cnvFzxOY8BtwElKX0VHmMx7rx0j_4KI2dKad27uOHLiqGQ_94mf5_CQQ_k89Z-YGujqMpctBwSUQdWBAfaCr2iGFhi5CcGocWm7Dxt424SqR2ceIF8LoAp2lzPjiLU2YAfCaBwlLMTY_a9RtniV7Q3dDIc_V5PHIidP3Qv-UDw7fSrczwfOMzI8VaSBPgd4iiyvb4IJR4fPAm7Oysy5F6KA97ig1t-mCzL8d0_eUDXdBUvyFqZdwRlWx_GQksN2hm9cX68b6mZCwKWIg3doiHy02vIGn9tdhj5jzvkpyVJsyGox4YqcWMffqGgKW41iRJfVbthyALbe7sv2WH2EmdYhr6PxtRfD7I7Xt0wkT_UruYEnL07OtexKXpB1DsxfAfISpx_2JHE913NVsm7h7Fq-FuNtscw8KWm5CXzigBD4FxVtsf0nVL5jOm9tPRULkmA7ppPU-V2k2a6pPE9x1w6Xg9-Dn-gZnD-gJ1XM64yq4_bhqWnRpCyLLzkSwqu1mPnR7uo29b6lWG39mvsxhbw8Cgz__iaYKETu5Ir3C8X9_fCb46SzaO1mofMoyNDhATwuwambnIaw--Lbl-fRJWOFUoHYbqyjzCsWrUNU-IVz0ANLnJXQx7Oj5vDG7SoEDS4m_qqyzKAPh3RHZXmA4guXPqfb8RuvSniwLLaLFuRvQEcmDK8OGel5Glo836yABObItjfh3aXDrpRi94omot5UgVYnfPlJUxQmaKbXZf0-oQWGmCHufGooR22_SPsa5D-cL53I34Qx9o7rqWegnkm5YtS4f5gTrKNauIzpVjuECjToZ7BdDmYdsO1GmT2vtUsqyPGXHhAdZ1cYeh87-ayIbeSy-otRgIvRLzQc-TA-3Wh3orrjwJZMfOeDKUpXVexPOCwyQ-uc_EppSIldRLCnPy9qgnQLsRqm4M11k0HgGP_f7I9_HU8PLejCgXymRp5wNkhdSGkMr9TyFCQ-CgNjuFxW7C09Xc9MPglnUVMnvWmeQFcnrkTes-JmWZUDbusdjCMqgwWO8rFoeo3y8jafQPR-XhxyY10YYVoTuf853pKfL7CDsMQMTAXNTM3mhtDjKhsZ0Gko4EycI7L3h6HyEKRNeZGJOaGE69Li2qrZKz5JAy7gLskzwjxA47Wpx1MuomNMyGSrC5YhKTSoFdjZ5fWvYJimxfZkknjGrm0TIyjzW5MX45gUI0--uj6lvfQc4hneOQU-7HR1Ol-Yijrg4frbdPD_5zQtlgwIcK3jbcqtRrnrC9V5iv2Ai7BZnzRtSXhexLKh1WTqeZh6V2iNfTNh9hV-vjiFWcFuHSoi1V3rpQDVtEAQb9sIaxCS5tzF4jOiD7Fanm56tgGsMoe2lY2H50-wNgkFmlFXNbZsVXme0sDZSmfNqAat6DC_czSwfysEctiPG04Lgz-LQUK3uSBbKx_7l5h47UN6iH_VP3pb4Ul3EwhUpPAz_Vf1nxGkGtQ6aevFg8siCdkNLkU6sLyooG5ohKisEc1IFtV0NE-HMJ0-Omy294KMYjBT5EaWuAkxpQ656gr7EhuF2OZCA3dL6CMWyJ-lYvmyadJ84zbrAl3t6QTEfZD8Fvw4FRnUVk5HOknS_Q8_fzeNvQ7fdoLQUr2RPBqNq6MNIK25WB1eNKAwmD4lP-9HqI9mgOxZpxiR2nCNEiGBW0y4TTyjlBAomTll_HREi1HQechGW9CVXGbPkBJJtnj37eVzS8mbj989YJBKPfgUNcf0aPJA4EjicGSbguSwhOQzhxcnhQ-aIMkZTwQ5MyeQ6q-lqhTOl8HJYU9ByV202w3gTF55IWPjXzsC1boGJ8EUj1elv9ZWU5JPm8wVWL1UzwqXafVs7aHgpk4qQpjhBz497l8uoEwYGSGdrKvRDOog_PiUmoy6B4_96LkCFUsxT5DywIo9o0xw_Yun63bdKwE4DJoMnTWSE5l2XU6aGQdr50aRMfDhcXHbLJO9xp8Z5YNg31Ca75XY1LwWLzyZAhWBT3IqglustTdJvhXlW7Fx4rg3Iia3BgFjYDfABu6u1iiMkSiMx4vsFErC-_BKitI1HWSISoBAkG9x4yEwaCJCTjYqtjuvJUcju3JE3cKDRom5rL3ojNW2d2Ku4gytC9CW0xiMQqecO36m_J11pJUVoaZs0FYTl_z0_d4OgJH-Fl73X_DjScoVDvvw0pWIQRMkSrx9FylcRw1VqnSsKMsVkndx3joc5exhkHbdm6aq7ys0mYsrvyucbQVLRJGOLq7VX6Ma954fSFNOlldOB3Z1kz00kTrpW1oe9x5yikVqxtie1V0OFRoPZuuN1ekSWI_6JveLN3gor_KyWM-vxkxZid0zNtFqeaGHuMng_95cxMUftSIyz7W3mmw4WnZMEoAe7G1iSCxtq8oyabbhy2k4qYkg8ssvXCqEA2HW1U2irge0iPRIoK_i3yMgT1De7tsp1fT0-VOAFP9rPC7uo0Fw4HaYrdHFBXTKnTsHv4NI65RjZQH0OkNyMC6e22VfVd6kMGD5VN24umAyrJ1ebSEziYIOsYyWt6ULGWiSWEg08IDAderBXu6rxkzNTVJliTJU0tJArZVxsYiFBQ5Kdxc6F_rHdLUZ8z9U2lt35QFbCyJe9Ula3CwU37oDfJhGYf2V1h25hew1KHfJD6skclj2i9sCjh6Bq-45o6W-7oi4CKlnldqohTNLBS-kU_fI7CTDDooQDfu84VJg1dJjWd0iKZzIoV2oxQBBviInW86BDwTKkwnWtzRlqqtEikjvTTu1w1G0WVdWWmbnQ3Nw5necejAS9vHkEKrsqlIlIIK8CSw0PQx40My4dUSOoCCiA6fmS9GNI8HJK580fPqSwxL6kwaBxPY4NWc_4lrcn5HS7RujeQKqK2Sg1ZwCuMLiEaDDFlKYqv4FWQQqDxZqBWrvcM3GVavGJQSuU1I3PAgRaQMiPHoKidRSXTzCAAoVgkRepX3a0dNyDu5l9opaJIvlFu5ArNwLLgaXexs81aLStAIjyRMtyF6gQMiRPlS6xr2hHERncwk1VTDZuj99y_wditN5VH1Ugbm6w5zUWJ5JYJqOerbYNqBS0QCMfkAg1psk4YZaSyB8_ai4pAnp5_JNvf50GtltxTk72lkAEDfU3xRn5NT13YXuPXFUkWBrmzPfN_J_0EfLrCKF3LpzvcTZRADWCb8QevBp4yq-EkH86l-dWnTinZmhI4_8UBu5msat_70NdgbTfqldjV0D_nYVp65kitRLu2Oe6v0VHyVyBpSU-0DBdMqfK-9boIa2WsYUBIiHzk2_lUYBfzPSXcr-2T9kNWA_P0tVrOmd9tHfj0oLQa3FUJiwY_YfSoFyq91basqPV1Fl8vC_nSbVtsOO0PFfjxclPECwkUFcMZSaLv6XSL9oHJIRGft-AqJQyBMcXUxH2ZQkuL6RcUD5JPf0-G9FsYQil5aV1Xo1VRp0UbGA9nvjlmkAQK5BOlw_R8Lv12FOwv1bC-UAbtja3EW6vcz8u2AQEYaqhFpmewo8ldr4yqVQaJrRqacBsbrDIaN-owAtcNNgQYUYFKWQ6ZeGGBN0gZnvIsS88RTbS6gmisyNXdlKl2nNO5dReAGpkCkSKbwJO22gVfl6M6448g03qzyhrPFoTh6rIdONCgYzWyeC0d43RZdJcFLlWyYRDEAw4aU39wqPvBTxqYy6xnRa_gTMReydt4pLnQtp1SKQy4wPc6LNNuT2n5nWRjyuSXR0aGE-HCwy3wxxQhYDGjMj3WH1L6dbveGC0GjYsR-BFT-1OhuqO4CDkcT-GVdM8X8f0qt2pI7uhoV6JEdldYJ0Goewqa-GkXJfY3Yb-5J69dx5B1wVmT16d5WJb1UWkTZ1U7Uu059GvZ8k4MIajNKFgYZlzXsHpJfXPCsZt2QjUzMtiWvO-zByEPKlk5mUE76tJEHldO2Xs42ddBXnT2LfVLWwohoey-hvuez1csTjfQDk3fki6A3UMSpWmTFnm8WnuB6cPAfXPSugm33G_IXVV4ATfqnRFjH6RU68k6L53X6cbm17aRUUYjxhs8fKCww9ryNRHIGC3akK86gVX9sB61c8CFvWTSasvuJFGe-e13CgXqcMMKpoK1XKfJUQr-BsJHvTqw34d3ESmQSI3ooNxVJJzhr9l07G7kk27EeJ8JuLOEIIPzE6yOg9PmBwBXV460Mhq7VlnpBHCJiZL8V4M0BAE5XDH6nQ5jA8nkViqj-4-xHHXlZ9w9n4tJ9LSFWkP8wCY98q2Jx9XYGMY1MxB_xmsw-GUzJoxjWVXpVqKXHlTTB24Ilaeo0DS5axmoA7wwrnZmsNR2ixrvsS7_VGhOCLOxwudOEq11vP85lAtAYjFHcu3cwr-70rh60xCoHMrAxijlubmF_DhLQy-Fw&cid=CAQSPAAvHhf_huRwzTp-2qLLWELKdvpqxJasa-DOg54qfsleFVUnlVC178fnqQBdRmDJhhIIXO2Bt6L60delPxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.174.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f155.1e100.net
Software
cafe /
Resource Hash
99611b06213a8f3e355d230c682dc7eab306c1b8fe7b42a16bae55eaa6841367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18137
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid.js
onetag-cdn.com/res/libs/
274 KB
83 KB
Script
General
Full URL
https://onetag-cdn.com/res/libs/prebid.js?0.0.0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/tag/adserverPlacement.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29a502916243e920a058ea11e8b99657099031bff39ad601290b111064099242

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 17 Oct 2022 10:49:22 GMT
server
cloudflare
age
287764
vary
Accept-Encoding
content-type
application/javascript
processing-time
0.069229223
cache-control
max-age=2678400
cf-ray
83748317287faf55-NRT
onetag.js
onetag-cdn.com/res/
88 KB
23 KB
Script
General
Full URL
https://onetag-cdn.com/res/onetag.js?0.0.2
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/tag/adserverPlacement.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac1b37894cd72008e8f162eb789874fca5ec6bd76f6229d0c3e770db5165dc41

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 08 Feb 2023 10:13:20 GMT
server
cloudflare
age
275435
vary
Accept-Encoding
content-type
application/javascript
processing-time
0.11766266
cache-control
max-age=2678400
cf-ray
837483172882af55-NRT
be96b820e5daac93
ads.us.e-planning.net/uspd/1/ Frame 4894
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
474 B
807 B
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.120.110.138 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
075070b8780160c942e5a3d4797de3311be40804be368029d7a412c62377ccbc

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-length
474
content-type
text/html
date
Mon, 18 Dec 2023 04:02:45 GMT
expires
Mon, 18 Dec 2023 04:02:45 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-721

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Mon, 18 Dec 2023 04:02:45 GMT
location
/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-721
r1-usync
router.infolinks.com/dyn/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&zcc=1&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D&cb=1702872165021
  • https://ad.turn.com/r/cs?pid=45&rndcb=2463664477
  • https://sync.1rx.io/usersync/turn/7452765401729694219?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
35 B
93 B
Image
General
Full URL
https://router.infolinks.com/dyn/r1-usync?uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
8374831bdb686848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:45 GMT

Redirect headers

location
https://router.infolinks.com/dyn/r1-usync?uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
date
Mon, 18 Dec 2023 04:02:45 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXcbc9ef06f4124a65a669479c1b0eafed004
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3400
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
82375
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 05:09:49 GMT
etag
48472445140208031
expires
Mon, 18 Dec 2023 05:09:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6EB9
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
142e0e35182562dff6c293341b06cca4e55856713e43179a6499326d94a3c33c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame 6775
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lqae4bco&c=5702684397138&slotId=2851342198569&qqid=CObejpONmIMDFYeW6QUdj4IJuQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2014&mt=video%2Fmp4&vs=1280x720&dm=11000&met.4=vfl.16n
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
ic.tynt.com/b/
35 B
648 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1702872164915&dn=TC&iso=0&pu=https%3A%2F%2Fwww.hawtcelebs.com%2F&t=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures&chmob=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag
"4bc8846c-23"
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
i.match
s.tribalfusion.com/z/ Frame 3400
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEMHQrpgEG_N_DUEmG7oH7Bk&google_cver=1&google_push=AXcoOmSGgOKNYHUX64SCl23xs5bsE2DS6Q_rZmmkNYwsvK7dMZJ1vMH6Bz5S2ArgJe91w586NzLWgKfLI92o7fvLF8-eHzJaWtpH&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMHQrpgEG_N_DUEmG7oH7Bk&google_cver=1&google_push=AXcoOmSGgOKNYHUX64SCl23xs5bsE2DS6Q_rZmmkNYwsvK7dMZJ1vMH6Bz5S2ArgJe91w586NzLWgKfLI92o7fvLF8-eHzJaWtp...
43 B
420 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMHQrpgEG_N_DUEmG7oH7Bk&google_cver=1&google_push=AXcoOmSGgOKNYHUX64SCl23xs5bsE2DS6Q_rZmmkNYwsvK7dMZJ1vMH6Bz5S2ArgJe91w586NzLWgKfLI92o7fvLF8-eHzJaWtpH&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSGgOKNYHUX64SCl23xs5bsE2DS6Q_rZmmkNYwsvK7dMZJ1vMH6Bz5S2ArgJe91w586NzLWgKfLI92o7fvLF8-eHzJaWtpH%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83748317b99980e3-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
445
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMHQrpgEG_N_DUEmG7oH7Bk&google_cver=1&google_push=AXcoOmSGgOKNYHUX64SCl23xs5bsE2DS6Q_rZmmkNYwsvK7dMZJ1vMH6Bz5S2ArgJe91w586NzLWgKfLI92o7fvLF8-eHzJaWtpH&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSGgOKNYHUX64SCl23xs5bsE2DS6Q_rZmmkNYwsvK7dMZJ1vMH6Bz5S2ArgJe91w586NzLWgKfLI92o7fvLF8-eHzJaWtpH%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83748316d8e180e3-NRT
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3400
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEOkFLsabmUHy2beliGwT54&google_cver=1&google_push=AXcoOmSF2KRb7c6zzBnwVpyNFiF3BYC-KkZa_DfaiQFYTUdM1QR1pWwvPvBYrhuQ0VmT8XoJzKLyjLMaeh3_xZnNgluj...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEOkFLsabmUHy2beliGwT54&google_cver=1&google_push=AXcoOmSF2KRb7c6zzBnwVpyNFiF3BYC-KkZa_DfaiQFYTUdM1QR1pWwvPvBYrhuQ0VmT8XoJzKLyjLMaeh3_xZ...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d24265c2-e898-4326-98a1-799f75027517&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSF2KRb7c6zzBnwVpyNFiF3BYC-KkZa_DfaiQFYTUdM1QR1pWwvPvBYrhuQ0VmT8XoJzKLyjLMaeh3_xZnNglujdsypk5ux&google_hm=oYURqEc5T2OfKnZP6qOLNA==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSF2KRb7c6zzBnwVpyNFiF3BYC-KkZa_DfaiQFYTUdM1QR1pWwvPvBYrhuQ0VmT8XoJzKLyjLMaeh3_xZnNglujdsypk5ux&google_hm=oYURqEc5T2OfKnZP6qOLNA==
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSF2KRb7c6zzBnwVpyNFiF3BYC-KkZa_DfaiQFYTUdM1QR1pWwvPvBYrhuQ0VmT8XoJzKLyjLMaeh3_xZnNglujdsypk5ux&google_hm=oYURqEc5T2OfKnZP6qOLNA==
Date
Mon, 18 Dec 2023 04:02:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 3400
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKMZLaf-qHcomofL-r30pTA&google_cver=1&google_push=AXcoOmQINYafC0dzs5fksMa5fsjpzIge51Fe-rVWI7rc7PYsbOC_u2ySEq9TMC3fS8zVFi1sbGpQFzym3gjeS4fj5apdgec...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQINYafC0dzs5fksMa5fsjpzIge51Fe-rVWI7rc7PYsbOC_u2ySEq9TMC3fS8zVFi1sbGpQFzym3gjeS4fj5apdgecxz56-&google_hm=eS03OXJmYzhKRTJwRmxIZX...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQINYafC0dzs5fksMa5fsjpzIge51Fe-rVWI7rc7PYsbOC_u2ySEq9TMC3fS8zVFi1sbGpQFzym3gjeS4fj5apdgecxz56-&google_hm=eS03OXJmYzhKRTJwRmxIZXZCeDZoNXhMWFNVa1UuYWJsQn5B
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 18 Dec 2023 04:02:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQINYafC0dzs5fksMa5fsjpzIge51Fe-rVWI7rc7PYsbOC_u2ySEq9TMC3fS8zVFi1sbGpQFzym3gjeS4fj5apdgecxz56-&google_hm=eS03OXJmYzhKRTJwRmxIZXZCeDZoNXhMWFNVa1UuYWJsQn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3400
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMGI_EgARLTFSFladWVsyzQ&google_cver=1&google_push=AXcoOmT7cZGlM-il___4LrDtWtRnvqz0FLIBdCrL1_GyTrcNcgL_-IVvafhcfUptp8KDozATq0r...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFBRTRDMDMtMTgtS0s0Qw==&google_push=AXcoOmT7cZGlM-il___4LrDtWtRnvqz0FLIBdCrL1_GyTrcNcgL_-IVvafhcfUptp8KDozATq0rAynZuqjYaTcPBsdav1EdwN2DZZA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFBRTRDMDMtMTgtS0s0Qw==&google_push=AXcoOmT7cZGlM-il___4LrDtWtRnvqz0FLIBdCrL1_GyTrcNcgL_-IVvafhcfUptp8KDozATq0rAynZuqjYaTcPBsdav1EdwN2DZZA
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFBRTRDMDMtMTgtS0s0Qw==&google_push=AXcoOmT7cZGlM-il___4LrDtWtRnvqz0FLIBdCrL1_GyTrcNcgL_-IVvafhcfUptp8KDozATq0rAynZuqjYaTcPBsdav1EdwN2DZZA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3400
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESECaXohL3oAEu2pWWjVPrJ7s&google_cver=1&google_push=AXcoOmRCrnPgSmSuuoEXLj9tmoWiAJFj-XfXAQCIy7NZvd0zVWvKigEuNcqPn0eoL7HcTXcmY9v1s5dz8n37lBopBnU-BLZuvH8I
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmRCrnPgSmSuuoEXLj9tmoWiAJFj-XfXAQCIy7NZvd0zVWvKigEuNcqPn0eoL7HcTXcmY9v1s5dz8n37lBopBnU-BLZuvH8I&google_hm=006016572373698c0fc...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmRCrnPgSmSuuoEXLj9tmoWiAJFj-XfXAQCIy7NZvd0zVWvKigEuNcqPn0eoL7HcTXcmY9v1s5dz8n37lBopBnU-BLZuvH8I&google_hm=006016572373698c0fc139aa7613f90a
Protocol
H2
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmRCrnPgSmSuuoEXLj9tmoWiAJFj-XfXAQCIy7NZvd0zVWvKigEuNcqPn0eoL7HcTXcmY9v1s5dz8n37lBopBnU-BLZuvH8I&google_hm=006016572373698c0fc139aa7613f90a
date
Mon, 18 Dec 2023 04:02:44 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
/
onetag-sys.com/match/ Frame 3400
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDB6c6IDA_PPaMPE_DNB8Y8&google_cver=1&google_push=AXcoOmSsbC_BXbK7kPB004r6yrhnS4DRVRJc_dj2cdSwizF551MFbFaGE24I-vY5BUb7ptGLKX4HgyFMtFt...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSsbC_BXbK7kPB004r6yrhnS4DRVRJc_dj2cdSwizF551MFbFaGE24I-vY5BUb7ptGLKX4HgyFMtFtpa-kjf3PGtJ5niy5WCuU
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Protocol
H2
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3400
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEDifz1jnEpK1wztoYxaAyLs&google_cver=1&google_push=AXcoOmTr75xbOyqfsVrQsGs2KH9HtEOmVtPtKiznoqa9W3AJauNr8M4tNhPVKNQGLld...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTr75xbOyqfsVrQsGs2KH9HtEOmVtPtKiznoqa9W3AJauNr8M4tNhPVKNQGLldUpSyjNZK3zxj4gE6B01HBxQxLOKR7WaDmOQ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTr75xbOyqfsVrQsGs2KH9HtEOmVtPtKiznoqa9W3AJauNr8M4tNhPVKNQGLldUpSyjNZK3zxj4gE6B01HBxQxLOKR7WaDmOQ
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
c4262a67.1cb706ca
date
Mon, 18 Dec 2023 04:02:45 GMT
x-bytefaas-request-id
2023121804024593179767EEC33FBB2088
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-23121804024593179767EEC33FBB2088-3AC9DE2CCED7755F-00
x-cache
TCP_MISS from a184-27-184-21.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
x-parent-response-time
257,184.27.184.21
server-timing
cdn-cache; desc=MISS, edge; dur=182, origin; dur=76, inner; dur=60
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023121804024593179767EEC33FBB2088
x-cache-remote
TCP_MISS from a23-213-246-207.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTr75xbOyqfsVrQsGs2KH9HtEOmVtPtKiznoqa9W3AJauNr8M4tNhPVKNQGLldUpSyjNZK3zxj4gE6B01HBxQxLOKR7WaDmOQ
x-bytefaas-execution-duration
58.72
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
010277f42eaf16b0a4fe670fae99c9e414cd7d501e6fecedd912fd4b06e0636240a6a001f68835b4134f22d94841838bb74b8e064751f7a22bb9298080309fb74ef4960138955fc5488ee0ec0b756bc2cdf3b195a164f32f669e223edfdfb5f9dc5419fe0752d71c530a588e8080a77ef2
x-origin-response-time
76,23.213.246.207
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Mon, 18 Dec 2023 04:02:45 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3400
0
50 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KVgYicQfvZmTAe9bt82kz3-RTxy-ZBXIfauRfEYDvCXAJId36IyENJAUGlv4ov3STYyOjRCyE
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame 6EB9
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cmqi1ZMR_ZfrTBOOUpt8P5deRsA31ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMBqgSvAk_QZD4zuOQbI4ZKBP9JgpA1saagkmZyWbdfwTynoo5kikTe41K5SrJKtXLf9CU9PwG_6a80StWybcdvV47LTtyXKIGYqs4hBY7K9LHkNXTrQ5wT70ffQIW8j-XxhNUx-jfg-E7tmigvkkrNMZIj1EG1jeXqyIpNEoUAUy9c3TEsbaBISX0JMOpJJaP2WfhFMdW0LwrO2ob_AQ1S75mzKPvQPOpuuEB499q0hnxf9GJx2w2Hx-aUD43m6afkWt0SGGDNyr-iTdzBLCz4szdmgIT1tydiYmguJ_Hq_8aYzbFsxMdd4Vq-BYaVnYEjCy3wt5V4qD5OmpTd3AWjke74SJpsLYEeboZCL1y7ie1rOjfUqNuVJGZ_ke_0xiYr8A6UcENbVJh0MgN9OsamYmlhx8AEyZHuzckE4AQDiAWBoM65TZIFBggbEAEYAZIFCwgiEAEYAUiu_5MCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfqkJW-AagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEPPiBBjFq-X-AdIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYl-y-k42YgwPyCBthZHgtc3Vic3luLTk5Mzg1NjU4MjIwMzQ2ODCACgPICwGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAuINEwi8lr-TjZiDAxVjiukFHeVrBNawE8qjyBXIE96B9-MD2BMKiBQC2BQB0BUBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT6BcD&sigh=aD3I2Mo6amI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_huRwzTp-2qLLWELKdvpqxJasa-DOg54qfsleFVUnlVC178fnqQBdRmDJhhIIXO2Bt6L60delPxgB&vt=10&cbvp=2&vis=1
Requested by
Host: 861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
URL: https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame
0
0
Preflight
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cmqi1ZMR_ZfrTBOOUpt8P5deRsA31ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMBqgSvAk_QZD4zuOQbI4ZKBP9JgpA1saagkmZyWbdfwTynoo5kikTe41K5SrJKtXLf9CU9PwG_6a80StWybcdvV47LTtyXKIGYqs4hBY7K9LHkNXTrQ5wT70ffQIW8j-XxhNUx-jfg-E7tmigvkkrNMZIj1EG1jeXqyIpNEoUAUy9c3TEsbaBISX0JMOpJJaP2WfhFMdW0LwrO2ob_AQ1S75mzKPvQPOpuuEB499q0hnxf9GJx2w2Hx-aUD43m6afkWt0SGGDNyr-iTdzBLCz4szdmgIT1tydiYmguJ_Hq_8aYzbFsxMdd4Vq-BYaVnYEjCy3wt5V4qD5OmpTd3AWjke74SJpsLYEeboZCL1y7ie1rOjfUqNuVJGZ_ke_0xiYr8A6UcENbVJh0MgN9OsamYmlhx8AEyZHuzckE4AQDiAWBoM65TZIFBggbEAEYAZIFCwgiEAEYAUiu_5MCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfqkJW-AagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEPPiBBjFq-X-AdIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYl-y-k42YgwPyCBthZHgtc3Vic3luLTk5Mzg1NjU4MjIwMzQ2ODCACgPICwGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAuINEwi8lr-TjZiDAxVjiukFHeVrBNawE8qjyBXIE96B9-MD2BMKiBQC2BQB0BUBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT6BcD&sigh=aD3I2Mo6amI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_huRwzTp-2qLLWELKdvpqxJasa-DOg54qfsleFVUnlVC178fnqQBdRmDJhhIIXO2Bt6L60delPxgB&vt=10&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 39CF
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312070101&jk=1279931576994282&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ Frame 3FB6
1 KB
1 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2066:8600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:21:54 GMT
content-encoding
gzip
via
1.1 0706bdcc30b9021a492a2676497fddf2.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C5
age
2452
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 22:35:53 GMT
server
AmazonS3
etag
W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
QfcTvAVKsAAFYU9-KvG2G_e6EC-cc44x8rnQfxIhNGMmC4PjBQ4T4g==
impression
trends.revcontent.com/event/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region
us-west-2c
date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
defaultWidget~feedWidget.delivery.js
assets.revcontent.com/master/
30 KB
9 KB
Script
General
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.42.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-20.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5c422010416a4f350756b09ba63d3ef37bc5440791e43536c0fcb56f56767d3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 16:34:00 GMT
content-encoding
gzip
via
1.1 54732db85fb7104550b661299a2972ac.cloudfront.net (CloudFront)
last-modified
Fri, 15 Dec 2023 16:33:54 GMT
server
AmazonS3
age
41326
x-amz-cf-pop
NRT12-C5
x-amz-server-side-encryption
AES256
etag
W/"2af232f87a0d4edbedeacc420e4b7312"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
C9ov7-S0LHtU-oTeNPF-AqbYXQp-rApooqM2qKxvkpwc9K1FWjvvCg==
defaultWidget.delivery.js
assets.revcontent.com/master/
18 KB
7 KB
Script
General
Full URL
https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.42.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-20.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb0b25821c54460b733822c2ea86fbfe79aa45dd5b0ead824190e8568fc70449

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 16:34:01 GMT
content-encoding
gzip
via
1.1 54732db85fb7104550b661299a2972ac.cloudfront.net (CloudFront)
last-modified
Fri, 15 Dec 2023 16:33:54 GMT
server
AmazonS3
age
41326
x-amz-cf-pop
NRT12-C5
x-amz-server-side-encryption
AES256
etag
W/"bd75e2588ceee8da572aba1e95cd6dd6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
YgwmO3fUFMAo3l9iwMxbPe77rhc3u80_1p4cyvNi7xnESpQypMLxjw==
score.min.js
js.ad-score.com/
503 KB
155 KB
Script
General
Full URL
https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:5a00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
350eb3f9565cd1da079179138498c778b1a8b41d0ca0953845a43fbd152a40cf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 18:48:27 GMT
Content-Encoding
br
Via
1.1 d947c63dfd9d1ccbe9f338254272c65e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
NRT57-P2
Age
33258
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Sun, 17 Dec 2023 18:48:27 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
IrUkLcmlB2fiwkH7RczKkUg0qfY1n593518rGH-EGJoOJSLytXQQ5w==
Expires
Mon, 18 Dec 2023 18:48:27 GMT
/
img.revcontent.com/
1 KB
2 KB
Image
General
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-124.sin2.r.cloudfront.net
Software
envoy /
Resource Hash
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Wed, 04 Oct 2023 06:35:00 GMT
via
1.1 aba5c115363c1a37b7337fdb5a449b1e.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 15:43:57 GMT
server
envoy
x-amz-cf-pop
SIN2-P2
age
6470865
etag
"a798d6ed9b193888fbc8a4a5bd7b51c236f8aa33"
x-cache
Hit from cloudfront
content-type
image/png
x-envoy-upstream-service-time
60
alt-svc
h3=":443"; ma=86400
content-length
1351
x-amz-cf-id
bwJWTkdXFkUyoixUbOKj7XPkG1k8xa0B-FfQeKBQ2lkAx44wdSRxQA==
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame C136
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 13:34:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
224868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 13:34:56 GMT
csi
csi.gstatic.com/ Frame 6EB9
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lqae4bn1&c=2538611180369&slotId=1269305590184.5&qqid=CPqVwJONmIMDFWOK6QUd5WsE1g&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 6EB9
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 23:33:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102531
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Dec 2024 23:33:53 GMT
file.mp4
r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408164/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 6EB9
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408164/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408164/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0
Fetch
General
Full URL
https://r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408164/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/738F2114F13C6DC721A312F206446CECE0059BFA.2404F4D8C0EB767F40209A5497FC31AE9513589A/key/cms1/cms_redirect/yes/mh/Tm/mip/2001:ac8:40:1e::2e/mm/42/mn/sn-ogul7ne6/ms/onc/mt/1702871579/mv/m/mvi/2/pl/48/file/file.mp4
Protocol
H3
Server
2404:6800:4004:1f::7 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

client-protocol
quic
date
Mon, 18 Dec 2023 04:02:45 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
content-length
3187475
last-modified
Fri, 17 Nov 2023 14:18:30 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
null
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
null
expires
Mon, 18 Dec 2023 04:02:45 GMT

Redirect headers

date
Mon, 18 Dec 2023 04:02:44 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
647
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
location
https://r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408164/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/738F2114F13C6DC721A312F206446CECE0059BFA.2404F4D8C0EB767F40209A5497FC31AE9513589A/key/cms1/cms_redirect/yes/mh/Tm/mip/2001:ac8:40:1e::2e/mm/42/mn/sn-ogul7ne6/ms/onc/mt/1702871579/mv/m/mvi/2/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 6EB9
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lqae4bps&c=2538611180369&slotId=1269305590184.5&qqid=CPqVwJONmIMDFWOK6QUd5WsE1g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2014&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.pf~videopreviewvisible.pg&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impression
trends.revcontent.com/event/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region
us-west-2c
date
Mon, 18 Dec 2023 04:02:45 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
brandWidget~feedWidget.delivery.js
assets.revcontent.com/master/
65 KB
17 KB
Script
General
Full URL
https://assets.revcontent.com/master/brandWidget~feedWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.42.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-20.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7deb298f3627669f30fbbc9c92ae50b8c9542459488165539a82b34587f06365

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 16:34:04 GMT
content-encoding
gzip
via
1.1 54732db85fb7104550b661299a2972ac.cloudfront.net (CloudFront)
last-modified
Fri, 15 Dec 2023 16:33:54 GMT
server
AmazonS3
age
41326
x-amz-cf-pop
NRT12-C5
x-amz-server-side-encryption
AES256
etag
W/"eb24761fc125f3ddcc717352dd15e0ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
pANtgTVypW_ES-Z9b17CU1M96cJydzbZxfNiuKFFEYL8Ab26y3BQ6Q==
feedWidget.delivery.js
assets.revcontent.com/master/
34 KB
10 KB
Script
General
Full URL
https://assets.revcontent.com/master/feedWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.42.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-20.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3bacaa7d706740cebc4749a9018ba08cfa81cac12e22f474db483ae3b48a8324

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 16:34:04 GMT
content-encoding
gzip
via
1.1 54732db85fb7104550b661299a2972ac.cloudfront.net (CloudFront)
last-modified
Fri, 15 Dec 2023 16:33:54 GMT
server
AmazonS3
age
41326
x-amz-cf-pop
NRT12-C5
x-amz-server-side-encryption
AES256
etag
W/"4990a386a9bb575c2d7d22983d2dcbdf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
2szd0-JmJUV2snQdqUb5YufVYWv_D8Yo54tF9RsGzRqL3t4Zqh_FJQ==
/
hde.tynt.com/deb/ Frame 727B
Redirect Chain
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
  • https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
2 KB
4 KB
Document
General
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
778b82a29ba771d9ddc66a0e5051d73ebe2027c9d09429a36ec6dd79de17a9d8

Request headers

Referer
https://router.infolinks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2420
content-type
text/html
date
Mon, 18 Dec 2023 04:02:44 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Mon, 18 Dec 2023 04:02:44 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
usermatch
ssum-sec.casalemedia.com/ Frame C64B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
2 KB
838 B
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35fbeb574dfe8381d1a6f28321e1d4141cbef5c666d33225fb94b4ea942f9c9b

Request headers

Referer
https://router.infolinks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
837483174ad6261b-NRT
content-encoding
br
content-type
text/html
date
Mon, 18 Dec 2023 04:02:45 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSPJcDLYp%2F1UgiocDohZ2CqFjQ7ScC30txtVU6y3edwRCoarijcXSXkjAQFackWmWLq1%2FIp1i95cB3qkAll2NJct7k0ww6TAe5VONDKvQHBIQt%2Bu6Jwfrwdx%2BQp%2FQWIkCbeZYtmXa3IEPw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
837483172aaf261b-NRT
content-length
0
date
Mon, 18 Dec 2023 04:02:45 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1QiOX%2Bw%2BSfSVjHmt3RqNvQZD0xb7RiZImDrsiDH6N7bWzxuBA0QTo%2F5HpcvwOBWJ1SoALOO1kwnstXAL%2Bp31GKuWiTFV4Y4iGouzpUa5vD7jPSo4EuJK3MNfNP%2FY%2FRj%2FJ53AmQrU7TUxg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame A501
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://router.infolinks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
ImgSync
image8.pubmatic.com/AdServer/ Frame 12B9
0
42 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.77 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
content-length
0
apn-usync
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
  • https://router.infolinks.com/dyn/apn-usync?user_id=3456854436429190532
35 B
187 B
Image
General
Full URL
https://router.infolinks.com/dyn/apn-usync?user_id=3456854436429190532
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
8374831828176848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:45 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
an-x-request-uuid
589beddc-9a3f-4b33-874b-f4886a9af336
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://router.infolinks.com/dyn/apn-usync?user_id=3456854436429190532
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sthr-us
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=k0cy4N0g
  • https://router.infolinks.com/dyn/sthr-us?user_id=6ac368a7-0a41-45c6-a666-84d78d8f6519
35 B
201 B
Image
General
Full URL
https://router.infolinks.com/dyn/sthr-us?user_id=6ac368a7-0a41-45c6-a666-84d78d8f6519
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
83748319e9ff6848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:45 GMT

Redirect headers

location
https://router.infolinks.com/dyn/sthr-us?user_id=6ac368a7-0a41-45c6-a666-84d78d8f6519
date
Mon, 18 Dec 2023 04:02:45 GMT
content-length
0
iqm-us
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://pxl.iqm.com/i/ck/infolink?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fiqm-us%3Fuid%3D%7BIQM_COOKIE%7D%20
  • https://router.infolinks.com/dyn/iqm-us?uid=41b134c3-1be0-4824-96d5-d0c1b439f979
35 B
193 B
Image
General
Full URL
https://router.infolinks.com/dyn/iqm-us?uid=41b134c3-1be0-4824-96d5-d0c1b439f979
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
8374831a8a9b6848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:45 GMT

Redirect headers

date
Mon, 18 Dec 2023 04:02:45 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/avif;charset=UTF-8
location
https://router.infolinks.com/dyn/iqm-us?uid=41b134c3-1be0-4824-96d5-d0c1b439f979
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
81
eqv-us
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=112&gdpr=0&gdpr_consent=
  • https://router.infolinks.com/dyn/eqv-us?user_id=3831266057273496277&gdpr=0&gdpr_consent=
35 B
265 B
Image
General
Full URL
https://router.infolinks.com/dyn/eqv-us?user_id=3831266057273496277&gdpr=0&gdpr_consent=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
8374831bab516848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:45 GMT

Redirect headers

location
https://router.infolinks.com/dyn/eqv-us?user_id=3831266057273496277&gdpr=0&gdpr_consent=
date
Mon, 18 Dec 2023 04:02:45 GMT
content-length
0
cm
u.openx.net/w/1.0/ Frame 12B9
43 B
210 B
Image
General
Full URL
https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 12B9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58786/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58786/sync?redir=true&verify=true
  • https://router.infolinks.com/dyn/VR-usync?uid=y-iApnw.xE2uI7uNomz9yv1oBAK13yd62C~A
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3399&partner_device_id=y-iApnw.xE2uI7uNomz9yv1oBAK13yd62C~A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=00f7adb4-7718-4b77-b3bc-531c16088d62%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=45d05fd7-b774-43df-ba7c-91fe06509f64&ttd_puid=00f7adb4-7718-4b77-b3bc-531c16088d62%2C%2C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=45d05fd7-b774-43df-ba7c-91fe06509f64&ttd_puid=00f7adb4-7718-4b77-b3bc-531c16088d62%2C%2C
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=45d05fd7-b774-43df-ba7c-91fe06509f64&ttd_puid=00f7adb4-7718-4b77-b3bc-531c16088d62%2C%2C
date
Mon, 18 Dec 2023 04:02:45 GMT
server
Kestrel
content-length
359
r1-usync
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://sync.1rx.io/usersync2/infolinks
  • https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1702872165021
  • https://ad.turn.com/r/cs?pid=45&rndcb=3602100522
  • https://sync.1rx.io/usersync/turn/7380707807691766283?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
35 B
205 B
Image
General
Full URL
https://router.infolinks.com/dyn/r1-usync?uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
8374831bdb696848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:45 GMT

Redirect headers

location
https://router.infolinks.com/dyn/r1-usync?uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
date
Mon, 18 Dec 2023 04:02:45 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXcbc9ef06f4124a65a669479c1b0eafed004
content-type
text/html
zmn-usync
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__&s=2
  • https://router.infolinks.com/dyn/zmn-usync?uid=hzidrib9tQE7W3yXPLN4
35 B
213 B
Image
General
Full URL
https://router.infolinks.com/dyn/zmn-usync?uid=hzidrib9tQE7W3yXPLN4
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
8374831c8bd06848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:45 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:45 GMT
Content-Type
text/html; charset=utf-8
Location
https://router.infolinks.com/dyn/zmn-usync?uid=hzidrib9tQE7W3yXPLN4
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
90
Expires
Thu, 01 Dec 1994 16:00:00 GMT
tplift
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID
  • https://router.infolinks.com/dyn/tplift?uid=2237294431585906453658
35 B
190 B
Image
General
Full URL
https://router.infolinks.com/dyn/tplift?uid=2237294431585906453658
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
8374831989816848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:45 GMT

Redirect headers

location
https://router.infolinks.com/dyn/tplift?uid=2237294431585906453658
date
Mon, 18 Dec 2023 04:02:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sonobi-usync
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
  • https://router.infolinks.com/dyn/sonobi-usync?uid=643a2bf9-4a90-4828-b0f4-6d74658c8e3b
35 B
266 B
Image
General
Full URL
https://router.infolinks.com/dyn/sonobi-usync?uid=643a2bf9-4a90-4828-b0f4-6d74658c8e3b
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
8374833c1d836848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:51 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:49 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-91
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://router.infolinks.com/dyn/sonobi-usync?uid=643a2bf9-4a90-4828-b0f4-6d74658c8e3b
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
imd-usync
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
  • https://router.infolinks.com/dyn/imd-usync?user_id=f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&partner_id=1531
35 B
234 B
Image
General
Full URL
https://router.infolinks.com/dyn/imd-usync?user_id=f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&partner_id=1531
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
8374831afae76848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:45 GMT

Redirect headers

location
https://router.infolinks.com/dyn/imd-usync?user_id=f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&partner_id=1531
access-control-allow-origin
*
date
Mon, 18 Dec 2023 04:02:45 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
outh-usync
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://router.infolinks.com/dyn/outh-usync?uid=y-9y9MlklE2uFEhyvU_beNUO19Cd8TL4c3~A
35 B
204 B
Image
General
Full URL
https://router.infolinks.com/dyn/outh-usync?uid=y-9y9MlklE2uFEhyvU_beNUO19Cd8TL4c3~A
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
8374831aeae36848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:45 GMT

Redirect headers

location
https://router.infolinks.com/dyn/outh-usync?uid=y-9y9MlklE2uFEhyvU_beNUO19Cd8TL4c3~A
date
Mon, 18 Dec 2023 04:02:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-sync
sync.adkernel.com/ Frame 12B9
22 B
22 B
Image
General
Full URL
https://sync.adkernel.com/user-sync?zone=208910&t=image&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fqorm-usync%3Fuid%3D%7BUID%7D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.130.169.24 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:45 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
22
qora-usync
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://sync.adkernel.com/user-sync?zone=208912&t=image&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fqora-usync%3Fuid%3D%7BUID%7D
  • https://x.bidswitch.net/sync?ssp=catapultx&user_id=A1171917415455838230
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=catapultx&ssp_user_id=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-kbQtApVE2pkzN8q.EeD6UxwPAkdqVuf73soFKA--~A&expires=5&ssp=catapultx
  • https://sync.adkernel.com/user-sync?dsp=336050&t=image&uid=a18511a8-4739-4f63-9f2a-764feaa38b34
  • https://router.infolinks.com/dyn/qora-usync?uid=A1171917415455838230
35 B
189 B
Image
General
Full URL
https://router.infolinks.com/dyn/qora-usync?uid=A1171917415455838230
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
8374831e9e3d6848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:46 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/qora-usync?uid=A1171917415455838230
Date
Mon, 18 Dec 2023 04:02:46 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
0
frwh-us
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3695&gdpr=&gdpr_consent=
  • https://router.infolinks.com/dyn/frwh-us?user_id=6edb453fa93a7dd28144c35b8353bad&gdpr_consent=&gdpr=
35 B
220 B
Image
General
Full URL
https://router.infolinks.com/dyn/frwh-us?user_id=6edb453fa93a7dd28144c35b8353bad&gdpr_consent=&gdpr=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
8374831d2c436848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:46 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:45 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://router.infolinks.com/dyn/frwh-us?user_id=6edb453fa93a7dd28144c35b8353bad&gdpr_consent=&gdpr=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702872165870068-69
sovrn-usync
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
  • https://router.infolinks.com/dyn/sovrn-usync?uid=H1vSCLZH1GFpiRLqQlWJzlOb
35 B
228 B
Image
General
Full URL
https://router.infolinks.com/dyn/sovrn-usync?uid=H1vSCLZH1GFpiRLqQlWJzlOb
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
8374831eee726848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:46 GMT

Redirect headers

Date
Mon, 18 Dec 2023 04:02:46 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://router.infolinks.com/dyn/sovrn-usync?uid=H1vSCLZH1GFpiRLqQlWJzlOb
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 12B9
0
39 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.77 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
content-length
0
mnet-usync
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E
  • https://router.infolinks.com/dyn/mnet-usync?uid=3458737661274461000V10
35 B
204 B
Image
General
Full URL
https://router.infolinks.com/dyn/mnet-usync?uid=3458737661274461000V10
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
8374831e6e016848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:46 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:46 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://router.infolinks.com/dyn/mnet-usync?uid=3458737661274461000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Mon, 18 Dec 2023 04:02:46 GMT
mgid-us
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://cm-x.mgid.com/5abf3d2eff2f70c0a0669cd9f0f84ba0.gif?puid=[UID]&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmgid-us%3Fuser_id%3D%5BUID%5D
  • https://router.infolinks.com/dyn/mgid-us?user_id=ba1d4517-9389-470b-9a31-71dd8ce58dd9
35 B
224 B
Image
General
Full URL
https://router.infolinks.com/dyn/mgid-us?user_id=ba1d4517-9389-470b-9a31-71dd8ce58dd9
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
837483200f3c6848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:46 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:46 GMT
Transfer-Encoding
chunked
Location
https://router.infolinks.com/dyn/mgid-us?user_id=ba1d4517-9389-470b-9a31-71dd8ce58dd9
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
ur-usync
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=infolinks
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8266634493
  • https://sync.1rx.io/usersync/tradedesk/45d05fd7-b774-43df-ba7c-91fe06509f64
  • https://sync.targeting.unrulymedia.com/csync/RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fur-usync%3Fuid%3DRX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
  • https://router.infolinks.com/dyn/ur-usync?uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
35 B
205 B
Image
General
Full URL
https://router.infolinks.com/dyn/ur-usync?uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
8374831d9d286848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:46 GMT

Redirect headers

location
https://router.infolinks.com/dyn/ur-usync?uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
date
Mon, 18 Dec 2023 04:02:45 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXcbc9ef06f4124a65a669479c1b0eafed004
content-type
text/html
qc-usync
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0
  • https://router.infolinks.com/dyn/qc-usync?gdpr=0&uid=qsq40f_LuYKxnuqO-s-i0fnGvNaxz7-O-Mc7oh4L
35 B
205 B
Image
General
Full URL
https://router.infolinks.com/dyn/qc-usync?gdpr=0&uid=qsq40f_LuYKxnuqO-s-i0fnGvNaxz7-O-Mc7oh4L
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
8374831d3c7d6848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:46 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://router.infolinks.com/dyn/qc-usync?gdpr=0&uid=qsq40f_LuYKxnuqO-s-i0fnGvNaxz7-O-Mc7oh4L
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
zeta-usync
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://p.rfihub.com/cm?pub=43153&in=1
  • https://router.infolinks.com/dyn/zeta-usync?uid=1978557985234180977
35 B
233 B
Image
General
Full URL
https://router.infolinks.com/dyn/zeta-usync?uid=1978557985234180977
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
83748323eb306848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:47 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zeta-usync?uid=1978557985234180977
Date
Mon, 18 Dec 2023 04:02:46 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
disus
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks
  • https://router.infolinks.com/dyn/disus?uid=ua-e781848b-10d2-3c7f-ba2b-4d98c447d3ac
35 B
202 B
Image
General
Full URL
https://router.infolinks.com/dyn/disus?uid=ua-e781848b-10d2-3c7f-ba2b-4d98c447d3ac
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
83748322a9a16848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:46 GMT

Redirect headers

location
https://router.infolinks.com/dyn/disus?uid=ua-e781848b-10d2-3c7f-ba2b-4d98c447d3ac
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
cache-control
no-store
content-length
0
expires
0
33a-usync
router.infolinks.com/dyn/ Frame 12B9
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
  • https://router.infolinks.com/dyn/33a-usync?uid=212384924788945
35 B
219 B
Image
General
Full URL
https://router.infolinks.com/dyn/33a-usync?uid=212384924788945
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
8374831e9e3b6848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:46 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://router.infolinks.com/dyn/33a-usync?uid=212384924788945
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
iq-usync
router.infolinks.com/dyn/ Frame 12B9
0
43 B
Image
General
Full URL
https://router.infolinks.com/dyn/iq-usync
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
cache-control
no-store
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8374831e3dd06848-NRT
content-length
0
doq.htm
rt3008.infolinks.com/action/
2 KB
1 KB
XHR
General
Full URL
https://rt3008.infolinks.com/action/doq.htm?pcode=utf-8&r=17028721649661
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd5393060269609ff038dca8b2deb23c85695d13dde9225940dffddee9d5b681

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-language
jp-JP
cf-ray
837483173f0a25fe-NRT
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
csi
csi.gstatic.com/ Frame 96FB
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lqae4b8r&c=1324699826774&slotId=662349913387&qqid=CMaxmJONmIMDFfWc6QUd-J0DWQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2014&mt=video%2Fmp4&vs=1280x720&dm=11000&met.4=vfl.wl
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rnd
jnxm2.com/ Frame 66E5
14 KB
14 KB
Document
General
Full URL
https://jnxm2.com/rnd?ref=https%3A%2F%2Fwww.hawtcelebs.com
Requested by
Host: vastserved.com
URL: https://vastserved.com/?uid=5da50738fbeb116b83fa5b94&w=300&h=250&puburl=https%253A%252F%252Fwww.hawtcelebs.com%252F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.128.138.194 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-138-194.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
97ec12ee083f84eabe1a5c486f180e47ffeeb64cd0e0d77530063581dca1d63c

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-origin
*
content-length
14214
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 04:02:45 GMT
etag
W/"3786-5z5MQ17Qqv/yMXaWfoezOCMdHoE"
server
nginx
x-powered-by
Express
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 6A8F
23 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
317166
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 11:56:39 GMT
expires
Fri, 13 Dec 2024 11:56:39 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
87e0ec23-5528-49a7-a4f1-ca8afa47a0aa.js
static.sunmedia.tv/integrations/87e0ec23-5528-49a7-a4f1-ca8afa47a0aa/
0
248 B
Script
General
Full URL
https://static.sunmedia.tv/integrations/87e0ec23-5528-49a7-a4f1-ca8afa47a0aa/87e0ec23-5528-49a7-a4f1-ca8afa47a0aa.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.89.67.82 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3166667.ip-51-89-67.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:46 GMT
TP-Cache
MISS
Server
nginx
Age
0
Content-Type
application/javascript
empty
1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
impression
trends.revcontent.com/event/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region
us-west-2c
date
Mon, 18 Dec 2023 04:02:45 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
brandWidget~feedWidget.delivery.js
assets.revcontent.com/master/
65 KB
17 KB
Script
General
Full URL
https://assets.revcontent.com/master/brandWidget~feedWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.42.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-20.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7deb298f3627669f30fbbc9c92ae50b8c9542459488165539a82b34587f06365

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 16:34:04 GMT
content-encoding
gzip
via
1.1 54732db85fb7104550b661299a2972ac.cloudfront.net (CloudFront)
last-modified
Fri, 15 Dec 2023 16:33:54 GMT
server
AmazonS3
age
41327
x-amz-cf-pop
NRT12-C5
x-amz-server-side-encryption
AES256
etag
W/"eb24761fc125f3ddcc717352dd15e0ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
OEXaeTd73swONkxhPSquNqk_BPrCmSg5VmJ5XQxxUf8rdN2tSMzwgg==
feedWidget.delivery.js
assets.revcontent.com/master/
34 KB
10 KB
Script
General
Full URL
https://assets.revcontent.com/master/feedWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.42.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-20.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3bacaa7d706740cebc4749a9018ba08cfa81cac12e22f474db483ae3b48a8324

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 16:34:04 GMT
content-encoding
gzip
via
1.1 54732db85fb7104550b661299a2972ac.cloudfront.net (CloudFront)
last-modified
Fri, 15 Dec 2023 16:33:54 GMT
server
AmazonS3
age
41327
x-amz-cf-pop
NRT12-C5
x-amz-server-side-encryption
AES256
etag
W/"4990a386a9bb575c2d7d22983d2dcbdf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
QZlEXLREGDEaE-GWwpROO8eSMrbGTQZ5j8e-_zk2mDIYINYEetDtEg==
prebid.js
ads.themoneytizer.com/moneybid8_24/build/dist/ Frame 3FB6
598 KB
194 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96761&formatId=20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d300::19 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
05a6ad78cd19749e6a8624e994157e872cef56dc1b8c5911f655070ecd5f966b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop
tokyoJP
date
Mon, 18 Dec 2023 04:02:45 GMT
content-encoding
gzip
x-age-lb
1, 82435
x-77-cache
HIT
x-accel-date
1702789730
x-77-nzt
EwwB1GYyBwH3A0IBAAwBWbuiMAH3AQAAAAwB1GY4CQH3JgAAAA
pragma
public
x-accel-expires
@1702876130
x-cache-lb
HIT, HIT
x-77-age
82474
last-modified
Thu, 16 Nov 2023 22:09:45 GMT
server
CDN77-Turbo
x-77-nzt-ray
aefca1171437e7e365c47f6584a25a02
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Sat, 16 Dec 2023 05:08:48 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame C64B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEVYXU7ry37v0taBrg6REz0&google_cver=1
43 B
776 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEVYXU7ry37v0taBrg6REz0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydG8OdR%2Fj41QEouG3hk%2Fa8y2uShVeXGooCwjzGUiIEPNGWXlDdHZbjOwh6D5dA3uCzdCVwzaU%2BrZTxP5130mu%2F2WcK96%2Fxeh3FfGj8S1KNmC3XWny9O1lda%2FxbNdMuSJNJkNQ7AA0xlwGw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83748317f8f5f6fa-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEVYXU7ry37v0taBrg6REz0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C64B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=45d05fd7-b774-43df-ba7c-91fe06509f64&expiration=1705464165&gdpr=0&gdpr_consent=
43 B
335 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=45d05fd7-b774-43df-ba7c-91fe06509f64&expiration=1705464165&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmL008XaEH0ZI7fUS1Nw0qtdYymP%2Fn3nffClOF7Noi8JHQ88FZ9pjAmyOietAVg1rDdmxOPz3v1dH%2B6aCo60HyZEVv1s9Mfzuo7BtnJ3zrNSXmfgboUTgYc1vlo670MOIWwc%2BxDFp8xDEg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
837483180b9e261b-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=45d05fd7-b774-43df-ba7c-91fe06509f64&expiration=1705464165&gdpr=0&gdpr_consent=
date
Mon, 18 Dec 2023 04:02:45 GMT
server
Kestrel
content-length
323
362358.gif
idsync.rlcdn.com/ Frame C64B
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZX-EZaWFGjsPKn42Fi5GIwAA%265489&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZX-EZaWFGjsPKn42Fi5GIwAA%265489&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=c0f7a6de1c26443c9875056c5dd4738b
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=c0f7a6de-1c26-443c-9875-056c5dd4738b
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=b74a27db-7cf5-49a6-9d57-3e21a9d3d050%3A1702872166.4255822&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db74a27db-7cf5-49a6-9d57-3e21a9d...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1976306195132350986&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Db74a27db-7cf5-49a6-9d...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=b74a27db-7cf5-49a6-9d57-3e21a9d3d050%3A1702872166.4255822&_=1702872166.4285553
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdiNzRhMjdkYi03Y2Y1LTQ5YTYtOWQ1Ny0zZTIxYTlkM2QwNTA6MTcwMjg3MjE2Ni40MjU1ODIyEAAaDQjniP-rBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMsGYqN76cQYcrsE2owSReY&google_cver=1
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMsGYqN76cQYcrsE2owSReY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:47 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMsGYqN76cQYcrsE2owSReY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C64B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZX-EZaWFGjsPKn42Fi5GIwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGLvQnU2sRBQ6H-FAUwOTH0&google_cver=1
43 B
739 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGLvQnU2sRBQ6H-FAUwOTH0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXBEApYx%2FRLZICNxgVSkKtjZ6BeKpSh27O8qkR9zMy6ocdFZaP%2FIY2fIyt5gtF92gyvL%2FHTVa73wUU7sr%2FpbBeiSXsZ66hGboREWLFrfOeqOWoN1iZU2TQAr1%2BLr3pYf%2FahMX80UT6AJXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
837483187974f6fa-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGLvQnU2sRBQ6H-FAUwOTH0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame C64B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YYF297PTXX17EQR9H9DP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FPF847M1ETYN6KJDR1YQ
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C64B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=tbl9rNCgWh58tQAahk-VRpJGyeg
43 B
736 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=tbl9rNCgWh58tQAahk-VRpJGyeg
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tVZzjirF7lVNwBfE6s%2FjJsW8pROv2jwrAfTk8bDAOifApCt3SgjCuQBLWunX0AmDgfOfRtqaI3%2BsXMDBfs3bVfMpTVKEqYZtRCLkoejZh%2BRZhQq4OcsUyQhjIiT%2FYaEuBb5OWOSPDMbIg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8374831c0ceff6fa-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=tbl9rNCgWh58tQAahk-VRpJGyeg
Date
Mon, 18 Dec 2023 04:02:45 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame C64B
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f5ef61cac56027ed2e3c9r00lqae4c7c
43 B
733 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f5ef61cac56027ed2e3c9r00lqae4c7c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ca%2FjgCEX2ZpWqW22kkTQv8rjzjiBBrtn4POzvxLBE70xbM1QkfzAo14BqVlsVPB8998pJ5vq7HBHqk%2B5aZOmRYQgd2K6yj1S4i02MwmDnIpScnSUqN8EB49DWTG7xVbdHiVRA5QjGQjzGA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8374831b5c66f6fa-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 18 Dec 2023 04:02:45 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f5ef61cac56027ed2e3c9r00lqae4c7c
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
crum
dsum-sec.casalemedia.com/ Frame C64B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZX-EZaWFGjsPKn42Fi5GIwAA%265489
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZX-EZaWFGjsPKn42Fi5GIwAA%265489&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZX-EZaWFGjsPKn42Fi5GIwAA%265489&tc=1
43 B
736 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZX-EZaWFGjsPKn42Fi5GIwAA%265489&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8Z8aYZZ3yIFl0VsAnmFC1Jnv17mvdSZJ7tye4IQKsR3lwSu7eA%2FAMmXbc8%2F6IgvwqhjKNXO7GBbEDb0gbfu53OEuVcoW%2Bn7aAKycMpD%2FsXGkX5Ob5qEjv8iuJUiHzHfoulrMvsbb7UAZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8374831e4f4ff6fa-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZX-EZaWFGjsPKn42Fi5GIwAA%265489&tc=1
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT, Mon, 18 Dec 2023 04:02:46 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ix-usync
router.infolinks.com/dyn/ Frame C64B
35 B
275 B
Image
General
Full URL
https://router.infolinks.com/dyn/ix-usync?uid=ZX-EZaWFGjsPKn42Fi5GIwAA%265489
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
8374831808036848-NRT
content-length
35
expires
Sun, 18 Dec 2022 04:02:45 GMT
c25e8244dfa7c2f9a18a54662bc3bcab.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
14 KB
15 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/c25e8244dfa7c2f9a18a54662bc3bcab.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.207.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-58.nrt57.r.cloudfront.net
Software
cloudflare /
Resource Hash
4680e944f9e2278a7275131973a7f958c374a25154429fcc9166f7305c4e7329
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 09:59:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 7bdbfc0a92d08678fa98f050e3369202.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P3
age
151400
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
14663
last-modified
Wed, 22 Nov 2023 00:29:05 GMT
server
cloudflare
etag
"b6c160b5e7255b3b88aca0f8fce949b0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
836612cd5f053b80-IAD
timing-allow-origin
*
x-amz-cf-id
cmihmarIKWzkQF8fkIhUR-npmY3lp60lM1vmi31_PujWCvcu2gMvGw==
9081d2c16e55d7d6761532972792e69a.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
20 KB
21 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/9081d2c16e55d7d6761532972792e69a.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.207.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-58.nrt57.r.cloudfront.net
Software
cloudflare /
Resource Hash
36bd7ab0997f9d92bcf2dfe557a0248564bea89054947beb0a22bdda1be9da56
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Fri, 15 Dec 2023 02:07:52 GMT
x-content-type-options
nosniff
via
1.1 7bdbfc0a92d08678fa98f050e3369202.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P3
age
327447
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
20428
last-modified
Thu, 08 Jun 2023 17:11:36 GMT
server
cloudflare
etag
"cbdde39ab6eb91dd47366bda662d92ed"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
8320d616aaab5908-IAD
timing-allow-origin
*
x-amz-cf-id
Zo2QFRRwtUv2-v2BLeX8-3yK9Bw36YuFIhfbMAeOmlpNymLjWUZDOg==
b3b9408fad0b3e062d3b6d6f1107af0a.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
8 KB
8 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/b3b9408fad0b3e062d3b6d6f1107af0a.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.207.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-58.nrt57.r.cloudfront.net
Software
cloudflare /
Resource Hash
8001b88c5c4170c96cf5446f1fcbafc55a5e5b937f3a77a35659b4e77a83fd27
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Thu, 14 Dec 2023 14:16:48 GMT
x-content-type-options
nosniff
via
1.1 7bdbfc0a92d08678fa98f050e3369202.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P3
age
308916
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
8019
last-modified
Thu, 26 Oct 2023 08:52:55 GMT
server
cloudflare
etag
"695f96bbbaccedbd4c7ab9cac66baf67"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
831d5e539ca2242b-IAD
timing-allow-origin
*
x-amz-cf-id
XncpEmdMcgIjk3-l8G92NNDJ6TUBisblc1mKCtcz-pdZ5qxCfFz3vA==
4addd1feb15ed6c96653065fe1a31b6e.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
12 KB
13 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/4addd1feb15ed6c96653065fe1a31b6e.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.207.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-58.nrt57.r.cloudfront.net
Software
cloudflare /
Resource Hash
a6e72aac4aee31c7e498ee2c73eddef16dfe43d7aa614945b9d2602b055070a3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Tue, 12 Dec 2023 09:41:33 GMT
x-content-type-options
nosniff
via
1.1 7bdbfc0a92d08678fa98f050e3369202.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P3
age
498218
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
12249
last-modified
Fri, 13 Oct 2023 19:38:10 GMT
server
cloudflare
etag
"42446cf83b9928ffdc0cd2e5946ec836"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
830b51a50f398298-IAD
timing-allow-origin
*
x-amz-cf-id
_86sTr4HSeX5rXO3hhOW4P91fuOgr0a91q1pz2T54QebyCIHVTH4qg==
bb1dc1a503fa0694e937041943df2ae1.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
5 KB
6 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/bb1dc1a503fa0694e937041943df2ae1.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.207.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-58.nrt57.r.cloudfront.net
Software
Cloudinary /
Resource Hash
114d045bf4453dddba6c0efc653bf66cfa301aefe2fe1dd0f20f8ffcdb8860fa
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Thu, 14 Dec 2023 22:07:58 GMT
x-content-type-options
nosniff
via
1.1 7bdbfc0a92d08678fa98f050e3369202.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P3
age
280505
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
5423
last-modified
Mon, 24 Jul 2023 13:12:25 GMT
server
Cloudinary
etag
"7dc5c21f4db6c1b8f1dd8218a04f332f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
dV9bAJFmwq0UiFx7w3Pgbx_0vSfj_bgaAT9X3NkDuXw_9ySbk9F_Aw==
95d4259a381b2d8b93d4f64dd04780fc.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
13 KB
13 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/95d4259a381b2d8b93d4f64dd04780fc.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.207.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-58.nrt57.r.cloudfront.net
Software
Cloudinary /
Resource Hash
686c8f3c67a25265556496de9b37358557f5459b33d7b1e98940365e629ded25
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Sat, 16 Dec 2023 01:37:36 GMT
x-content-type-options
nosniff
via
1.1 7bdbfc0a92d08678fa98f050e3369202.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P3
age
596566
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
12975
last-modified
Sun, 16 Jul 2023 00:43:55 GMT
server
Cloudinary
etag
"6995367625def08dc454d7b5d0a60e42"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
eIkWgPpalt1dfBMRoIJJu30A3uKO4i-jdFLi4LC6V1U8XmNSLSQ7VQ==
3e7f174692755c8ec09adaa5d2a528fc.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
12 KB
13 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/3e7f174692755c8ec09adaa5d2a528fc.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.65.207.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-58.nrt57.r.cloudfront.net
Software
cloudflare /
Resource Hash
beab0fcc7f6772dc5d19362bb192fbed6c57d3bf69e04305a20bfa3fce18401d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:09:07 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 26f81727519c342aad4ccd47b72fd7cc.cloudfront.net (CloudFront)
age
312818
x-amz-cf-pop
NRT57-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
12735
last-modified
Fri, 24 Nov 2023 19:17:21 GMT
server
cloudflare
etag
"c99eeb93381483d448e9cc71a36753e1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
8356adeebe2f2d22-IAD
timing-allow-origin
*
x-amz-cf-id
TvUhKVm0sCBvJ1Fdl7iksWXMHDib_n78yx6fv8Pxzni9avYs_8Dc8w==
file.mp4
r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408164/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 6EB9
3 MB
3 MB
Media
General
Full URL
https://r2---sn-ogul7ne6.c.2mdn.net/videoplayback/id/6eb8c3eed151c3a7/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734408164/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/738F2114F13C6DC721A312F206446CECE0059BFA.2404F4D8C0EB767F40209A5497FC31AE9513589A/key/cms1/cms_redirect/yes/mh/Tm/mip/2001:ac8:40:1e::2e/mm/42/mn/sn-ogul7ne6/ms/onc/mt/1702871579/mv/m/mvi/2/pl/48/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:1f::7 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
9129173d5280e244bb3245890e87656d5fa9cc94c4911ef3f95023224a7ace3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

expires
Mon, 18 Dec 2023 04:02:45 GMT
date
Mon, 18 Dec 2023 04:02:45 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-3187474/3187475
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
3187475
last-modified
Fri, 17 Nov 2023 14:18:30 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
client-protocol
quic
e5d8fe6655fe6e654cce2d3480d3179a.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
9 KB
9 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/e5d8fe6655fe6e654cce2d3480d3179a.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.65.207.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-58.nrt57.r.cloudfront.net
Software
cloudflare /
Resource Hash
498c323d6fe879b5a0e8309e077dc48a643ec21311f1b337eaf35e36e80da109
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Mon, 11 Dec 2023 17:36:35 GMT
x-content-type-options
nosniff
via
1.1 26f81727519c342aad4ccd47b72fd7cc.cloudfront.net (CloudFront)
age
556062
x-amz-cf-pop
NRT57-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
8986
last-modified
Thu, 26 Oct 2023 08:39:02 GMT
server
cloudflare
etag
"0d86833610712beb6810441e31c05866"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
8305cd1f1dd78287-IAD
timing-allow-origin
*
x-amz-cf-id
iR86YYHNRCi3PAcu9uq6Cm3Mk1WvALzqTNGmnhzIMbNp2C2a6Ys9QA==
c25e8244dfa7c2f9a18a54662bc3bcab.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
9 KB
9 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/c25e8244dfa7c2f9a18a54662bc3bcab.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.65.207.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-58.nrt57.r.cloudfront.net
Software
Cloudinary /
Resource Hash
6130fb6f26578f9629cf6121e7fe00619294302787cae6b3e9b1a3a32e0fbdd8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 11:59:19 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 26f81727519c342aad4ccd47b72fd7cc.cloudfront.net (CloudFront)
age
144206
x-amz-cf-pop
NRT57-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
8734
last-modified
Wed, 22 Nov 2023 08:02:55 GMT
server
Cloudinary
etag
"1f1868219e1fa32cc8cf8659bd2edc81"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
6IKSU2qb1SVxC68x6eYG6lS3nDy_iF1lQSis080JwKJMz2tUJu7O-g==
4addd1feb15ed6c96653065fe1a31b6e.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
8 KB
8 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/4addd1feb15ed6c96653065fe1a31b6e.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.65.207.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-58.nrt57.r.cloudfront.net
Software
Cloudinary /
Resource Hash
17f97d5959c6d53bed9380600d2fc4d0ff71ee31fda6c0882db77b3e597ee0f7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 20:24:31 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 26f81727519c342aad4ccd47b72fd7cc.cloudfront.net (CloudFront)
age
459494
x-amz-cf-pop
NRT57-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
7807
last-modified
Fri, 13 Oct 2023 19:38:12 GMT
server
Cloudinary
etag
"7a80aff98763b130f47b5b30ae3ac368"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
KTWQlWkAw4zcqXo2C5cK0JEbpgll-ldImPjit0tQU-MV4NF1hGr-gw==
074ac040ac532af3aa9c7aaa8a65610a.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
5 KB
6 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/074ac040ac532af3aa9c7aaa8a65610a.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.65.207.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-58.nrt57.r.cloudfront.net
Software
cloudflare /
Resource Hash
a946d0a0864f753db123a2bb565e63e98e6b522e0d553db9d6d56cce173d4dc1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Sun, 17 Dec 2023 03:19:54 GMT
x-content-type-options
nosniff
via
1.1 26f81727519c342aad4ccd47b72fd7cc.cloudfront.net (CloudFront)
age
89067
x-amz-cf-pop
NRT57-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
5576
last-modified
Mon, 24 Jul 2023 13:12:20 GMT
server
cloudflare
etag
"3bd3d204b2b27f708c0948ba27ed1fbf"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
83325677185858ae-IAD
timing-allow-origin
*
x-amz-cf-id
YqcCJeGyVzA1MHscF4wGLcApeTrIpMg_P4OMy5nedROOLmhmfOX7GQ==
v2
de.tynt.com/deb/
823 B
2 KB
Script
General
Full URL
https://de.tynt.com/deb/v2?id=w!a9etg89wet&dn=TC&cc=1&chmob=0&r=&pu=https%3A%2F%2Fwww.hawtcelebs.com%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
eef1357dda208536199e3f95954fa2410c5dbcbf46bae21470385b1e0bb2ed97

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Mon, 18 Dec 2023 04:02:44 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
823
expires
Sat, 26 Jul 1997 05:00:00 GMT
cors
data.ad-score.com/data/
50 B
599 B
Fetch
General
Full URL
https://data.ad-score.com/data/cors?pm_st=kGbpickaiRkDrFHkEieGxMpiIzwFpBWP-FE7fPshldVPjNSMb3XnAF0rCOsk=-E03BPsVkY1viMQ==&pm_ct=28cb5d651d6d0d8960e679e3&pm_pl=1702872165212&pm_td=9&pid=1000177&en=1.1&callback=__pm_glbl_2r4LpRnqhg0ftE61tPcNmTZ1._gc1&tt=opt&v=8e71a8c
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
94833e8e38b0db568b88586c740e4564192f727967d55c35c6363d32ae263aab

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:45 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
50
x.html
js.ad-score.com/ Frame 1592
75 KB
26 KB
Document
General
Full URL
https://js.ad-score.com/x.html?v=8e71a8c&pid=1000177
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:5a00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cd74dbd15f26258bce0d5413457d65724272003e8cfffdc91188f79cd848bc49

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
33264
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Dec 2023 18:48:21 GMT
Last-Modified
Sun, 17 Dec 2023 14:15:52 GMT
Transfer-Encoding
chunked
Via
1.1 d947c63dfd9d1ccbe9f338254272c65e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
yAcvKa46H31bLWvI3EACidWEQVRkOmvNT6xbG4N84hZPP0eDkQgnwA==
X-Amz-Cf-Pop
NRT57-P2
X-Cache
Hit from cloudfront
cors
data.ad-score.com/data/
50 B
599 B
Fetch
General
Full URL
https://data.ad-score.com/data/cors?pm_st=kGbpickaiRkDrFHkEieGxMpiIzwFpBWP-FE7fPshldVPjNSMb3XnAF0rCOsk=-E03BPsVkY1viMQ==&pm_ct=6d412816d5168761b6f4f836&pm_pl=1702872165381&pm_td=5&pid=1000177&en=1.1&callback=__pm_glbl_ArfDu7dIkIaa4gc9C8xpfmDd._gc1&tt=opt&v=8e71a8c
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
9212d3a1320fcf45900feade11dcb61012c5170853e5ffc185af083756febedb

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:45 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
50
x.html
js.ad-score.com/ Frame 66E6
75 KB
26 KB
Document
General
Full URL
https://js.ad-score.com/x.html?v=8e71a8c&pid=1000177
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:5a00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cd74dbd15f26258bce0d5413457d65724272003e8cfffdc91188f79cd848bc49

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
33264
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Dec 2023 18:48:21 GMT
Last-Modified
Sun, 17 Dec 2023 14:15:52 GMT
Transfer-Encoding
chunked
Via
1.1 d947c63dfd9d1ccbe9f338254272c65e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
bBZ_1vgWI6GasvSDjUrKApy3gQbq_ZN4pipvb_SiJTAFyhrGYiPoMw==
X-Amz-Cf-Pop
NRT57-P2
X-Cache
Hit from cloudfront
in_search.js
resources.infolinks.com/js/1895.006-3.034/
225 KB
89 KB
Script
General
Full URL
https://resources.infolinks.com/js/1895.006-3.034/in_search.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d1b618b508d6e2c3ab4c4d98feeddfdb66e6d87d9dcfd88097f1d85480c3af0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 17:45:04 GMT
server
cloudflare
age
6947
etag
W/"38471-6099387d9904d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
83748319fa086848-NRT
expires
Wed, 17 Jan 2024 02:06:58 GMT
bubble.js
resources.infolinks.com/js/1895.006-3.034/
156 KB
46 KB
Script
General
Full URL
https://resources.infolinks.com/js/1895.006-3.034/bubble.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59ddf97f6e2d2c730808590edffb1c8caf4569dc1f10eb24c374e445911e6841

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 17:45:04 GMT
server
cloudflare
age
2672
etag
W/"2702f-6099387d99435"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
83748319fa0b6848-NRT
expires
Wed, 17 Jan 2024 03:18:13 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
367 KB
126 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8322c76053c917801fed702192c48c58ffe98d3f3bab828c03dd75b3ba71873f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Mon, 18 Dec 2023 04:02:45 GMT
advertbanner.
fundingchoicesmessages.google.com/f/AGSKWxVawaHWNZquSrw2thvgoTALPVsDIgffPGSCZXzSd5dpxDTr_tN4S17YVRczhnOoobdvne1a5TD4fPQ_xt5V7NGVScDIwZ8n5BDCmCX71iXDtlzPqmR4P_8br_E0iYRIwHSlUK6UL_vZKC-hHIiv3IU1UvsKb...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVawaHWNZquSrw2thvgoTALPVsDIgffPGSCZXzSd5dpxDTr_tN4S17YVRczhnOoobdvne1a5TD4fPQ_xt5V7NGVScDIwZ8n5BDCmCX71iXDtlzPqmR4P_8br_E0iYRIwHSlUK6UL_vZKC-hHIiv3IU1UvsKb-pZA3b2kbS8RlYBpJzaiIoK5q6RzOON/_/adssrv.-Block-ad-/imgad./advertbanner.?adunitid=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz3yAw6EdmQsjd3aj68pMJW_AFq6g/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
07d098da1a0e729a2b58231fbac02af9cd33b26a01c3459873faa8ebae59ed08
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3XVbRXgEsEYqCC1uEs7RmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3XVbRXgEsEYqCC1uEs7RmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
145 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz3yAw6EdmQsjd3aj68pMJW_AFq6g/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bed3578da4cbbe68d2b5ad0c8bf01f9d1e3ebd16e4e03f5a704edabf4507edb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51438
x-xss-protection
0
server
cafe
etag
1173896826651441419
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 04:02:45 GMT
AGSKWxXp-vHaLu3efs0WEEZwQeg0hBx5A0rwxWvnHvnTnWMoCQm35dOsQGUV5TqFyEYX9DZj19cvah_PAiQL1DljuZK9EXPcpTYvkhx5L-Tao0AXrBz3UWQa4NXtfhqv2sM6xkqi-uOwSA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXp-vHaLu3efs0WEEZwQeg0hBx5A0rwxWvnHvnTnWMoCQm35dOsQGUV5TqFyEYX9DZj19cvah_PAiQL1DljuZK9EXPcpTYvkhx5L-Tao0AXrBz3UWQa4NXtfhqv2sM6xkqi-uOwSA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9UEefYmcmFutetsCfcje4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
content-security-policy
script-src 'report-sample' 'nonce-9UEefYmcmFutetsCfcje4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hawtcelebs.com%2F&domain=www.hawtcelebs.com&cw=1&lsw=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 18 Dec 2023 04:02:45 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
271748
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 3FB6
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hawtcelebs.com%2F&domain=www.hawtcelebs.com&cw=1&lsw=1&gdpr=0
  • https://mug.criteo.com/sid?cpp=nZjMwXw3Y3NSYzNVNy83NHdJaUQ0T3Fma1FYL1RuNyttazl2eEVlcmJ0ZWRKOFlUR0t2STZsMmZrSysyNjl6SWZGSCtrQ0k2Q2lZbmNnNEYvWmVMSVo5ZzJBN29RN0lSMyt6NWZQRFg4TkFibXlHcEhRNlpTZnBpQ0p5aV...
357 B
647 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=nZjMwXw3Y3NSYzNVNy83NHdJaUQ0T3Fma1FYL1RuNyttazl2eEVlcmJ0ZWRKOFlUR0t2STZsMmZrSysyNjl6SWZGSCtrQ0k2Q2lZbmNnNEYvWmVMSVo5ZzJBN29RN0lSMyt6NWZQRFg4TkFibXlHcEhRNlpTZnBpQ0p5aVhNaC9hRWlEeXRwVHgzSTBoTytVVi9sM2xzSHN5TXovVlh0ZndsUldvajNYVU5NNDlJdVRJUkpCNTRkekFrUUVJQSs4MTRtZG5HSjkwZUJqZlZlNTNPZ3I0R3JyWEdsSHFJcTVETk5PekxVaUR3VGFaQ3RkbTNQWkt1a3FHWmt6YldvS29NNzVPfA&cppv=2
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
61647438d42abf0104a3abada8b2c4c869871d83a14ec21107775c1477d42592
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:44 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
554771
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://www.hawtcelebs.com
location
https://mug.criteo.com/sid?cpp=nZjMwXw3Y3NSYzNVNy83NHdJaUQ0T3Fma1FYL1RuNyttazl2eEVlcmJ0ZWRKOFlUR0t2STZsMmZrSysyNjl6SWZGSCtrQ0k2Q2lZbmNnNEYvWmVMSVo5ZzJBN29RN0lSMyt6NWZQRFg4TkFibXlHcEhRNlpTZnBpQ0p5aVhNaC9hRWlEeXRwVHgzSTBoTytVVi9sM2xzSHN5TXovVlh0ZndsUldvajNYVU5NNDlJdVRJUkpCNTRkekFrUUVJQSs4MTRtZG5HSjkwZUJqZlZlNTNPZ3I0R3JyWEdsSHFJcTVETk5PekxVaUR3VGFaQ3RkbTNQWkt1a3FHWmt6YldvS29NNzVPfA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
221126
content-length
0
expires
0
prebid
id5-sync.com/api/config/ Frame 3FB6
134 B
417 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
localstore.js
script.4dex.io/ Frame 3FB6
483 B
1 KB
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1522066
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
Server
cloudflare
ETag
W/"922cffdd75f7192f75231d92684885aa"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gPwpI%2BuSjDdbtQ6gQT4nE4NLQusZ3AnP%2FRVn0cTcc0tR%2Fjann%2B3uwmA2R%2BBB3lQ46gSHSWJvnV%2BDzP8IkgznycaRK0tlZeHsK01DA6SuiNE6KaZEee2EtOCUJZKFm%2FHm3E%2F7FYFD8XdV7gU"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
public, max-age=1800
CF-RAY
8374831a5800264e-NRT
Expires
Mon, 18 Dec 2023 04:32:45 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 6A8F
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 13:34:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
224869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 13:34:56 GMT
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 4894
566 B
521 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.206.157.242 New York, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:44 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 16 Dec 2028 04:02:44 GMT
um
u-sin01.e-planning.net/ Frame 4894
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D503248025d2a5a14%26uid%3D%24%7BUID%7D
  • https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=503248025d2a5a14&uid=a75166a0-ad35-4cf7-ac4f-5895eb6dfe39
42 B
104 B
Image
General
Full URL
https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=503248025d2a5a14&uid=a75166a0-ad35-4cf7-ac4f-5895eb6dfe39
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
64.120.110.137 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

server
openresty
date
Mon, 18 Dec 2023 04:02:45 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=503248025d2a5a14&uid=a75166a0-ad35-4cf7-ac4f-5895eb6dfe39
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
sync
x.bidswitch.net/ Frame 4894
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
2a251c12-66c5-49fe-9be1-5e7382ad9287
https://www.hawtcelebs.com/
725 B
0
Other
General
Full URL
blob:https://www.hawtcelebs.com/2a251c12-66c5-49fe-9be1-5e7382ad9287
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
725
Content-Type
text/javascript
7aecd923-71f3-4dd7-9376-adf79a67eef4
https://www.hawtcelebs.com/
725 B
0
Other
General
Full URL
blob:https://www.hawtcelebs.com/7aecd923-71f3-4dd7-9376-adf79a67eef4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
725
Content-Type
text/javascript
publishertag.prebid.139.js
static.criteo.net/js/ld/
94 KB
30 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Jul 2023 13:25:47 GMT
server
nginx
etag
W/"64ad585b-17893"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Dec 2023 04:02:45 GMT
postscribe.min.js
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/
17 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Requested by
Host: servg1.net
URL: https://servg1.net/?uid=613bb0d66b6a5524b8fb18d3&oab=1&puburl=https%253A%252F%252Fwww.hawtcelebs.com%252F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
812276
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5117
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-45f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oa9kzSTp2pScYCaQEf87%2FNadfVF0HI9XGieTdQD3H9x8hAGOAl9OHHtF8nUZ1riEoQ6ZDL3u%2FFoOwLTrWtx%2BMLsEM4TG%2BrPpjHE2yGVh2hbaxeNL%2F0FrNayV8AvD1EgyJyflJwKq1QFCOAmrUPkZRCeu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8374831b0a2ef5c0-NRT
expires
Sat, 07 Dec 2024 04:02:45 GMT
pixel;r=1596966811;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;ref=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=1;fpa=P0-71408118-1702872...
pixel.quantserve.com/ Frame 3FB6
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1596966811;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;ref=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=1;fpa=P0-71408118-1702872164933;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=hawtcelebs.com;dst=0;et=1702872165182;tzo=-540;ogl=;ses=6620eaf7-3b14-47a0-8597-75ab18a171d2;mdl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800e:21:a878:7c6e:cf7b:3362 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=nZjMwXw3Y3NSYzNVNy83NHdJaUQ0T3Fma1FYL1RuNyttazl2eEVlcmJ0ZWRKOFlUR0t2STZsMmZrSysyNjl6SWZGSCtrQ0k2Q2lZbmNnNEYvWmVMSVo5ZzJBN29RN0lSMyt6NWZQRFg4TkFibXlHcEhRNlpTZnBpQ0p5aVhNaC9hRWlEeXRwVHgzSTBoTytVVi9sM2xzSHN5TXovVlh0ZndsUldvajNYVU5NNDlJdVRJUkpCNTRkekFrUUVJQSs4MTRtZG5HSjkwZUJqZlZlNTNPZ3I0R3JyWEdsSHFJcTVETk5PekxVaUR3VGFaQ3RkbTNQWkt1a3FHWmt6YldvS29NNzVPfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 18 Dec 2023 04:02:45 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
214552
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
s
kvt.sddan.com/api/v1/public/p/29567/d/50/ Frame 3FB6
507 B
659 B
Fetch
General
Full URL
https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.hawtcelebs.com%2F
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.112 , France, ASN12876 (Online SAS, FR),
Reverse DNS
kube-rr.sirdata.fr
Software
nginx/1.20.2 /
Resource Hash
8390bd7de281c9f9f71e063b6f7ef73b02297c9fa9e971fd7b1bbbdee423048e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 18 Dec 2023 04:02:46 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
Server
nginx/1.20.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
private, max-age=60
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
content-type
generate_204
tpc.googlesyndication.com/ Frame C136
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?ndRhMQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cfe47667-1bdc-44f4-8c11-888ede3dda9f
https://www.hawtcelebs.com/
288 B
0
Other
General
Full URL
blob:https://www.hawtcelebs.com/cfe47667-1bdc-44f4-8c11-888ede3dda9f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
288
Content-Type
text/javascript
page-view
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.hawtcelebs.com
content-length
0
date
Mon, 18 Dec 2023 04:02:45 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
3
x-rc-region
us-west-2c
widget-loaded
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.hawtcelebs.com
content-length
0
date
Mon, 18 Dec 2023 04:02:45 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
3
x-rc-region
us-west-2c
widget-loaded
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.hawtcelebs.com
content-length
0
date
Mon, 18 Dec 2023 04:02:45 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
us-west-2c
widget-loaded
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.hawtcelebs.com
content-length
0
date
Mon, 18 Dec 2023 04:02:45 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
3
x-rc-region
us-west-2c
page-view
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-west-2c
access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:45 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-west-2c
access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:45 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-west-2c
access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:45 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
server
envoy
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.250.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-250-75.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-west-2c
access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:45 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
Origin
lt.min.js
tags.crwdcntrl.net/lt/c/3825/
58 KB
18 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 13:48:07 GMT
content-encoding
gzip
via
1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C1
age
51279
x-amz-server-side-encryption
AES256
etag
W/"eb52f900499b46d1088df97dad487c73"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
HpOL1D2Y2copxyxDBo6NbKZcTD37QcuS3oKcYX1jkstlAlKXzBKh_A==
/
t.dtscdn.com/widget/
0
598 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=6D001702872164961943D5DB294AB097&nid=0&p=836148727&t=-540&s=1600x1200x24&u=https%3A%2F%2Fwww.hawtcelebs.com%2F&r=
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
x-t
1.16
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vM6JNyyNsOIsaYjyXqHUp04Xfm%2BpweLO%2FzOVAxSs1etcKAwzlsq1Uh5TiFgaRaRR7HKRw7omEb7iD2zk9tYr9zUnYPDSS7JTqbKEfO4rNTY%2FQwJteMLrflNJuLhknLmZntKTCrsz23uCkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web16.ny1.dtscdn.com
cf-ray
8374831bcffa344b-NRT
expires
Mon, 18 Dec 2023 04:01:11 GMT
/
spl.zeotap.com/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D001702872164961943D5DB294AB097
  • https://spl.zeotap.com/?zdid=1332&zcluid=94efaed68a8c349c
0
0
Image
General
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=94efaed68a8c349c
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=94efaed68a8c349c
content-length
0
6.gif
id5-sync.com/c/102/112/3/ Frame 3FB6
Redirect Chain
  • https://id5-sync.com/i/102/8.gif?id5id=ID5*EhHv9jlkHnA9J28XKyk1rnWb1WQdqMkOkUBt3XnCGtV14OfKF2kTpa7XwR1bmR9rdeHpQUQujuK484bdKcNRQw&o=api&gdpr_consent=undefined&gdpr=0
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-b861SU3Ht00OttBbAOxpBbIMo22BEMnhabQaCevDEg&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/7/2.gif?puid=3831266057273496277&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/2/6/3.gif?puid=3456854436429190532&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=45d05fd7-b774-43df-ba7c-91fe06509f64&ttl=%%TTL%%
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
  • https://id5-sync.com/k/155.gif?puid=AAEHdE7K_4kAABSTifkKEw&id5AccountNum=155&numCascadesAllowed=9
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/102/112/3/6.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
0
0
Image
General
Full URL
https://id5-sync.com/c/102/112/3/6.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

location
https://id5-sync.com/c/102/112/3/6.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
uip-response-status
FallbackResponse
date
Mon, 18 Dec 2023 04:02:00 GMT
frontend-id
0
content-length
0
routing-server-id
1
3963bcb6-221c-4c24-a416-890548455028
https://www.hawtcelebs.com/
288 B
0
Other
General
Full URL
blob:https://www.hawtcelebs.com/3963bcb6-221c-4c24-a416-890548455028
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
288
Content-Type
text/javascript
lotame-sync.html
cdn-tc.33across.com/ Frame 0DE7
343 B
394 B
Document
General
Full URL
https://cdn-tc.33across.com/lotame-sync.html
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!a9etg89wet&dn=TC&cc=1&chmob=0&r=&pu=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
28695
cache-control
public, max-age=259200
cf-cache-status
HIT
cf-ray
8374831be99d5eb5-NRT
content-encoding
gzip
content-type
text/html
date
Mon, 18 Dec 2023 04:02:45 GMT
etag
W/"651ed18d-157"
expires
Thu, 21 Dec 2023 04:02:45 GMT
last-modified
Thu, 05 Oct 2023 15:09:01 GMT
server
cloudflare
vary
Accept-Encoding
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&33random=1702872165329.1&cat=33across
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&33random=1702872165329.1&cat=33across
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=45d05fd7-b774-43df-ba7c-91fe06509f64&bid=1e2n4ou
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?uid=45d05fd7-b774-43df-ba7c-91fe06509f64&bid=1e2n4ou
Protocol
HTTP/1.1
Server
18.177.116.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-116-10.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 18 Dec 2023 04:02:46 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?uid=45d05fd7-b774-43df-ba7c-91fe06509f64&bid=1e2n4ou
date
Mon, 18 Dec 2023 04:02:46 GMT
server
Kestrel
content-length
191
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&33random=1702872165329.3&cat=33across
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&33random=1702872165329.3&cat=33across
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=45d05fd7-b774-43df-ba7c-91fe06509f64&bid=1e2n4ou
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?uid=45d05fd7-b774-43df-ba7c-91fe06509f64&bid=1e2n4ou
Protocol
HTTP/1.1
Server
18.177.116.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-116-10.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 18 Dec 2023 04:02:46 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?uid=45d05fd7-b774-43df-ba7c-91fe06509f64&bid=1e2n4ou
date
Mon, 18 Dec 2023 04:02:46 GMT
server
Kestrel
content-length
191
usync.html
eus.rubiconproject.com/ Frame 16C0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Dec 2023 04:02:45 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 18 Dec 2023 04:02:45 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 619E
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1702872165501.3&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=113804
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 18 Dec 2023 04:02:46 GMT
expires
Tue, 19 Dec 2023 11:39:30 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 18 Dec 2023 04:02:45 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP002
x-33x-status
40000000008200000C
cm
us-u.openx.net/w/1.0/ Frame B01C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1702872165501.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...
0
71 B
Document
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 18 Dec 2023 04:02:46 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 18 Dec 2023 04:02:45 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP001
x-33x-status
40000000008200000C
match
events-ssc.33across.com/ Frame 727B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dthe33...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=00cefed71db242f482ccb75a903e683c&ssp=the33across&bsw_param=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=a18511a8-4739-4f63-9f2a-764feaa38b34
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=a18511a8-4739-4f63-9f2a-764feaa38b34&ts=1702872166&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
216 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=a18511a8-4739-4f63-9f2a-764feaa38b34&ts=1702872166&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
8000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=a18511a8-4739-4f63-9f2a-764feaa38b34&ts=1702872166&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 727B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1702872165501.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=3456854436429190532
68 B
117 B
Image
General
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=3456854436429190532
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
an-x-request-uuid
25e204a9-d414-4936-9528-e30b9e040f01
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=3456854436429190532
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
db_sync
px.ads.linkedin.com/ Frame 727B
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&_rand=1702872165501.6
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&_rand=1702872165501.6&expected_cookie=668042dc-cb71-49c1-bcb2-30d41b867733
0
143 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&_rand=1702872165501.6&expected_cookie=668042dc-cb71-49c1-bcb2-30d41b867733
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: F613F4268AF44945BE4D41D73B3CF004 Ref B: TYO01EDGE1711 Ref C: 2023-12-18T04:02:46Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMwNKOxJ1vwg0EGl72jw==

Redirect headers

date
Mon, 18 Dec 2023 04:02:45 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: D639D678D0B54AC1B31ABDAEDE8A357E Ref B: TYO01EDGE1711 Ref C: 2023-12-18T04:02:45Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
location
/db_sync?pid=15927&puuid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&_rand=1702872165501.6&expected_cookie=668042dc-cb71-49c1-bcb2-30d41b867733
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMwNKL3ScXf7VIBzCDmA==
45d05fd7-b774-43df-ba7c-91fe06509f64
map.go.affec.tv/map/ttd/ Frame 727B
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&ts=1702872165501.7
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D657fc4655d4b1a0001b44aad%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
  • https://map.go.affec.tv/map/an/3456854436429190532?ch=657fc4655d4b1a0001b44aad&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://map.go.affec.tv/map/ttd/45d05fd7-b774-43df-ba7c-91fe06509f64?ttd_puid=&gdpr=0&gdpr_consent=
0
562 B
Image
General
Full URL
https://map.go.affec.tv/map/ttd/45d05fd7-b774-43df-ba7c-91fe06509f64?ttd_puid=&gdpr=0&gdpr_consent=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H2
Server
52.76.7.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-7-220.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
vary
Accept-Encoding

Redirect headers

location
https://map.go.affec.tv/map/ttd/45d05fd7-b774-43df-ba7c-91fe06509f64?ttd_puid=&gdpr=0&gdpr_consent=
date
Mon, 18 Dec 2023 04:02:46 GMT
server
Kestrel
content-length
229
receive
pixel.tapad.com/idsync/ex/ Frame 727B
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&random=1702872165501.8&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&random=1702872165501.8&redirect=https%3A%2F%2Fthinkcxad.azurewebsite...
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=00f7adb4-7718-4b77-b3bc-531c16088d62&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=00f7adb4-7718-4b77-b3bc-531c16088d62&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=72174198492171007252808969393739432874&pt=00f7adb4-7718-4b77-b3bc-531c16088d62%2C%2C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=72174198492171007252808969393739432874&pt=00f7adb4-7718-4b77-b3bc-531c16088d62%2C%2C
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

dcs
dcs-prod-tyo3-2-v051-06cb72ada.edge-tyo3.demdex.com 1 ms
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
k1i/AZ23QYs=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=72174198492171007252808969393739432874&pt=00f7adb4-7718-4b77-b3bc-531c16088d62%2C%2C
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
mapuid
secure.adnxs.com/ Frame 727B
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&random=1702872165501.9&pu=https%3A%2F%2Frouter.infolinks.com%2F
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212384919919253&seg_code=33x&random=1702872166
43 B
789 B
Image
General
Full URL
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212384919919253&seg_code=33x&random=1702872166
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H2
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
an-x-request-uuid
897beac2-a01b-4af0-882c-0ea152a88a4b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
402044000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212384919919253&seg_code=33x&random=1702872166
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
getuidj
ib.adnxs.com/ Frame 3FB6
29 B
708 B
Fetch
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12763/px.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
3927f47da8a98193a32b93ef3914787c5d4ef5c90776b08a026b30a2d50fbec5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
an-x-request-uuid
aeda7905-a1db-4bc7-aa5d-13c5e0671eb4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
29
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rid
match.adsrvr.org/track/ Frame 3FB6
108 B
698 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12763/px.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
cc993ab278a6565a76fbea3c2a2a14f3d3f412e86e5b650dda3536b4f7045ebd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Wed, 17 Jan 2024 04:02:45 GMT
AGSKWxXp-vHaLu3efs0WEEZwQeg0hBx5A0rwxWvnHvnTnWMoCQm35dOsQGUV5TqFyEYX9DZj19cvah_PAiQL1DljuZK9EXPcpTYvkhx5L-Tao0AXrBz3UWQa4NXtfhqv2sM6xkqi-uOwSA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXp-vHaLu3efs0WEEZwQeg0hBx5A0rwxWvnHvnTnWMoCQm35dOsQGUV5TqFyEYX9DZj19cvah_PAiQL1DljuZK9EXPcpTYvkhx5L-Tao0AXrBz3UWQa4NXtfhqv2sM6xkqi-uOwSA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-efE88S7BG3yT6Rve-OuPuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-efE88S7BG3yT6Rve-OuPuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
getads.htm
rt3008.infolinks.com/action/
136 B
210 B
Script
General
Full URL
https://rt3008.infolinks.com/action/getads.htm?83=&hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22baton%22%2C%22scs%22%3A%227jIh5U0f0p%22%7D%5D&rid=9aeb1299-c0b7-4e83-bb13-dc0022e3ee5c&jsv=1895.006-3.034&sr=1600X1200&rts=1702872165770&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=120.0.6099.109&dv=p&ce=t&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F&tzo=%2B0900&c=c&strg=true&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=hlpaNrmfTGED-NDz_AlHWf3-o57HFVH_DR8Jc0jOQwb_cXkncnNtU0kicXir62ieP2c6Qtxsa_8ydRlx8sqVEGLtnA1NP_Jll77Ya-73QbdFMeNhAmHMwoz1-4OiNvhGIhwExbMrTpTe-WlfLJHbCO9tj5IfMn_LQ9MS2wdBy60&rsk=18&rcs=PsDnWQUop8EQLi0dR7IUmQ&cuid=7994afcd-7b70-49d4-8970-1e076a54cf0d&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50b50b0eae933b618574d234af7905a077977a31469f5f6c31687149add14de9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
jp-JP
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
8374831c0b836848-NRT
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
in_text.js
resources.infolinks.com/js/1895.006-3.034/
10 KB
4 KB
Script
General
Full URL
https://resources.infolinks.com/js/1895.006-3.034/in_text.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2a5cad8642da06458b2c19709066f9c627a4d351384dc8bd8a7f97ff3e18e83

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 17:45:04 GMT
server
cloudflare
age
14329
etag
W/"295a-6099387da0965"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8374831c1b866848-NRT
expires
Wed, 17 Jan 2024 00:03:56 GMT
intag_incontent.js
resources.infolinks.com/js/1895.006-3.034/
200 KB
38 KB
Script
General
Full URL
https://resources.infolinks.com/js/1895.006-3.034/intag_incontent.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21cfed7eb47b3b9d993cf5a71b4feb6e45c17a34e5355f197deb015ff7d877f2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 17:45:04 GMT
server
cloudflare
age
5036
etag
W/"31f6c-6099387d81d35"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8374831c1b876848-NRT
expires
Wed, 17 Jan 2024 02:38:49 GMT
in_frame.js
resources.infolinks.com/js/1895.006-3.034/
37 KB
13 KB
Script
General
Full URL
https://resources.infolinks.com/js/1895.006-3.034/in_frame.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d71e245e039e2ab2210e33f77247ae8b8d1c899010a02a799ab0d5a961910b5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 17:45:04 GMT
server
cloudflare
age
7022
etag
W/"95ba-6099387da8a4d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8374831c1b886848-NRT
expires
Wed, 17 Jan 2024 02:05:43 GMT
vidice.js
resources.infolinks.com/js/vidice/2.0/
333 KB
86 KB
Script
General
Full URL
https://resources.infolinks.com/js/vidice/2.0/vidice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 20 Mar 2023 11:38:11 GMT
server
cloudflare
age
7673
etag
W/"5344d-5f7535c977171"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8374831c1b946848-NRT
expires
Wed, 17 Jan 2024 01:54:52 GMT
dc_oe=ChMI5pXxk42YgwMVR4rpBR2WegsnEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCPqVwJONmIMDFWOK6QUd5WsE1g;dc_rmcid=CAQSPAAvHhf_huRwzTp-2qLLWELKdvpqxJasa-DOg54qfsleFVUnlVC178fnqQBdRmDJhhIIXO2...
ade.googlesyndication.com/ddm/activity/ Frame 6EB9
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5pXxk42YgwMVR4rpBR2WegsnEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCPqVwJONmIMDFWOK6QUd5WsE1g;dc_rmcid=CAQSPAAvHhf_huRwzTp-2qLLWELKdvpqxJasa-DOg54qfsleFVUnlVC178fnqQBdRmDJhhIIXO2Bt6L60delPxgB;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOliX7L6TjZiDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D11520%26vmtime%3D30%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D633706359%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702872165781;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6EB9
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ch3KfZMR_ZfrTBOOUpt8P5deRsA31ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEsgJP0GQ-M7jkGyOGSgT_SYKQNbGmoJJmclm3X8E8p6KOZIpE3uNSuUqySrVy3_QlPT8Bv-mvNErVsm3Hb1eOy07clyiBmKrOIQWOyvSx5DV060OcE-9H30CFvI_l8YTVMfo34PhO7ZooL5JKzTGSI9RBtY3l6siKTRKFAFMvXN0xLG2gSEl9CTDqSSWj9ln4RTHVtC8KztqG_wENUu-Zsyj70DzqbrhAePfatIZ8X_RicdsNh8fmlA-N5umn5FrdEhhgzcq_ok3cwSws-LM3ZoCE9bcnYmJoLifx6v_GmM2xbMTHXeFavgWGlZ2BIwst8O-Ugn2tvPwGJij5jUMS3tJNWYRWMN0rJp3Zna_nwzMezFlXWhHPilXB2t7MukVqJv_NdHiAjfPnU-jPbkmbPMDWZ3PABMmR7s3JBOAEA4gFgaDOuU2QBgGgBnaAB-qQlb4BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYl-y-k42YgwPyCBthZHgtc3Vic3luLTk5Mzg1NjU4MjIwMzQ2ODCACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAqoNAkpQ4g0TCLyWv5ONmIMDFWOK6QUd5WsE1rATyqPIFcgT3oH34wPYEwqIFALYFAHQFQH4FgGAFwHoFwM&sigh=jJWUou9grwU&label=part2viewed&ad_mt=30&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D11520%26vmtime%3D30%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D633706359%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702872165781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6EB9
0
28 B
Image
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZWhiEmk8eSXytmT0gNmBYYNTAuFhp9LYCPtbdxfE-MqSyP093JcLsPqsp6-M8H16Dc5_jwNASLrLJTRf4rn9jTnXpdUVSoq-6rSW1TbxKVVgaLtM68_tYZOl9XrsI6pPbGMRZH4vtFPbXPRGG2hZxfglPL8DzpdLar852Z6bvIzFtYaW4v9SK4sJFzx7E6SVP12IuA5usocP_gix3Tgj0Z3u8KXbgUCh1btJ_kdsbX7c12ZaRDmXh6NoJmdi8gO9IuYHw94x55mTCIMHTWZVemI1_sAPxU0jlHihRpBMvJC5jkXd9Ui1HXJikQtG7gAZs5K1H5sZ_HFVUL3Of1iwW9vqoat9fWhq-XCVmJnVT5RUOiBaSCHMjgGYw6HJXlkIGRCvsLV4bbOknqcS2BT1kWmKhbRGNVKA2GCeagkYYweWMY8Is0Ahj6aVIyqc6xkZTkMagHras186kwUV8h7baaNp-jVy0LeQQcG5zy2xL25Laea4vv607y_wc99VbrsfOnBBvPK8b9pAB0ZzAyY5s1T0oLeXQOl82uGJd-sSf3rETFpWvo0e3ciNFsCB601K_sK_VaRg5fQ3QTawZQ0toKvMwJyyiTz3dAxKObd4SMVtvIF3cV5LKrFFthsSoMUX3xVZhIkIBh1xar2Fni_UFKwnlCCKloG54VnF16m-_tkN_qLkRLIzP2hxQmSGwe9uaMrvWUy4ksrShVdyN5zHiNw9FGPoDYDvFOsouu460d0rycuvApGgGPh0pDtrxHngHiJHOWDQEGtajKmMgD5IXTBKgYN-sc_bZ01K4fqToCrSmW-Fp0SB-vnqrbtBhZeJy6aXAsDol5JzCoK1It4L4916ZaJxMAV44_BoT64B2zMPxkaAJ_xKq4A5EbY3yYEbThjOYxlGVL7k3Tx0RM5_6cc1fst1GjuFJQpBm6qQyb0btz0-e1o1qPySX-PDBFbs46qj2MxRopB07DNxkH6kxMnj_GvTtLdc7hNJZ37bAbhnJR7UtwaSAuq5myMKpRwHHCYhMiFDGLYEGQfkWRv5gnKHqe5guPbrJFdPzeECPaqRvMDj-PNh9YBCbGMUpVnkqvcAYJoDBverXYJWbjHAFng7F9QyPtYCpAYRO9hSSBWNyiEkyIUZSkNCyLDVt-D__OAry11dHDYl2IJTNsBJs_YZRCyPLyRGlyXdWKTUNUOfwtrrmh-GhusOPykpvaRHuYEfpwAT9auF0R51si_0OFoNUAVCvTxLRJn9ppANNVjrfysoIbAO0D5hN-9b0PXKOQ2K7KqfkPqSryF9tpcobUtkU5cJ2TEC_G4L4iiwvG56uVsXFJxAysFNXYVnc3gSoHR7hv2oi4BUtweHzzGMyCvDOnpM_EjYVuoxVbZnQmy7P_JbnIYLJ3GdpngyfrjcbDZ5GLb7YiXYY-6AB4zU2g_FnVxbrps5cVUM9Z4bPo1iacblE4HqWYUJdEw89dUwynah6YTQJed8UXg99Ow_nsNGdkvc7Ct_PwvHxbNADzvSmX2kQNJL2&sai=AMfl-YTvOBpmum0QdeCbNFimOGqmXZxaFpgl0yXRy-xgNMmjbFakWwfWmJzmgT8RJvmQ4Rg71KiVknFqlAwkfuTvfJvrQSbbSmdSToJLSMW7fsvYlIfRGA176OJKPB6XHiwBDfvQA4WY39M3jWeq3k_GQ0KD7HBxniW1baBXuHqgfDYtrEb3nzYa3QGcKw_oZ6wT7APTY4GN3TojqnwO4m5A_dXbvZ5ZYjJYX4Rz328xOjyQRE5vWmVrgqVStuHy_XgF0hIcPJPjx6EqDQaJvztUSzcbsk9RrXEH&sig=Cg0ArKJSzPnUoUbJ7GHDEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Dec 2023 04:02:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 6EB9
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_EvwIQ_OjYAhjFq-X-ASABMAE&v=APEucNX0uzT5EDLXERv3KuQfIFrroqmALzgR1_Vk3pgGb74Np4UUjFaEbc-qVwvxVNjNg-1N8hp8KLqRSXFy0K9pxa3h1e3XSCGHmte5EZ_MJkG8t1DkuFo
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZX-EZaWFGjsPKn42Fi5GIwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLvQnU2sRBQ6H-FAUwOTH0&google_cver=1
43 B
733 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLvQnU2sRBQ6H-FAUwOTH0&google_cver=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCKwcf92fo2fwfWVVIdsn4C76%2BFVbb3yHZ4MLCe8AQey7BI1l7ybtUeH4QM%2BKryFEIN5LF%2FxTP9wb6UH7kF6lYC5tDLN4STEalo2HyfVwdn80ALSUYbueLU643mpW4LMAausMDKb3NgHGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8374831d1dfbf6fa-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLvQnU2sRBQ6H-FAUwOTH0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EB9
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6EB9
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTI_afxp24FP96jT87Q08sgHXhr0Ba4bWA5FXdRlzy62KURSpLQivJ7awd0WFhNwKr1P0iAZ8o8ULb_yLoQjMvkFFUaw5MOC5VHLN7IyB9zC9lP74bxQVwAe9w79_DKgqn08qTlmh33pA&sai=AMfl-YQFtaNrT_ErPs3m6hYPZjlI1GdPeC6bI3XP4GYsMsEZSdDqb6-P8gfbn0gRp_eSjwTav2eS0ReQR7mP2GMjD72tSn4MxgJk2VgcHORVxN7SrSAsGH6FQCIgQX8b&sig=Cg0ArKJSzNdJPlX70mcNEAE&cid=CAQSPAAvHhf_huRwzTp-2qLLWELKdvpqxJasa-DOg54qfsleFVUnlVC178fnqQBdRmDJhhIIXO2Bt6L60delPxgB&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D11520%26vmtime%3D30%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D633706359%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702872165781&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6EB9
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ch3KfZMR_ZfrTBOOUpt8P5deRsA31ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEsgJP0GQ-M7jkGyOGSgT_SYKQNbGmoJJmclm3X8E8p6KOZIpE3uNSuUqySrVy3_QlPT8Bv-mvNErVsm3Hb1eOy07clyiBmKrOIQWOyvSx5DV060OcE-9H30CFvI_l8YTVMfo34PhO7ZooL5JKzTGSI9RBtY3l6siKTRKFAFMvXN0xLG2gSEl9CTDqSSWj9ln4RTHVtC8KztqG_wENUu-Zsyj70DzqbrhAePfatIZ8X_RicdsNh8fmlA-N5umn5FrdEhhgzcq_ok3cwSws-LM3ZoCE9bcnYmJoLifx6v_GmM2xbMTHXeFavgWGlZ2BIwst8O-Ugn2tvPwGJij5jUMS3tJNWYRWMN0rJp3Zna_nwzMezFlXWhHPilXB2t7MukVqJv_NdHiAjfPnU-jPbkmbPMDWZ3PABMmR7s3JBOAEA4gFgaDOuU2QBgGgBnaAB-qQlb4BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYl-y-k42YgwPyCBthZHgtc3Vic3luLTk5Mzg1NjU4MjIwMzQ2ODCACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAqoNAkpQ4g0TCLyWv5ONmIMDFWOK6QUd5WsE1rATyqPIFcgT3oH34wPYEwqIFALYFAHQFQH4FgGAFwHoFwM&sigh=jJWUou9grwU&label=vast_creativeview&ad_mt=30&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D11520%26vmtime%3D30%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D633706359%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1702872165781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 6EB9
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lqae4bpu&c=2538611180369&slotId=1269305590184.5&qqid=CPqVwJONmIMDFWOK6QUd5WsE1g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2014&mt=video%2Fmp4&vs=1280x720&dm=11000&ple=0&umsem=0&event_name=first_play&asset_bytes=192016&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1co~ff.1cs~videopreviewstarted.1cu
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 3D5E
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
8291
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 01:44:34 GMT
etag
5585625838579639069
expires
Mon, 01 Jan 2024 01:44:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxXp-vHaLu3efs0WEEZwQeg0hBx5A0rwxWvnHvnTnWMoCQm35dOsQGUV5TqFyEYX9DZj19cvah_PAiQL1DljuZK9EXPcpTYvkhx5L-Tao0AXrBz3UWQa4NXtfhqv2sM6xkqi-uOwSA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXp-vHaLu3efs0WEEZwQeg0hBx5A0rwxWvnHvnTnWMoCQm35dOsQGUV5TqFyEYX9DZj19cvah_PAiQL1DljuZK9EXPcpTYvkhx5L-Tao0AXrBz3UWQa4NXtfhqv2sM6xkqi-uOwSA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GWDsJGSmGfMG96pCypH5eA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GWDsJGSmGfMG96pCypH5eA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXp-vHaLu3efs0WEEZwQeg0hBx5A0rwxWvnHvnTnWMoCQm35dOsQGUV5TqFyEYX9DZj19cvah_PAiQL1DljuZK9EXPcpTYvkhx5L-Tao0AXrBz3UWQa4NXtfhqv2sM6xkqi-uOwSA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXp-vHaLu3efs0WEEZwQeg0hBx5A0rwxWvnHvnTnWMoCQm35dOsQGUV5TqFyEYX9DZj19cvah_PAiQL1DljuZK9EXPcpTYvkhx5L-Tao0AXrBz3UWQa4NXtfhqv2sM6xkqi-uOwSA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oCxgulwAEcYs-UclytRxEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
content-security-policy
script-src 'report-sample' 'nonce-oCxgulwAEcYs-UclytRxEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVUP9i5PxWxUk28KWvISrYnq-t2Hfs8dKB2lSUWZK_Ve7GBS5eNu6zHRf_WYCWATpPaPh48JBEE8V7tDSGM257hhrEOrYNbQcrMNee7IxDqp801ezpqmZufUe5gU99A4JDi1YC88g==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVUP9i5PxWxUk28KWvISrYnq-t2Hfs8dKB2lSUWZK_Ve7GBS5eNu6zHRf_WYCWATpPaPh48JBEE8V7tDSGM257hhrEOrYNbQcrMNee7IxDqp801ezpqmZufUe5gU99A4JDi1YC88g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyODcyMTY1LDg4MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
adb5759bed7279786ad2568d227ea12f2c4bc5ec3390c49eaf5b73983f5200bf
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-88Mw0uVUQA_3XfP0q8P3-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-88Mw0uVUQA_3XfP0q8P3-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
x.html
js.ad-score.com/ Frame 1592
0
565 B
XHR
General
Full URL
https://js.ad-score.com/x.html?v=8e71a8c&pid=1000177
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?v=8e71a8c&pid=1000177
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:5a00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://js.ad-score.com/x.html?v=8e71a8c&pid=1000177
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 18:48:21 GMT
Content-Encoding
gzip
Via
1.1 d947c63dfd9d1ccbe9f338254272c65e.cloudfront.net (CloudFront)
Last-Modified
Sun, 17 Dec 2023 14:15:52 GMT
X-Amz-Cf-Pop
NRT57-P2
Age
33264
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Hit from cloudfront
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Id
C19saUhMFJiqSJgYXlh_OROYFaJdmbfqpX4EQOhGZaNlDIumo4Jzxw==
x.html
js.ad-score.com/ Frame 66E6
0
565 B
XHR
General
Full URL
https://js.ad-score.com/x.html?v=8e71a8c&pid=1000177
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?v=8e71a8c&pid=1000177
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:5a00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://js.ad-score.com/x.html?v=8e71a8c&pid=1000177
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 18:48:21 GMT
Content-Encoding
gzip
Via
1.1 d947c63dfd9d1ccbe9f338254272c65e.cloudfront.net (CloudFront)
Last-Modified
Sun, 17 Dec 2023 14:15:52 GMT
X-Amz-Cf-Pop
NRT57-P2
Age
33264
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Hit from cloudfront
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Id
jVayxLWDATYUcsWrzDKQqYZOuNotBNl8edXfv_n2DzpcgLPLopeEWg==
adagio.js
script.4dex.io/ Frame 3FB6
75 KB
24 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1570166
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8%2BWD94YtXQ6NgA6WSY8dHuRoVaOKMDdu5DVYvWjbPJYFAEXTxR3n1drg9wih3zSNtUD%2FST9SwseY6sO2Zc7OOMuJj5CriRWJpDJUbgezEGiznC0zkTuI6%2BwfLhu7qtit%2FtRVH0hB7snqB2l"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
8374831d4f9720a1-NRT
sync.min.js
tags.crwdcntrl.net/lt/c/16311/ Frame 0DE7
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by
Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ac1ba0fd033fdc1ac6df78af8d9e9fff9430881024ca2d53430467d1c256a01

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn-tc.33across.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 01:45:05 GMT
content-encoding
gzip
via
1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:51:51 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C1
age
8301
x-amz-server-side-encryption
AES256
etag
W/"b054dbc49b30695b40107158fb25e846"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
FJh5dQLuLPGp2x8EV0cjhVN_KmGdJsxJqyP3B1jdKO7Zf-OzQPZz6w==
usync.js
eus.rubiconproject.com/ Frame 16C0
45 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
21b94bd9b58330fa42dedc329873a15eed8ea727c0482531798752e30664bcbd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Dec 2023 02:06:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79432
Connection
keep-alive
Content-Length
13202
Expires
Tue, 19 Dec 2023 02:06:37 GMT
syncframe
gum.criteo.com/ Frame 04F7
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.hawtcelebs.com&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
6c2fb26a735ec81c19e5078d61251379be634e324f416ca9e679725b318ff913
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 04:02:45 GMT
server
Kestrel
server-processing-duration-in-ticks
378000
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.139.js
static.criteo.net/js/ld/
95 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Dec 2023 04:02:46 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0AE7
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=113804
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 18 Dec 2023 04:02:46 GMT
expires
Tue, 19 Dec 2023 11:39:30 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 202A
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/
4 KB
1 KB
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 17 Dec 2023 07:24:29 GMT
content-encoding
gzip
via
1.1 c6a9836e54cf7bc2bb59e3fb86f871e0.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-C1
age
74298
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
etag
W/"f16e89fd08a708a6bd2e69be50fd30ab"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-id
UiyGhr2DyCSvjDsuyjNfL3jop1cUQCD08PLeyaQBnpNOmW6QpuvhQw==
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 4894
59 KB
18 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 20:21:14 GMT
content-encoding
gzip
via
1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C1
age
27693
x-amz-server-side-encryption
AES256
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
tKk-4pjbBpPN9xsc_BVGIl2dkOGs83x5R5g0iDldQKNfE5TLtVPSvA==
v1
adxadserv.com/px/event/ Frame EDE9
0
121 B
Script
General
Full URL
https://adxadserv.com/px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D6523ec2361d6e22ad53d3fd1%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww.hawtcelebs.com%252F%2526dt%253D1702872164135%2526screen%253D1600x1200%2526tags%253D&ref=https%253A%252F%252Fwww.hawtcelebs.com%252F&d_r=1&d_s=1600x1200&d_w=300x250&t_s=1702872164734&t_i=1702872164753&u_tz=9&u_l=en-US&u_l2=&u_l3=&pv_uid=7f8f474a-e13d-4c78-9637-ce0fd2e32c17&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=4c31ba85-9d5a-11ee-8a71-f29171a0075e&spid=6523ec2361d6e22ad53d3fd1&fpid_sa=1702872164753&fpid=&feid_sa=1702872164753&sid_sa=1702872164753&feid=09564b4e71859ea18f8475f69e5ec470&sid=06208ca3311633cb9ac3b482db954cae&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=hawtcelebs.com&s_rst=1&e_d=%7B%22isResetRequired%22%3Atrue%7D&t_op=1.358
Requested by
Host: adxadserv.com
URL: https://adxadserv.com/ascripts/pxl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.98.53.29 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.adxadserv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:46 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
0
v1
lb.eu-1-id5-sync.com/lb/ Frame 3FB6
33 B
278 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
4dfcca0c86c9d87ee72765c61fc2219af9ba4660f465e5378806d47995177a8c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
fire.js
s.cpx.to/ Frame 3FB6
40 B
569 B
Fetch
General
Full URL
https://s.cpx.to/fire.js?pid=12763&ref=https%3A%2F%2Fwww.hawtcelebs.com%2F&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&hn_ver=72&fid=0f7d262b-40bd-45b0-ae9b-2b825aeb36d2&dsp=TTD&dsp_uid=45d05fd7-b774-43df-ba7c-91fe06509f64&dsp=app_nexus&dsp_uid=3456854436429190532
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12763/px.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.177.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-177-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2b25464aeb93f5063223cc3240e65a6b2fd2776cb5f39fd9de88d43647ac1aee

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:46 GMT
access-control-allow-credentials
true
p3p
CP="NOI DEV ADM"
content-length
40
vary
Origin
expires
Mon, 18 Dec 2023 04:02:46 GMT
cors
data.ad-score.com/data/
1 B
274 B
Fetch
General
Full URL
https://data.ad-score.com/data/cors?pm_st=kGbpickaiRkDrFHkEieGxMpiIzwFpBWP-FE7fPshldVPjNSMb3XnAF0rCOsk=-E03BPsVkY1viMQ==&pm_ct=28cb5d651d6d0d8960e679e3&pm_pl=1702872165212&pm_td=936&pid=1000177&en=1.1&callback=__pm_glbl_2r4LpRnqhg0ftE61tPcNmTZ1._gc2&tt=opt&v=8e71a8c
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Mon, 18 Dec 2023 04:02:46 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
sid
mug.criteo.com/ Frame 04F7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=hawtcelebs.com&sn=ChromeSyncframe&so=0&topUrl=www.hawtcelebs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=wHKlY3xOS2pUc2lDWXd1Y0xBVGJQL1AwQlJNTkd2a0hwNTlreG4yMzU2elRyWmNraUhYTDBaaldnNlc5UW9kbUp0SWFRUkRGdWJTTDN3VW16WEQzZ0ZyNlFDVDE4MzUvcElVTWNBSHVwQzlJemgxV0owOGpaMURacmRLMH...
433 B
656 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=wHKlY3xOS2pUc2lDWXd1Y0xBVGJQL1AwQlJNTkd2a0hwNTlreG4yMzU2elRyWmNraUhYTDBaaldnNlc5UW9kbUp0SWFRUkRGdWJTTDN3VW16WEQzZ0ZyNlFDVDE4MzUvcElVTWNBSHVwQzlJemgxV0owOGpaMURacmRLMHMzZkhQM2JiTDgrakpMS09Qdmtkb2xxUzBuTWN1bTNLMHNTMDRFZkdEbEY4cGhzdTh5YkhvRTNOdGpFVWVzV1NxaFVoU1lEVDRrNHRCT0NyL2VnNFVaYkwxZlV0QnI3KzB5T0EvRjk5cjZGUjRhbHJKWmNoTjBiZWlBb1dQYXR2NnFEOWhiWkdXeHZnY1ExRVZGMlh1a2xZb21ETnV3OUF6bElBeWQwd1MrSWw2UVp3UXZZVT18&cppv=2
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
17d8f1bf6fb3da8c65192bea71d4560c8f81c1f798dc7ac2d41e07abd896fd42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1279727
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=wHKlY3xOS2pUc2lDWXd1Y0xBVGJQL1AwQlJNTkd2a0hwNTlreG4yMzU2elRyWmNraUhYTDBaaldnNlc5UW9kbUp0SWFRUkRGdWJTTDN3VW16WEQzZ0ZyNlFDVDE4MzUvcElVTWNBSHVwQzlJemgxV0owOGpaMURacmRLMHMzZkhQM2JiTDgrakpMS09Qdmtkb2xxUzBuTWN1bTNLMHNTMDRFZkdEbEY4cGhzdTh5YkhvRTNOdGpFVWVzV1NxaFVoU1lEVDRrNHRCT0NyL2VnNFVaYkwxZlV0QnI3KzB5T0EvRjk5cjZGUjRhbHJKWmNoTjBiZWlBb1dQYXR2NnFEOWhiWkdXeHZnY1ExRVZGMlh1a2xZb21ETnV3OUF6bElBeWQwd1MrSWw2UVp3UXZZVT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
301485
content-length
0
expires
0
setuid
u.4dex.io/ Frame F28B
0
678 B
Document
General
Full URL
https://u.4dex.io/setuid?bidder=eplanning&uid=AIhrPcY1-OUrujN8
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 18 Dec 2023 04:02:46 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
sclk
jnxm2.com/ Frame C4CE
18 KB
18 KB
Document
General
Full URL
https://jnxm2.com/sclk?ref=https%3A%2F%2Fwww.hawtcelebs.com
Requested by
Host: servg1.net
URL: https://servg1.net/?uid=613bb0d66b6a5524b8fb18d3&oab=1&puburl=https%253A%252F%252Fwww.hawtcelebs.com%252F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.128.138.194 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-138-194.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
d6ee1a2f20825a18abe881a91211b67552bd76af3b12e35c4c84d6df310d9dee

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-origin
*
content-length
18526
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 04:02:46 GMT
etag
W/"485e-Qtq4Wcj2mHZ2XOxZO36PrqGqcig"
server
nginx
x-powered-by
Express
cors
data.ad-score.com/data/
1 B
274 B
Fetch
General
Full URL
https://data.ad-score.com/data/cors?pm_st=kGbpickaiRkDrFHkEieGxMpiIzwFpBWP-FE7fPshldVPjNSMb3XnAF0rCOsk=-E03BPsVkY1viMQ==&pm_ct=6d412816d5168761b6f4f836&pm_pl=1702872165381&pm_td=862&pid=1000177&en=1.1&callback=__pm_glbl_ArfDu7dIkIaa4gc9C8xpfmDd._gc2&tt=opt&v=8e71a8c
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Mon, 18 Dec 2023 04:02:46 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
loader.gif
resources.infolinks.com/static/skins/
962 B
1 KB
Image
General
Full URL
https://resources.infolinks.com/static/skins/loader.gif
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
via
1.1 google
cf-cache-status
HIT
age
2901
cf-polished
origSize=1631, status=webp_bigger
content-length
962
cf-bgj
imgq:85,h2pri
last-modified
Mon, 20 Mar 2023 11:38:01 GMT
server
cloudflare
etag
"65f-5f7535bfc565e"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8374831f1e8b6848-NRT
expires
Wed, 17 Jan 2024 03:14:25 GMT
loader-bg.png
resources.infolinks.com/static/skins/
902 B
1 KB
Image
General
Full URL
https://resources.infolinks.com/static/skins/loader-bg.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
via
1.1 google
cf-cache-status
HIT
age
12991
cf-polished
origFmt=png, origSize=1488
content-disposition
inline; filename="loader-bg.webp"
content-length
902
cf-bgj
imgq:85,h2pri
last-modified
Mon, 20 Mar 2023 11:38:01 GMT
server
cloudflare
etag
"5d0-5f7535bfcac4e"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8374831f1e8c6848-NRT
expires
Wed, 17 Jan 2024 00:26:15 GMT
getads.htm
rt3008.infolinks.com/action/
146 B
208 B
Script
General
Full URL
https://rt3008.infolinks.com/action/getads.htm?83=&hks=%5B%7B%22lid%22%3A%22IL_IF_LEFT%22%2C%22bdc%22%3A2%2C%22prod_t%22%3A%22f%22%2C%22garc%22%3A0%2C%22as%22%3A%22160*600%22%2C%22nom%22%3A2%2C%22sdata%22%3A%22online%20games%20for%20free%22%2C%22scs%22%3A%22c-DvdaEmc8%22%7D%5D&rid=9aeb1299-c0b7-4e83-bb13-dc0022e3ee5c&jsv=1895.006-3.034&sr=1600X1200&rts=1702872166257&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=120.0.6099.109&dv=p&ce=t&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F&tzo=%2B0900&c=c&strg=true&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=hlpaNrmfTGED-NDz_AlHWf3-o57HFVH_DR8Jc0jOQwb_cXkncnNtU0kicXir62ieP2c6Qtxsa_8ydRlx8sqVEGLtnA1NP_Jll77Ya-73QbdFMeNhAmHMwoz1-4OiNvhGIhwExbMrTpTe-WlfLJHbCO9tj5IfMn_LQ9MS2wdBy60&rsk=18&rcs=PsDnWQUop8EQLi0dR7IUmQ&cuid=7994afcd-7b70-49d4-8970-1e076a54cf0d&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9d8983f5e5d5bea1db4cb29a31866e37976c5c84afa5335f603b5c6dd8c0cc3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
jp-JP
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
8374831f1e8e6848-NRT
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
AGSKWxWrW6Rv0cNkCf7aXnQVLMfkw9AADjWMq-_1GbzkSQUgoICIYNTVBupJHGdoWWJUNC6eUsVtS7WJQt9yHgzeIpgu8HwLFoR0QH-Lyu_kiXsnuOdGiuMv5NTcx3LpqmaLjj4RdpuBWw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWrW6Rv0cNkCf7aXnQVLMfkw9AADjWMq-_1GbzkSQUgoICIYNTVBupJHGdoWWJUNC6eUsVtS7WJQt9yHgzeIpgu8HwLFoR0QH-Lyu_kiXsnuOdGiuMv5NTcx3LpqmaLjj4RdpuBWw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dAT6DWpKglLoefZZJgXt2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
content-security-policy
script-src 'report-sample' 'nonce-dAT6DWpKglLoefZZJgXt2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
dcl.htm
rt3008.infolinks.com/action/
0
120 B
Script
General
Full URL
https://rt3008.infolinks.com/action/dcl.htm?rid=9aeb1299-c0b7-4e83-bb13-dc0022e3ee5c&jsv=1895.006-3.034&capara=%7B%22failedAlgos%22%3A%22palgo%22%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
8374831f2e916848-NRT
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
dcl.htm
rt3008.infolinks.com/action/
0
60 B
Script
General
Full URL
https://rt3008.infolinks.com/action/dcl.htm?rid=9aeb1299-c0b7-4e83-bb13-dc0022e3ee5c&jsv=1895.006-3.034&capara=%7B%22failedAlgos%22%3A%22aapalgo%22%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
8374831f4ea46848-NRT
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
getads.htm
rt3008.infolinks.com/action/
0
56 B
Script
General
Full URL
https://rt3008.infolinks.com/action/getads.htm?83=&hks=%5B%5D&rid=9aeb1299-c0b7-4e83-bb13-dc0022e3ee5c&jsv=1895.006-3.034&sr=1600X1200&rts=1702872166285&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=120.0.6099.109&dv=p&ce=t&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F&tzo=%2B0900&c=c&strg=true&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=hlpaNrmfTGED-NDz_AlHWf3-o57HFVH_DR8Jc0jOQwb_cXkncnNtU0kicXir62ieP2c6Qtxsa_8ydRlx8sqVEGLtnA1NP_Jll77Ya-73QbdFMeNhAmHMwoz1-4OiNvhGIhwExbMrTpTe-WlfLJHbCO9tj5IfMn_LQ9MS2wdBy60&rsk=18&rcs=PsDnWQUop8EQLi0dR7IUmQ&cuid=7994afcd-7b70-49d4-8970-1e076a54cf0d&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/plain;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
8374831f4ea76848-NRT
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
dcl.htm
rt3008.infolinks.com/action/
0
37 B
Script
General
Full URL
https://rt3008.infolinks.com/action/dcl.htm?rid=9aeb1299-c0b7-4e83-bb13-dc0022e3ee5c&jsv=1895.006-3.034&capara=%7B%22mode%22%3A%22default%22%2C%22markers%22%3A0%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
8374831f4ea96848-NRT
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/
35 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
8ed1e322-7d3f-40d8-acaf-a5cdfd0114e9.js
static.sunmedia.tv/integrations/8ed1e322-7d3f-40d8-acaf-a5cdfd0114e9/
0
248 B
Script
General
Full URL
https://static.sunmedia.tv/integrations/8ed1e322-7d3f-40d8-acaf-a5cdfd0114e9/8ed1e322-7d3f-40d8-acaf-a5cdfd0114e9.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.89.67.82 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3166667.ip-51-89-67.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:46 GMT
TP-Cache
MISS
Server
nginx
Age
0
Content-Type
application/javascript
empty
1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
9863ec2f-8b30-404f-ab08-4ea3dc81cdf2.js
static.sunmedia.tv/integrations/9863ec2f-8b30-404f-ab08-4ea3dc81cdf2/
0
248 B
Script
General
Full URL
https://static.sunmedia.tv/integrations/9863ec2f-8b30-404f-ab08-4ea3dc81cdf2/9863ec2f-8b30-404f-ab08-4ea3dc81cdf2.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.89.67.82 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3166667.ip-51-89-67.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:46 GMT
TP-Cache
MISS
Server
nginx
Age
0
Content-Type
application/javascript
empty
1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
data
bcp.crwdcntrl.net/6/
317 B
1 KB
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a367c5599cbd361ff0e18811c470f4f12957e6b0722cc11d9faa268be825f73b

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache
x-server
10.42.22.193
access-control-allow-credentials
true
content-length
317
expires
0
map
bcp.crwdcntrl.net/6/ Frame 0DE7
235 B
613 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a4e38ff6433f915c6af2a0e9a1bca4d65a1024b775501fe5875ae25ce440bc69

Request headers

Referer
https://cdn-tc.33across.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://cdn-tc.33across.com
cache-control
no-cache
x-server
10.42.2.12
access-control-allow-credentials
true
content-length
235
expires
0
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 4894
155 B
647 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 17 Dec 2023 20:52:37 GMT
via
1.1 c6a9836e54cf7bc2bb59e3fb86f871e0.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-C1
age
25810
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
HHc39RJNcZtTQU1UYgmW3sUQNuNzieh-nQ88akNluSt_JYPxhzeShA==
PugMaster
image6.pubmatic.com/AdServer/ Frame 0AE7
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77221540&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8c571d2f63f294937e6b3897f1005dc03cbfc3fa859447a4380feb9342e57346

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cors
data.ad-score.com/data/
1 B
274 B
Fetch
General
Full URL
https://data.ad-score.com/data/cors?pm_st=kGbpickaiRkDrFHkEieGxMpiIzwFpBWP-FE7fPshldVPjNSMb3XnAF0rCOsk=-E03BPsVkY1viMQ==&pm_ct=28cb5d651d6d0d8960e679e3&pm_pl=1702872165212&pm_td=1202&pid=1000177&en=1.1&callback=__pm_glbl_2r4LpRnqhg0ftE61tPcNmTZ1._gc3&tt=opt&v=8e71a8c
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Mon, 18 Dec 2023 04:02:46 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
data
bcp.crwdcntrl.net/6/ Frame 4894
262 B
1 KB
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
92bf73969f54ddc214c635edcbecc43d71a2ce3742330bd6cc680b63c0d78546

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.42.25.21
access-control-allow-credentials
true
content-length
262
expires
0
prebid
mp.4dex.io/ Frame 3FB6
0
99 B
Fetch
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-tyo
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
837483208edc3bf9-NRT
expires
0
adreq
ads.servenobid.com/ Frame 3FB6
321 B
554 B
Fetch
General
Full URL
https://ads.servenobid.com/adreq?cb=1124
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
8c74403945c6fcf22c800cc4a03e4e750025568836bb8f5b51d292d3611dfc9a

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ Frame 3FB6
604 B
742 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.41.251 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-41-251.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
9e856cdb55d4912d6d9309912c26081cca15f1c685ba79cadb0fb3a614283b25

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
372
v1
btlr.sharethrough.com/universal/ Frame 3FB6
576 B
757 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.41.251 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-41-251.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0e46f68a54b00f6335439af56b55f837522a09ccc0d03c2aef90d399f7c1bd60

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
387
v1
btlr.sharethrough.com/universal/ Frame 3FB6
503 B
698 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.41.251 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-41-251.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
98f3375906083748b6f8eaace7f9713bdf0a9789be1379b8a3700ab880b4a81b

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
327
v1
btlr.sharethrough.com/universal/ Frame 3FB6
588 B
746 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.41.251 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-41-251.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
2d21ec205f8755c7885a41ba1004257bf8070d700534f280188fced508e7dec2

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
376
v1
btlr.sharethrough.com/universal/ Frame 3FB6
551 B
734 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.41.251 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-41-251.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
1c10a643b48bbb3b275ea80867bccc8d39f5486e82aba544a7507991d45bea63

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
364
/
b1h.zemanta.com/api/bidder/prebid/bid/ Frame 3FB6
0
124 B
Fetch
General
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Access-Control-Allow-Credentials
true
c
prebid.a-mo.net/a/ Frame 3FB6
982 B
727 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
9318dba4c68e2315fb2d2a704c8a2c69e4ed87253f7c638703a43a8e94f20617

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
13
content-length
510
hb
ssc.33across.com/api/v1/ Frame 3FB6
0
0

hb
ssc.33across.com/api/v1/ Frame 3FB6
0
0

hb
ssc.33across.com/api/v1/ Frame 3FB6
0
0

hb
ssc.33across.com/api/v1/ Frame 3FB6
0
0

hb
ssc.33across.com/api/v1/ Frame 3FB6
0
0

hb
ssc.33across.com/api/v1/ Frame 3FB6
0
0

v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 3FB6
1 KB
1 KB
Fetch
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.hawtcelebs.com%2F&PageUrl=https%3A%2F%2Fwww.hawtcelebs.com%2F&PageReferrer=https%3A%2F%2Fwww.hawtcelebs.com%2F
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
ae98901c945d6d8f70005c80fce27e4c2707dd3c401783c78ae45a22d2cd3f75
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
46
content-length
1069
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
bids
prebid-us.creativecdn.com/bidder/prebid/ Frame 3FB6
0
181 B
Fetch
General
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.169.156.30 , United States, ASN398017 (RTBHOUSE-PHX, US),
Reverse DNS
ip-216-169-156-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:46 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
moneybid.js
ads.themoneytizer.com/bidder1/ Frame 3FB6
0
423 B
Fetch
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=96761&adid=11&formatid=video&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d300::19 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

x-77-pop
tokyoJP
date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
x-age-lb
251071
x-77-cache
HIT
x-accel-date
1702621095
x-77-nzt
EwgB1GYyBwFBDAFZu6NfAfe/1AMADAHUZjgJAfeaCQAA
x-accel-expires
@1703223437
x-77-age
253529
x-cache-lb
HIT, MISS
server
CDN77-Turbo
x-77-nzt-ray
aefca1178734270866c47f65d71bbf1d
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=604800
moneybid.js
ads.themoneytizer.com/bidder1/ Frame 3FB6
339 B
658 B
Fetch
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=96761&adid=6&formatid=26328&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d300::19 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c2b6805cadd71458bbf7a43c24c2017bf10ceee556c2858c8c61c43e94d8b991

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

x-77-pop
tokyoJP
date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
x-age-lb
251071
x-77-cache
HIT
x-accel-date
1702621095
x-77-nzt
EwgB1GYyBwFBDAFZu6IwAfe/1AMADAHUZjgRAfeaCQAA
x-accel-expires
@1703223437
x-77-age
253529
x-cache-lb
HIT, MISS
server
CDN77-Turbo
x-77-nzt-ray
aefca1178734270866c47f65c8e5c11d
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=604800
moneybid.js
ads.themoneytizer.com/bidder1/ Frame 3FB6
339 B
658 B
Fetch
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=96761&adid=30&formatid=35757&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d300::19 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e51eae5200b5dfba264665a40880e4c2063984f002d00942c77b1b16a718bd3f

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

x-77-pop
tokyoJP
date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
x-age-lb
251071
x-77-cache
HIT
x-accel-date
1702621095
x-77-nzt
EwgB1GYyBwFBDAFZu6IwAfe/1AMADAHUZjicAfeaCQAA
x-accel-expires
@1703223437
x-77-age
253529
x-cache-lb
HIT, MISS
server
CDN77-Turbo
x-77-nzt-ray
aefca1178734270866c47f65ea1dc61d
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=604800
moneybid.js
ads.themoneytizer.com/bidder1/ Frame 3FB6
624 B
837 B
Fetch
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=96761&adid=1&formatid=26322&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d300::19 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
95fea5aa0bf38a791f1fc32bd53213a0b675592eba124bdcc76edff639855637

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

x-77-pop
tokyoJP
date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
x-age-lb
251071
x-77-cache
HIT
x-accel-date
1702621095
x-77-nzt
EwgB1GYyBwFBDAFZu6IwAfe/1AMADAHUZjiZAfeaCQAA
x-accel-expires
@1703223437
x-77-age
253529
x-cache-lb
HIT, MISS
server
CDN77-Turbo
x-77-nzt-ray
aefca1178734270866c47f65acd3c41d
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=604800
moneybid.js
ads.themoneytizer.com/bidder1/ Frame 3FB6
631 B
842 B
Fetch
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=96761&adid=28&formatid=30012&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d300::19 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
219c6674bbaa72932da2e07715cb8403d5fa3f6f52799ed912e1bf75e9621bc5

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

x-77-pop
tokyoJP
date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
x-age-lb
251071
x-77-cache
HIT
x-accel-date
1702621095
x-77-nzt
EwgB1GYyBwFBDAFZu6MyAfe/1AMADAHUZjgJAfeaCQAA
x-accel-expires
@1703223437
x-77-age
253529
x-cache-lb
HIT, MISS
server
CDN77-Turbo
x-77-nzt-ray
aefca1178734270866c47f657380c31d
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=604800
moneybid.js
ads.themoneytizer.com/bidder1/ Frame 3FB6
633 B
847 B
Fetch
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=96761&adid=20&formatid=26706&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d300::19 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ff3f7eec0bac04c99a2b82def43c39eb896db7a76b024140d424318c375e1611

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

x-77-pop
tokyoJP
date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
x-age-lb
249724
x-77-cache
HIT
x-accel-date
1702622442
x-77-nzt
EwgB1GYyBwFBDAFZu6IwAfd8zwMADAElE8IoAfd4EAAA
x-accel-expires
@1703223026
x-77-age
253940
x-cache-lb
HIT, MISS
server
CDN77-Turbo
x-77-nzt-ray
aefca1178734270866c47f65134ac81d
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=604800
moneybid.js
ads.themoneytizer.com/bidder1/ Frame 3FB6
626 B
838 B
Fetch
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=96761&adid=2&formatid=26300&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d300::19 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b98b7de4068ab8776612fb21c7018d3d454f68943c8b9047763499a5abe31d4d

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

x-77-pop
tokyoJP
date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
x-age-lb
251071
x-77-cache
HIT
x-accel-date
1702621095
x-77-nzt
EwgB1GYyBwFBDAFZu6NfAfe/1AMADAElE8IxAfeaCQAA
x-accel-expires
@1703223437
x-77-age
253529
x-cache-lb
HIT, MISS
server
CDN77-Turbo
x-77-nzt-ray
aefca1178734270866c47f65d04bc71d
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=604800
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3FB6
878 B
3 KB
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39528&zone_id=1124612%3B1078210%3B1078294%3B1078210%3B1078210&size_id=15%3B2%3B2%3B9%3B15&alt_size_ids=2%2C55%2C58%2C221%3B19%2C43%2C44%2C117%3B19%2C43%2C44%2C117%3B%3B&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,74908,1,,,&eid_pubcid.org=231286dc-7bbe-468b-a244-e0e553e9246d%5E1&rf=https%3A%2F%2Fwww.hawtcelebs.com&kw=96761&tg_i.domain=hawtcelebs.com&tg_i.page=https%3A%2F%2Fwww.hawtcelebs.com%2F&tg_i.name=hawtcelebs.com&tg_i.siteid=96761&tg_i.pbadslot=%2F96761%2Fhawtcelebs.com%2Fdesktop%2F26328%3B%2F96761%2Fhawtcelebs.com%2Fdesktop%2F26322%3B%2F96761%2Fhawtcelebs.com%2Fdesktop%2F30012%3B%2F96761%2Fhawtcelebs.com%2Fdesktop%2F26706%3B%2F96761%2Fhawtcelebs.com%2Fdesktop%2F26300&tk_flint=pbjs_lite_v8.24.0&l_pb_bid_id=6335920222e0ee3%3B64f945e24d0c0c6%3B652ffc85c65607f%3B66879a2ea24644f%3B67e90e8682d0f3e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F96761%2Fhawtcelebs.com%2Fdesktop%2F26328%3B%2F96761%2Fhawtcelebs.com%2Fdesktop%2F26322%3B%2F96761%2Fhawtcelebs.com%2Fdesktop%2F30012%3B%2F96761%2Fhawtcelebs.com%2Fdesktop%2F26706%3B%2F96761%2Fhawtcelebs.com%2Fdesktop%2F26300&m_ch_mobile=%3F0&slots=5&rand=0.35312764263808805
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2de157baa4cc175feab9925d76470e2b8f03d8918beed5f63f168bd3d2872073

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ Frame 3FB6
15 B
414 B
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
/
prebid.smilewanted.com/ Frame 3FB6
0
0

/
prebid.smilewanted.com/ Frame 3FB6
0
0

/
prebid.smilewanted.com/ Frame 3FB6
0
0

/
prebid.smilewanted.com/ Frame 3FB6
0
0

/
prebid.smilewanted.com/ Frame 3FB6
0
0

/
prebid.smilewanted.com/ Frame 3FB6
0
0

/
prebid.smilewanted.com/ Frame 3FB6
0
0

ROS
pbjs.e-planning.net/pbjs/1/2a156/1/www.hawtcelebs.com/ Frame 3FB6
276 B
601 B
Fetch
General
Full URL
https://pbjs.e-planning.net/pbjs/1/2a156/1/www.hawtcelebs.com/ROS?rnd=0.13900894918140727&e=video%3A300x250%2C300x50%2C355x50%2C640x480%2B26328%3A300x250%2C1x1%2C728x90%2C970x90%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26300%3A300x250%2C300x168%2B35757%3A728x90%2C320x100%2C300x100%2B26322%3A320x50%2C300x50%2C728x90%2C320x100%2C300x100%2B30012%3A320x50%2C300x50%2C728x90%2C320x100%2C300x100%2B26706%3A160x600&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=8.24.0&ncb=1&vs=FFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&gdpr=0&e_criteoId=oTmQZ191NVE0JTJGb2psODFaeENmUjdxU0UlMkJQY0dYYmtGODloUGdIalZuNklmdjZScm0lMkI2dWdxSEd5a09COURiazk5N0hwbmY5WW80WWF6c0EwU3UzZHhPYUhmUSUzRCUzRA&e_pubcid=231286dc-7bbe-468b-a244-e0e553e9246d
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.120.110.136 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
0425f61f1d0e80d96feea1dff3dfa0b335792d0ead434e762b15f5751f96926a

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

expires
Mon, 18 Dec 2023 04:02:46 GMT
date
Mon, 18 Dec 2023 04:02:46 GMT
server
openresty
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
276
x-sid
SIN-726
cdb
bidder.criteo.com/ Frame 3FB6
15 KB
7 KB
Fetch
General
Full URL
https://bidder.criteo.com/cdb?ptv=139&profileId=185&av=36&wv=8.24.0&cb=62136862329
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
2110735c6befcb8b0aa2385848b1a65bf7b1b2081c006f0bcac34e00094f0d8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
pb
ad.360yield.com/1602/ Frame 3FB6
980 B
1 KB
Fetch
General
Full URL
https://ad.360yield.com/1602/pb
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.141.75.199 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-75-199.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
21ae007a8bed180e7f8a715a35272af6fd69f36010d80fce03b85d5913a84188

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:46 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
980
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
a
a.dtssrv.com/
0
442 B
Ping
General
Full URL
https://a.dtssrv.com/a?i=6D001702872164961943D5DB294AB097&k=lotpano&v=74287c03e9fb7c33eb4b2d01e80c185ca02c6cc8189c492931ff26741f8b8615
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zoSXCv8z%2Fh1QsFXE20uGrNbuirfTcEuSYZ3uFhGlAvdYnn5rDmhb54yhcqnV%2BuW3j3TAVv0O37TOoqyaNK579NCI%2BKoZY6E4UONzuQAHwafYsGvSz3vT7nVjgGVn0h%2B5WDlI3xsBPZA9sC8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
83748320ea747368-NRT
alt-svc
h3=":443"; ma=86400
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 32C9
2 KB
1 KB
Document
General
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
5717
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 18 Dec 2023 02:27:35 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
x-amz-cf-id
J9qf-rZikaiZye6ihtwrXlYxSaHABDvlofoejjhPuQ2B-eD_QmNWZg==
x-amz-cf-pop
NRT20-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cors
data.ad-score.com/data/
1 B
274 B
Fetch
General
Full URL
https://data.ad-score.com/data/cors?pm_st=kGbpickaiRkDrFHkEieGxMpiIzwFpBWP-FE7fPshldVPjNSMb3XnAF0rCOsk=-E03BPsVkY1viMQ==&pm_ct=6d412816d5168761b6f4f836&pm_pl=1702872165381&pm_td=1163&pid=1000177&en=1.1&callback=__pm_glbl_ArfDu7dIkIaa4gc9C8xpfmDd._gc3&tt=opt&v=8e71a8c
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Mon, 18 Dec 2023 04:02:46 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame D6DA
Redirect Chain
  • https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://cr-p10.ladsp.com/cookiesender/10?cr=true&https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AXBteJPs9Q2dks8AED41uJB_M88AAAGMexcw5g
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AXBteJPs9Q2dks8AED41uJB_M88AAAGMexcw5g
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 00:25:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
date
Mon, 18 Dec 2023 04:02:46 GMT
expires
-1
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AXBteJPs9Q2dks8AED41uJB_M88AAAGMexcw5g
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma
no-cache
server
Logicad
via
1.1 1bddae9b49dd524202e512c8a57980a0.cloudfront.net (CloudFront)
x-amz-cf-id
7HCRlcW7RCuAtDNKtZPlmRqcGZD7TqfLieLK0CBY7trd7oI78uJFVw==
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
Pug
simage2.pubmatic.com/AdServer/ Frame 5A64
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a18511a8-4739-4f63-9f2a-764feaa38b34
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a18511a8-4739-4f63-9f2a-764feaa38b34
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4bc9ef92-7b2b-42dd-b9a9-137bf8a73482&user_group=1&ssp=pubmatic&bsw_param=a18511a8-4739-4f63-9f2a-764feaa38b34
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 17 Dec 2023 22:57:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 18 Dec 2023 04:02:47 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 614E
Redirect Chain
  • https://ds.uncn.jp/pm/0/sync
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_76fd0c8d-0f30-4e38-a2b3-06788d125e14
0
225 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_76fd0c8d-0f30-4e38-a2b3-06788d125e14
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 00:25:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
170
Content-Type
text/html; charset=utf-8
Date
Mon, 18 Dec 2023 04:02:46 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_76fd0c8d-0f30-4e38-a2b3-06788d125e14
Server
Apache
Pug
simage2.pubmatic.com/AdServer/ Frame 43E2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3456854436429190532&gdpr=0&gdpr_consent=
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3456854436429190532&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 00:25:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
11f2556f-b18f-4ca0-828c-b0dcd107fbf5
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 04:02:46 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3456854436429190532&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
image2.pubmatic.com/AdServer/ Frame BE43
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OLZnNG23Zmcj4jVraLN9NGu6YzMjs2BraruJ0GyU
0
74 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OLZnNG23Zmcj4jVraLN9NGu6YzMjs2BraruJ0GyU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 17 Dec 2023 22:57:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 18 Dec 2023 04:02:46 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OLZnNG23Zmcj4jVraLN9NGu6YzMjs2BraruJ0GyU
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 5299
43 B
243 B
Document
General
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 18 Dec 2023 04:02:46 GMT
Pragma
no-cache
Server
nginx
expires
-1
pxd
dps.jp.cinarra.com/ Frame 6DB1
0
38 B
Document
General
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.102.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-102-184.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
0
date
Mon, 18 Dec 2023 04:02:46 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1BAC
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 17 Dec 2023 22:56:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 04:02:46 GMT
expires
Mon, 18 Dec 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
748234
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 4938
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
237 B
Document
General
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZX-EZgAHv4QGbABd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 18 Dec 2023 04:02:46 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-nrt-rjtf7700050-NRT
x-timer
S1702872167.751644,VS0,VE163

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Mon, 18 Dec 2023 04:02:46 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZX-EZgAHv4QGbABd
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-nrt-rjtf7700050-NRT
x-timer
S1702872167.586444,VS0,VE163
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame AB48
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame 5E40
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2572d8ac3aab42c0b6b58517cc2b6113
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2572d8ac3aab42c0b6b58517cc2b6113
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 17 Dec 2023 22:58:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Mon, 18 Dec 2023 04:02:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2572d8ac3aab42c0b6b58517cc2b6113
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
cm
ipac.ctnsnet.com/int/ Frame 75B8
43 B
360 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 18 Dec 2023 04:02:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 68DC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tbl9rNCgWh58tQAahk-VRpJGyeg&gdpr=0&gdpr_consent=
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tbl9rNCgWh58tQAahk-VRpJGyeg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 04:02:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 18 Dec 2023 04:02:46 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tbl9rNCgWh58tQAahk-VRpJGyeg&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 9694
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=srNVz1scDwOPrHojZsR_ZQ
0
74 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=srNVz1scDwOPrHojZsR_ZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 17 Dec 2023 22:56:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 04:02:46 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=srNVz1scDwOPrHojZsR_ZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame E0B6
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUbed9a68fd8424706a7283bd61e9a4f84
0
74 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUbed9a68fd8424706a7283bd61e9a4f84
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 17 Dec 2023 22:56:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 04:02:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUbed9a68fd8424706a7283bd61e9a4f84
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame 9FEB
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 17 Dec 2023 23:10:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 18 Dec 2023 04:02:47 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 4145
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:98384A09DAF4490180DF4D059ABD8851&gdpr=0&gdpr_consent=
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:98384A09DAF4490180DF4D059ABD8851&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 17 Dec 2023 23:10:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 18 Dec 2023 04:02:46 GMT
expires
Sun, 17 Dec 2023 04:02:46 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:98384A09DAF4490180DF4D059ABD8851&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 997D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:y2LtAdkx1Rf4Q65&gdpr=0&gdpr_consent=
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:y2LtAdkx1Rf4Q65&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 00:25:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 18 Dec 2023 04:02:46 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:y2LtAdkx1Rf4Q65&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-083f2e64da6706325@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 2D5C
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1978557985234180976
0
74 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1978557985234180976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 17 Dec 2023 23:10:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 18 Dec 2023 04:02:46 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1978557985234180976
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
img
sync.mathtag.com/sync/ Frame 0661
0
0

setuid
u.4dex.io/ Frame 0E05
0
676 B
Document
General
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 18 Dec 2023 04:02:46 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0AE7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Fvmfd-S6RrSeyOXR5ebhDA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=113804
accept-ranges
bytes
content-length
5622
expires
Tue, 19 Dec 2023 11:39:30 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 0AE7
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D00f7adb4-7718-4b77-b3bc-531c16088d62%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3456854436429190532&pt=00f7adb4-7718-4b77-b3bc-531c16088d62%2C%2C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3456854436429190532&pt=00f7adb4-7718-4b77-b3bc-531c16088d62%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
an-x-request-uuid
56392455-824f-4419-ac9f-6be942ac0e12
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3456854436429190532&pt=00f7adb4-7718-4b77-b3bc-531c16088d62%2C%2C
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 0AE7
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.30.211
content-length
49
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 0AE7
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
119.9.108.211 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:00 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:00 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0AE7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTZGOTlGNzctRTRCQS00NkI0LTlFQzgtRTVEMUU1RTZFMTBD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
74 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 17 Dec 2023 22:58:45 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0AE7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENqNpfq7SHYMH8e6q1Oo80U&google_cver=1
0
74 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENqNpfq7SHYMH8e6q1Oo80U&google_cver=1
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 17 Dec 2023 22:57:21 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENqNpfq7SHYMH8e6q1Oo80U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 0AE7
43 B
609 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.124.209.251 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.209.124.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 17 Dec 2023 04:02:46 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0AE7
Redirect Chain
  • https://tg.socdm.com/rtb/sync?proto=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZX-EZsCo8YkAADtZq98AAAAA
0
74 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZX-EZsCo8YkAADtZq98AAAAA
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 17 Dec 2023 22:56:53 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

X-SO-Cluster-ID
0
Date
Mon, 18 Dec 2023 04:02:46 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=pubmatic","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.232","key":"ZX-EZsCo8YkAADtZq98AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad377"}
X-SO-Key
ZX-EZsCo8YkAADtZq98AAAAA
Server
nginx
X-SO-Upstream-ID
m-ad377
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZX-EZsCo8YkAADtZq98AAAAA
Cache-Control
private
X-SO-HostName
m-ad377.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
m-tgng37.dc4p.scaleout.jp
X-SO-IP
146.70.201.232
Pug
simage2.pubmatic.com/AdServer/ Frame 0AE7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=45d05fd7-b774-43df-ba7c-91fe06509f64&gdpr=0&gdpr_consent=
0
74 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=45d05fd7-b774-43df-ba7c-91fe06509f64&gdpr=0&gdpr_consent=
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 17 Dec 2023 22:57:21 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=45d05fd7-b774-43df-ba7c-91fe06509f64&gdpr=0&gdpr_consent=
date
Mon, 18 Dec 2023 04:02:46 GMT
server
Kestrel
content-length
355
16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0AE7
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:929:5a00:f441:9efb:57a2:8f1e Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 0AE7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.NgxI1tE2uXd1ZmdbVGsgDKYpKEeq1Q-~A&gdpr=0
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.NgxI1tE2uXd1ZmdbVGsgDKYpKEeq1Q-~A&gdpr=0
Protocol
H2
Server
207.65.34.74 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 23:02:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.NgxI1tE2uXd1ZmdbVGsgDKYpKEeq1Q-~A&gdpr=0
date
Mon, 18 Dec 2023 04:02:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 0AE7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2905166593232021057
0
74 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2905166593232021057
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 17 Dec 2023 22:56:53 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2905166593232021057
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 0AE7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7380707807691766283&gdpr=0&gdpr_consent=&us_privacy=
0
74 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7380707807691766283&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 17 Dec 2023 23:10:25 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7380707807691766283&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 0AE7
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1482d10a677d22a3&is_secure=true&networkId=17100&version=1&nuid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALhdgkZ7UkUQMrggKnAAAAAAA&expiration=1702958566&nuid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&...
0
74 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALhdgkZ7UkUQMrggKnAAAAAAA&expiration=1702958566&nuid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 04:02:47 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALhdgkZ7UkUQMrggKnAAAAAAA&expiration=1702958566&nuid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A8F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BsZMkZMR_ZebTNceUpt8PlvWtuAIAAAAAOAHgBAI&bg=!vb6lvvHNAAY3kmNgF5I7ADQBe5WfOHjgKSiTvEnj_KrP0RFn9pgfM93e0wgZnn_omll101glr-5zHg4iMQ1yRodWJAQ8AgAAAsNSAAAAAmgBB5kDOeRjVtDARFmLWnvLleX0C-Km595LkzkxoS-mSEGfSdWrnIFD63cr-7_9ziWGTMARdYAMDxvzhg_g21MoFUCdE2Zc5MFAlU8XfaYT4l9QriCYTuG7AlmhwpkBYYpNgEHF5DdBwML3pfApgwnDzP6Rk5YIuupcrLXyjvwl0htkwBnGqF4bn1-2Ueg979FY3FaeOttQ8fckKjZoyeSiEVUh4OqzWeWSQXfKtjGLCGgVAwHqLvKc_msZ7n-T2ov36Upg2AhV4y1Pd12PrF5ngb8-zAUJCm5VeUXV6uB7vnrU-GgRa5SwggY941HEG-h_UlnmNcNnqNcpOhxok5lfNx0YTN_bXecKKL302yimYb7_tEoS4XA3BpnoKNb3ETRN14E4Y9RLeUl6v711YsGWrlfWkgza1iwlPFUioZcrUZVXqKKCQTQBIc-Jk0OXPd-Ug47Ofnw_AtmdY0uXIbDR4Z_QAEo-QRn6o8PbYtDqMIhU-oX9zTXWFcX4CJoHOfeuS8lk6RIFAV9pN80_Q6dXaJisJjjSTP0jaJ96xwgw8OJ2k04MYC0mYkBG53VxOGwVd3Ug7L9Mll0CS8dLJhlnZtWNrPXmVdHECZY5x2vAHlSo1PkcDhOGC6EZNRaRwKJNBWivq_oTmEf36IkgEmfts48KeU41fauWPOT14efXlTunILyZpc0dWrrBhrl9ITv0SDoT_w_blR19Z1aqSp8M7aTbAN0IUOboTJsBPr95ZvCLI47At9pop9CFQgKaeWN5UePjHIBNwCc6qfu01skfu6bbvTHlaWiMQCabYoPQIQMXht3kX74r_MorCL1xTAdGVMVHK6GyTHE0dbp1USHyL7f-AwpgRXZ_I2_-ntpYNSDZX7O2HT8joOg4fQuE0zNh0mIYt0J7LDLlrv9GkB16c-lIxdrF9wVHzIyLyXNyx2qfXqFa3wVJuleJRiohJ2Z9XDzz7IfzOr8HWICXDEBHJjFu8YxJV5I1sINGUfdifAu2IvG4AWXP7mN_sla-H-0esFk0PtUMiEPks7i7rxclnIVRjBdjZj73lEjPprTimDjxe95ruqOlB1zOK0rwVeqhQ1SAF_PBBZfyYXx44g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5.gif
id5-sync.com/c/12/112/5/ Frame 3FB6
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_cons...
  • https://id5-sync.com/c/12/108/8/2.gif?puid=00f7adb4-7718-4b77-b3bc-531c16088d62&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=45d05fd7-b774-43df-ba7c-91fe06509f64&ttl=%%TTL%%
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/6/4.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/12/2/6/4.gif?puid=3456854436429190532&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F5%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/12/112/5/5.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
0
0
Image
General
Full URL
https://id5-sync.com/c/12/112/5/5.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

location
https://id5-sync.com/c/12/112/5/5.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
uip-response-status
FallbackResponse
date
Mon, 18 Dec 2023 04:02:01 GMT
frontend-id
0
content-length
0
routing-server-id
1
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312070101&jk=1279931576994282&bg=!8_Cl8L_NAAY3kmNgF5I7ADQBe5WfOMgrwWGIem7m8LynEPpV_BmkC3hsXlBZBBrsI_ecXQSYOv9vBoebf9U8yWbm2XI6AgAAA6lSAAAAAmgBB5kDAb1dNJ99wUuOrF9CJV9cR9xvknsJ_ozMq5FhIwScKAQMFLnTmElF1iV-cuD6hIjpUaEhaas8wH1NA2y_XewetpCl_8PlABEk5jwOMd3pfknX66Nc1V_qr96CP8FvcQaIFA7t01Foyk3iAJxyI_Yy9UfLDFIO6Lnvcun7atArqQ2nCYdTd9OpDDt7OgnSKnW1-wt_IA5ooHqFPR-BsCl8PMPKrGXiOId9MivBntzPBM7HZ52ubDMHc2KP1Rk4ys4MRjPrddtXNfJqZBfe-PjvNqEN14dJ-yFuoYjRC86daPswuwvHsY02HPeYmON5UUVuz_yvWZ1OZ5b3TqB1YM-wlRs2LdJgNv2bo28eSwujM5KxsM_wLkPAItOIp6KZR7jxxU6yLsTDpp5FW4ad4IAf7fBYpSZaP_J3oQYEysw2w1CZ-vCJTAVHbHl7pdl7-XnstPONbvk-FZrz4hyDii6b17a3Yo0hBiKLM_bQgJg6DKs2BbRcF7hZ4ikTSd4uhcqQ8YnZf-cmpRdKVYaMJ8Jc4F55812zYmaeo_wnGunA8e3GyNRZi7yUcukY-bl_n2PY6__qwK6K02e9ffSLBu3IZ9d7MofupZhoRGSle6U-2oldr1ohIQ1FqlecOeG0kxRYQA4k-oNhj5IdB1erfz7vRAugh7mCwgfwFO6G_xv-FLuBP16sxmC-hke42wGBnN-Y6gueZX5HNHbh-UWs34-GC1B7f3pDETcEuIZTlgK255okuLZ-a3LE1yJ8yVQstZ0jpQSYZjqxhuhFzsrSitnVj22RbutC78E2ELFL7weLM0G0KjBOmdG95H3hZW0Kl_9Q1CBGpSMHqnTdWp9-bpR0pM4p3BaXRCRkIDZqfGGf0MediXkx5pFD1MayHKHxuwWHYRqIJuvZTKCZNNGVC7OFI4NYWrxLgGs0X0bW1VkxXQ1h6ajmMedzKMpE0IikJckECjZ-z41VnI57JUTMKONEm3scTXSabfEwNtj51-dgLV2vupQGjMan24Qpv2a5NrmSy2A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame C29D
2 KB
1 KB
Document
General
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
5717
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 18 Dec 2023 02:27:35 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
x-amz-cf-id
GcmO2nSAUBd4leuECRNvmQEEDxlRR2_vcuyYl1FaeqEJ5WBfOFVouA==
x-amz-cf-pop
NRT20-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pixels
bcp.crwdcntrl.net/ Frame 046E
4 KB
4 KB
Document
General
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
25251688aa78d1df85a5b4ae14f122388536ba35f8acc23550e1af0b5303c57d

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache
content-length
3765
content-type
text/html
date
Mon, 18 Dec 2023 04:02:46 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.42.18.62
pixels
bcp.crwdcntrl.net/ Frame AF71
1 KB
1 KB
Document
General
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=153%2C122%2C8%2C145%2C2%2C92&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a9de5682f1719e0e13cc3317332a333a9fd600d22c50cc516b30f0e1c53a4f02

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache
content-length
1281
content-type
text/html
date
Mon, 18 Dec 2023 04:02:46 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.42.3.252
events
bidder.criteo.com/csm/ Frame 3FB6
0
196 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:46 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
khaos.json
token.rubiconproject.com/ Frame 16C0
7 B
777 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
Expires
0
m
cm.mgid.com/ Frame 046E
Redirect Chain
  • https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=442a1d36e311842d9a0f79f9a6e84fdd
  • https://cm.mgid.com/m?c=442a1d36e311842d9a0f79f9a6e84fdd&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
43 B
181 B
Image
General
Full URL
https://cm.mgid.com/m?c=442a1d36e311842d9a0f79f9a6e84fdd&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
83748322db68af8e-NRT
alt-svc
h3=":443"; ma=86400
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
location
https://cm.mgid.com/m?c=442a1d36e311842d9a0f79f9a6e84fdd&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
83748321da7baf8e-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
qmap
sync.crwdcntrl.net/ Frame 046E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16622%26tp%3DALDX%26tpid%3D%24{ADELPHIC...
  • https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=1289afad-d6a6-43c5-9bcf-ef2defef2b7a&gdpr=0
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=1289afad-d6a6-43c5-9bcf-ef2defef2b7a&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.13.93
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=1289afad-d6a6-43c5-9bcf-ef2defef2b7a&gdpr=0
Date
Mon, 18 Dec 2023 04:02:47 GMT
Connection
keep-alive
X-CI-RTID
03880d29-d770-404a-9dda-fe7797c43480
Content-Length
131
Content-Type
text/html; charset=utf-8
getuid
sync.smartadserver.com/ Frame 046E
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
0
75 B
Image
General
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
23.106.127.169 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
qmap
sync.crwdcntrl.net/ Frame 046E
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&gdpr=0
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.27.62
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&gdpr=0
date
Mon, 18 Dec 2023 04:02:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=45d05fd7-b774-43df-ba7c-91fe06509f64/gdpr=0/ Frame 046E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=45d05fd7-b774-43df-ba7c-91fe06509f64/gdpr=0/gdpr_consent=
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=45d05fd7-b774-43df-ba7c-91fe06509f64/gdpr=0/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.5.58
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=45d05fd7-b774-43df-ba7c-91fe06509f64/gdpr=0/gdpr_consent=
date
Mon, 18 Dec 2023 04:02:46 GMT
server
Kestrel
content-length
249
tpid=00f7adb4-7718-4b77-b3bc-531c16088d62
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 046E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=442a1d36e311842d9a0f79f9a6e84fdd&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D00f7adb4-7718-4b77-b3bc-531c16088d62%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3456854436429190532&pt=00f7adb4-7718-4b77-b3bc-531c16088d62%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%25...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=00f7adb4-7718-4b77-b3bc-531c16088d62
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=00f7adb4-7718-4b77-b3bc-531c16088d62
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.29.117
content-length
49
expires
0

Redirect headers

date
Mon, 18 Dec 2023 04:02:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=00f7adb4-7718-4b77-b3bc-531c16088d62
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync.gif
dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame 046E
0
0
Image
General
Full URL
https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.216.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

/
loadus.exelator.com/load/ Frame 046E
0
324 B
Image
General
Full URL
https://loadus.exelator.com/load/?p=204&g=260&buid=442a1d36e311842d9a0f79f9a6e84fdd&j=0&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-229-3-43.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
ibs:dpid=121998&dpuuid=442a1d36e311842d9a0f79f9a6e84fdd&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
dpm.demdex.net/ Frame 046E
42 B
717 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=442a1d36e311842d9a0f79f9a6e84fdd&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.115.66.78 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-66-78.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs
dcs-prod-tyo3-1-v051-0423ad794.edge-tyo3.demdex.com 4 ms
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
wnT5OaDqTww=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC
lotame
sync.sharethis.com/ Frame 046E
42 B
232 B
Image
General
Full URL
https://sync.sharethis.com/lotame?uid=442a1d36e311842d9a0f79f9a6e84fdd&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.53.103.154 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-53-103-154.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:47 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Content-Length
42
Content-Type
image/gif
usersync
pixel-sync.sitescout.com/connectors/clickagy/ Frame 046E
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=120&cm=442a1d36e311842d9a0f79f9a6e84fdd
  • https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=Yzo4NjU2NzVkZjhjODYxZTE0Y2VhNTI4ZDZhNTI1NmY3OA
  • https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEM9uxgwqx_fkHEddygd_Pww&google_cver=1
  • https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:865675df8c861e14cea528d6a5256f78&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D
  • https://d.agkn.com/pixel/10751/?che=1702872167324&ip=146.70.201.232&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D231793304734001942203
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=231793304734001942203
  • https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
0
187 B
Image
General
Full URL
https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

date
Mon, 18 Dec 2023 04:02:47 GMT
server
Aorta/20231215.627d1920a
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
location
https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-west-1
x-aorta-host
f072d474e23a
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
image.sbxx
global.ib-ibi.com/ Frame 046E
0
72 B
Image
General
Full URL
https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=442a1d36e311842d9a0f79f9a6e84fdd
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.0
Security
TLS 1.2, RSA, AES_256_CBC
Server
69.169.86.38 Commack, United States, ASN29838 (AMC, US),
Reverse DNS
Software
BigIP /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection
close
Content-Length
0
Server
BigIP
qmap
sync.crwdcntrl.net/ Frame 046E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232&gdpr=0&gdpr_consent=
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232&gdpr=0&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.4.74
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232&gdpr=0&gdpr_consent=
Date
Mon, 18 Dec 2023 04:02:46 GMT
Connection
keep-alive
Content-Length
168
Content-Type
text/html; charset=utf-8
match
ps.eyeota.net/ Frame 046E
Redirect Chain
  • https://ps.eyeota.net/match?bid=51mdg9u&uid=442a1d36e311842d9a0f79f9a6e84fdd&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkxGM0VjWVl3U041RXlEMW0ybXJwY05hRHphNzliU1p2RWQzU09Vb0pPN2M&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_gid=CAESEGmTsmBYHKszw0KDS_SjnkA&google_cver=1
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3D51mdg9u%26
  • https://ps.eyeota.net/match?uid=3456854436429190532&bid=2cr76e1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u&
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=3&dc_mr=5&dc_orig=51mdg9u&
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7380707807691766283&newuser=1&dc_rc=3&dc_mr=5&dc_orig=51mdg9u&
  • https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26
  • https://ps.eyeota.net/match?bid=9sn4omv&uid=y2LtAdkx1Rf4Q65&newuser=1&dc_rc=4&dc_mr=5&dc_orig=51mdg9u&
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D5%26dc_mr%3D5%26dc_orig%3D51mdg9u%26
  • https://ps.eyeota.net/match?uid=ZX-EZgAHv4QGbABd&bid=0rijhbu&dc_rc=5&dc_mr=5&dc_orig=51mdg9u&
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?uid=ZX-EZgAHv4QGbABd&bid=0rijhbu&dc_rc=5&dc_mr=5&dc_orig=51mdg9u&
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
18.177.116.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-116-10.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 18 Dec 2023 04:02:48 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

x-served-by
cache-nrt-rjtf7700050-NRT
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702872168.006181,VS0,VE0
x-cache
HIT
location
https://ps.eyeota.net/match?uid=ZX-EZgAHv4QGbABd&bid=0rijhbu&dc_rc=5&dc_mr=5&dc_orig=51mdg9u&
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
qmap
sync.crwdcntrl.net/ Frame 046E
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-2IMHhsFE2pwk0RAYaQwhicD_t.bbH_4mJ4I-~A&gdpr=0
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-2IMHhsFE2pwk0RAYaQwhicD_t.bbH_4mJ4I-~A&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.26.186
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-2IMHhsFE2pwk0RAYaQwhicD_t.bbH_4mJ4I-~A&gdpr=0
date
Mon, 18 Dec 2023 04:02:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
pixel-sync.sitescout.com/connectors/lotame/ Frame 046E
0
187 B
Image
General
Full URL
https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
token
token.rubiconproject.com/ Frame 046E
0
675 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=7&puid=442a1d36e311842d9a0f79f9a6e84fdd&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
gdpr=0&_test=ZX-EZgAHwfpQPgBU
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZX-EZgAHwfpQPgBU/ Frame 046E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZX-EZgAHwfpQPgBU
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZX-EZgAHwfpQPgBU/gdpr=0&_test=ZX-EZgAHwfpQPgBU
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZX-EZgAHwfpQPgBU/gdpr=0&_test=ZX-EZgAHwfpQPgBU
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.30.20
content-length
49
expires
0

Redirect headers

x-served-by
cache-nrt-rjtf7700050-NRT
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702872167.869992,VS0,VE0
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZX-EZgAHwfpQPgBU/gdpr=0&_test=ZX-EZgAHwfpQPgBU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 046E
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NDQyYTFkMzZlMzExODQyZDlhMGY3OWY5YTZlODRmZGQ&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5907
tags.bluekai.com/site/ Frame 046E
62 B
455 B
Image
General
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=4241b9a0723e0e2d4e4eb3c908a32acc
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.17.70 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-17-70.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 18 Dec 2023 04:02:47 GMT
content-length
62
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 046E
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=NDQyYTFkMzZlMzExODQyZDlhMGY3OWY5YTZlODRmZGQ&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7380707807691766283/ Frame 046E
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/442a1d36e311842d9a0f79f9a6e84fdd/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7380707807691766283/gdpr=0
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7380707807691766283/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.26.178
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7380707807691766283/gdpr=0
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rand=579887781
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/ Frame 046E
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=579887781
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/rand=579887781
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/rand=579887781
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.27.90
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
an-x-request-uuid
988b3bef-04f2-451c-afb3-c69a6eecea95
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/rand=579887781
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame AF71
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=442a1d36e311842d9a0f79f9a6e84fdd
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=153%2C122%2C8%2C145%2C2%2C92&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QDZ8W9GR799DVZPAK5VB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
41715
i6.liadm.com/s/ Frame AF71
Redirect Chain
  • https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=442a1d36e311842d9a0f79f9a6e84fdd
  • https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=442a1d36e311842d9a0f79f9a6e84fdd
43 B
548 B
Image
General
Full URL
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=442a1d36e311842d9a0f79f9a6e84fdd
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=153%2C122%2C8%2C145%2C2%2C92&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:7962:6079:5403:3158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:47 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=442a1d36e311842d9a0f79f9a6e84fdd
Date
Mon, 18 Dec 2023 04:02:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
g.json
aa.agkn.com/adscores/ Frame AF71
103 B
567 B
Script
General
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=153%2C122%2C8%2C145%2C2%2C92&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.253.158 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-253-158.ap-northeast-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
103
expires
0
gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=7965596858226237483/gdpr=/ Frame AF71
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1040
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1040
  • https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=7965596858226237483/gdpr=/gdpr_consent=
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=7965596858226237483/gdpr=/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=153%2C122%2C8%2C145%2C2%2C92&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.26.50
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=7965596858226237483/gdpr=/gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rand=790073868
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/ Frame AF71
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=790073868
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/rand=790073868
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/rand=790073868
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=153%2C122%2C8%2C145%2C2%2C92&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.20.67
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
an-x-request-uuid
fd8b3a5e-3701-4347-9694-280818740de5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/rand=790073868
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
identity
c.cintnetworks.com/ Frame AF71
0
305 B
Image
General
Full URL
https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:442a1d36e311842d9a0f79f9a6e84fdd
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=153%2C122%2C8%2C145%2C2%2C92&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.78.59.237 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:46 GMT
Cache-Control
max-age=60, private, must-revalidate
Access-Control-Allow-Credentials
true
Arr-Disable-Session-Affinity
true
Content-Length
0
Vary
Origin
P3P
CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
activeview
pagead2.googlesyndication.com/pcs/ Frame 96FB
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvI1UArh7-UihHOmx_hivfMHit7pX2PdxCyl2S9QpJHiUqh1sENeZXoMMtzWXZEJv3_82UPdv7IwpYiX6V0-D9_3Jv03KJ7WMoSV1QLif2Ne06yUnaffglbLidSKS8mbk3_9G3SaOV0T_c&sai=AMfl-YSDEJiqsKGSFzqkODc9PqIuNipwBMNtAOEZXTFjjxCVw93w9xTrG7ADziaSUDw3QuCMvPVJ8j3hzM42SREcgPrhy6ELsEPLf23FuAdboJxIISQOB0WSI7N0xkfYymqkv09oA9VW3_dlJuNgpk_aAQ&sig=Cg0ArKJSzHUqI51oWDksEAE&cid=CAQSTwAvHhf_iRiOLW1GIisVlHLNhZMzjrC4s_iPWwpPRd9Cso9beA7qbo95jAANc-ecRBhtPaUSNN5YmyAnax70VjCs-vPvYbwZY-NrGx0xQRMYAQ&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2130,0,0,0,0%26mtos%3D2130,2130,2130,2130,2130%26amtos%3D0,0,0,0,0%26mcvt%3D2130%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2378%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D40%26pst%3D287%26dur%3D11520%26vmtime%3D2396%26dtos%3D2130%26dtoss%3D1%26dvs%3D2130%26dfvs%3D2130%26dvpt%3D2378%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D758656306%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2130&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1702872164319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6775
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkXOm8HqU5_9TdoaijOAMQ5wwXnMov3wxw2ejC1QoNpwN92Npf7pQIxolItgV9T-lDcc9YwZSe8AJfxew9A72QBlaFXDe8usbxYKN4_EGjhYNI2WLTP5xAY3HNXQVeqCqeff7wIKyex9o&sai=AMfl-YTWAmToPWvgJQNmdNbDNoEsS8GO9T3nNg1Xp3C29ZGTNUV9HQttA0YXUfrfaoEqvS7KSWq12BScoFJ8mTgclwuOhRmrUjMJK1bEAh8VqCuV4dJnaSyIdKsCPI6yLccgjOfEu_VxYlC25PbYl-a9&sig=Cg0ArKJSzHjYaNsCc1PhEAE&cid=CAQSTgAvHhf_YJlZ-ZvCOT-PQl99i0DAxjz4JPpLzG8B4FS84QzpsCxbPC9RsS9aadoBMYvhWNSsGc28mr3th5ofAZfspFUXTVQ_catM6sexPxgB&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D0,2034,0,0,0%26mtos%3D0,2034,2034,2034,2034%26amtos%3D0,0,0,0,0%26mcvt%3D2034%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2308%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D1%26pst%3D274%26dur%3D11520%26vmtime%3D2346%26dtos%3D2034%26dtoss%3D1%26dvs%3D2034%26dfvs%3D0%26dvpt%3D2308%26is%3D33554707%26i0%3D33554450%26ic%3D257%26cs%3D33554707%26c%3D0.92%26mc%3D0.92%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D667307141%26psm%3D7%26psv%3D6%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2034&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1702872164468
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8ed1e322-7d3f-40d8-acaf-a5cdfd0114e9.js
static.sunmedia.tv/integrations/8ed1e322-7d3f-40d8-acaf-a5cdfd0114e9/
0
248 B
Script
General
Full URL
https://static.sunmedia.tv/integrations/8ed1e322-7d3f-40d8-acaf-a5cdfd0114e9/8ed1e322-7d3f-40d8-acaf-a5cdfd0114e9.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.89.67.82 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3166667.ip-51-89-67.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:46 GMT
TP-Cache
MISS
Server
nginx
Age
0
Content-Type
application/javascript
empty
1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
9863ec2f-8b30-404f-ab08-4ea3dc81cdf2.js
static.sunmedia.tv/integrations/9863ec2f-8b30-404f-ab08-4ea3dc81cdf2/
0
248 B
Script
General
Full URL
https://static.sunmedia.tv/integrations/9863ec2f-8b30-404f-ab08-4ea3dc81cdf2/9863ec2f-8b30-404f-ab08-4ea3dc81cdf2.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.89.67.82 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3166667.ip-51-89-67.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:47 GMT
TP-Cache
MISS
Server
nginx
Age
0
Content-Type
application/javascript
empty
1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
setuid
u.4dex.io/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://pr-bh.ybp.yahoo.com/sync/unruly?rndcb=5024312818
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-8zM3HhNE2oX7vi7mAt8_1wZqs3vzKDv.3Rys~A
  • https://sync.1rx.io/usersync/verizon/y-8zM3HhNE2oX7vi7mAt8_1wZqs3vzKDv.3Rys~A
  • https://sync.targeting.unrulymedia.com/csync/RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
  • https://u.4dex.io/setuid?bidder=unruly&uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
0
15 B
Image
General
Full URL
https://u.4dex.io/setuid?bidder=unruly&uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https://u.4dex.io/setuid?bidder=unruly&uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
date
Mon, 18 Dec 2023 04:02:47 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXcbc9ef06f4124a65a669479c1b0eafed004
content-type
text/html
be96b820e5daac93
ads.us.e-planning.net/uspd/1/ Frame 16BB
474 B
714 B
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.120.110.138 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
9cb0a684b9aeba9f96328c1711ac63a588fadb2477492fe69f12c2e300dc222d

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-length
474
content-type
text/html
date
Mon, 18 Dec 2023 04:02:46 GMT
expires
Mon, 18 Dec 2023 04:02:46 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-721
12.json
id5-sync.com/g/v2/ Frame 3FB6
625 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/12.json
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
654251b94ad27560891bcdd044a3b31a7bc5c57849d524d52b15303857cc723e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
token
pixel.rubiconproject.com/ Frame 3FB6
0
655 B
Image
General
Full URL
https://pixel.rubiconproject.com/token?pid=34010&customParamenters
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
s.cpx.to/ Frame 3FB6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm
  • https://s.cpx.to/sync?dsp_uid=CAESEP93Rn6rbmAwFoR6SmB-hcw&dsp=dbm&google_cver=1
0
303 B
Image
General
Full URL
https://s.cpx.to/sync?dsp_uid=CAESEP93Rn6rbmAwFoR6SmB-hcw&dsp=dbm&google_cver=1
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Server
54.217.177.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-177-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Mon, 18 Dec 2023 04:02:47 GMT
date
Mon, 18 Dec 2023 04:02:47 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.cpx.to/sync?dsp_uid=CAESEP93Rn6rbmAwFoR6SmB-hcw&dsp=dbm&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UCookieSetPug
image2.pubmatic.com/AdServer/ Frame 3FB6
0
74 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 17 Dec 2023 23:10:25 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 16BB
566 B
520 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.206.157.242 New York, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 16 Dec 2028 04:02:46 GMT
um
u-sin01.e-planning.net/ Frame 16BB
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dc21ef6a89a7fbe69%26uid%3D%24%7BUID%7D
  • https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=c21ef6a89a7fbe69&uid=a75166a0-ad35-4cf7-ac4f-5895eb6dfe39
42 B
103 B
Image
General
Full URL
https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=c21ef6a89a7fbe69&uid=a75166a0-ad35-4cf7-ac4f-5895eb6dfe39
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
64.120.110.137 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

server
openresty
date
Mon, 18 Dec 2023 04:02:46 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:46 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=c21ef6a89a7fbe69&uid=a75166a0-ad35-4cf7-ac4f-5895eb6dfe39
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
sync
x.bidswitch.net/ Frame 16BB
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 16BB
59 KB
18 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 20:21:14 GMT
content-encoding
gzip
via
1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C1
age
27694
x-amz-server-side-encryption
AES256
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
-yJhgoMY3XUzG6JywLek3RH-H_WTXKh8BXBnpR3sZamNUij7IRSzcg==
setuid
u.4dex.io/ Frame 654E
0
15 B
Document
General
Full URL
https://u.4dex.io/setuid?bidder=eplanning&uid=AIhrPcY1-OUrujN8
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 18 Dec 2023 04:02:47 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 16BB
155 B
646 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 17 Dec 2023 20:52:37 GMT
via
1.1 c6a9836e54cf7bc2bb59e3fb86f871e0.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-C1
age
25811
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
KB2c8QzLwBruc8dBYARveUjk_drzbPiVo6_bHbe7Qp6WlkqnSunamQ==
data
bcp.crwdcntrl.net/6/ Frame 16BB
263 B
1 KB
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d247c5ddebd00a562eb595921d8f388596f74a87c0a742a86a682d1627636c5f

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.42.4.248
access-control-allow-credentials
true
content-length
263
expires
0
match
events-ssc.33across.com/ Frame 16C0
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LQAE4DBJ-U-JCL5
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQAE4DBJ-U-JCL5
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQAE4DBJ-U-JCL5&ts=1702872167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQAE4DBJ-U-JCL5&ts=1702872167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:47 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
referrer-policy
unsafe-url
server
33XP020
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQAE4DBJ-U-JCL5&ts=1702872167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
dc_oe=ChMIl9izk42YgwMVz07CBR31tw4nEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCMaxmJONmIMDFfWc6QUd-J0DWQ;dc_rmcid=CAQSTwAvHhf_iRiOLW1GIisVlHLNhZMzjrC4s_iPWwpPRd9Cso9beA7qbo95jAANc-ecRBhtPaU...
ade.googlesyndication.com/ddm/activity/ Frame 96FB
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIl9izk42YgwMVz07CBR31tw4nEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCMaxmJONmIMDFfWc6QUd-J0DWQ;dc_rmcid=CAQSTwAvHhf_iRiOLW1GIisVlHLNhZMzjrC4s_iPWwpPRd9Cso9beA7qbo95jAANc-ecRBhtPaUSNN5YmyAnax70VjCs-vPvYbwZY-NrGx0xQRMYAQ;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOljF6paTjZiDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2542,0,0,0,0%26mtos%3D2542,2542,2542,2542,2542%26amtos%3D0,0,0,0,0%26mcvt%3D2542%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2790%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D287%26dur%3D11520%26vmtime%3D2808%26dtos%3D412%26dtoss%3D2%26dvs%3D412%26dfvs%3D412%26dvpt%3D412%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2542,2542,2542,2542,2542%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D758656306%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9s,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2542;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1702872164319;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 96FB
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHIWLY8R_ZYb0GfW5pt8P-LuOyAX1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEtAJP0DbzkXxr76XuaKkAMrME5jPxg7JKoE9U_BCsYiMVOCMK__Nj5NIW2ofc0_vMGYBXbSxXyKC7fM7AWow5QDLi1ckV5fTJxKVGXo_6rok0aBmQgGwCfZT15ZoTiRJzFSC2w2S_gipooA6JU6_bYL2Eoxz6Gd7Wy5iUwI0rl7_LI5AibGaDhdR8EM-GHoJissMzbJGVkkJN7pVAG64hIdPYFUvhuE9eiqQqDeA3YWnFBU9IR1cu_GUD84Aq_JDeG9XclBeM_xmG9xw7oQygWGquk_ZFjddJ-ITpjb45FaHYuJYo0odsw4tnEBkP2bnvoXJKDBgCX8eNyec7vKQ0K5RyNOw-Qo987pKScaNuMioPFjUeGKSt_pDgx_uQWL4--07-CF1_uIx3H_DguCBorQcBVR0SIcAEyZHuzckE4AQDiAWBoM65TZAGAaAGdoAH6pCVvgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOljF6paTjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAeALAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJKUOINEwjenpeTjZiDAxX1nOkFHfidA1mwE8qjyBXIE96B9-MD2BMKiBQC2BQB0BUB-BYBgBcB6BcD&sigh=1Bd1ouNDuoc&label=videoplaytime25&ad_mt=2809&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2542,0,0,0,0%26mtos%3D2542,2542,2542,2542,2542%26amtos%3D0,0,0,0,0%26mcvt%3D2542%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2790%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D287%26dur%3D11520%26vmtime%3D2808%26dtos%3D412%26dtoss%3D2%26dvs%3D412%26dfvs%3D412%26dvpt%3D412%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2542,2542,2542,2542,2542%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D758656306%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9s,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2542&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1702872164319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 16C0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFBRTREQkotVS1KQ0w1
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMGI_EgARLTFSFladWVsyzQ&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFBRTREQkotVS1KQ0w1&google_push=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFBRTREQkotVS1KQ0w1&google_push=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFBRTREQkotVS1KQ0w1&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8ee3bea2ab086361542c3b52b688813
Expires
0
pixel
cm.g.doubleclick.net/ Frame 16C0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWFjMDgxMzFmNTYzOWI3NTM0NjdmZGM5Y2Y1Yzc2N2M0NmEzNDIyOQ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWFjMDgxMzFmNTYzOWI3NTM0NjdmZGM5Y2Y1Yzc2N2M0NmEzNDIyOQ
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWFjMDgxMzFmNTYzOWI3NTM0NjdmZGM5Y2Y1Yzc2N2M0NmEzNDIyOQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8ee3bea2ab086361542c3b52b688813
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 16C0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1E72Mi_bSoKlsCmxjrnsEQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1E72Mi_bSoKlsCmxjrnsEQ
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1E72Mi_bSoKlsCmxjrnsEQ
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XNJ7MSNGMN3P8W7Q566A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1E72Mi_bSoKlsCmxjrnsEQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 16C0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=45d05fd7-b774-43df-ba7c-91fe06509f64&gdpr=0&gdpr_consent=&expires=30
42 B
907 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=45d05fd7-b774-43df-ba7c-91fe06509f64&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=45d05fd7-b774-43df-ba7c-91fe06509f64&gdpr=0&gdpr_consent=&expires=30
date
Mon, 18 Dec 2023 04:02:47 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 16C0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/QW8Ocj5IFfaBWNBRVZYJAg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-B_._2i5E2oK1Gq7wQxQmYhh0ruffbRKbeBJVbA--~A
42 B
843 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-B_._2i5E2oK1Gq7wQxQmYhh0ruffbRKbeBJVbA--~A
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8ee3bea2ab086361542c3b52b688813
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 18 Dec 2023 04:02:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-B_._2i5E2oK1Gq7wQxQmYhh0ruffbRKbeBJVbA--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 16C0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LQAE4DBJ-U-JCL5&ex=d-rubiconproject.com&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQAE4DBJ-U-JCL5&ex=d-rubiconproject.com&status=ok
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QPJWDRRC6DK8KDXBXTXD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQAE4DBJ-U-JCL5&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 16C0
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EAJWGTV3WP9VE10XC72M
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 16C0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQAE4DBJ-U-JCL5
0
144 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQAE4DBJ-U-JCL5
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:46 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B1FE47D97D31422CA91E614B649F23B9 Ref B: TYO01EDGE1711 Ref C: 2023-12-18T04:02:47Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMwNKl4Q+W+3req1nYCw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQAE4DBJ-U-JCL5
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8ee3bea2ab086361542c3b52b688813
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 16C0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEB9T-Dm8cPd_DY3LS8YlSo&google_cver=1
42 B
907 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEB9T-Dm8cPd_DY3LS8YlSo&google_cver=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8ee3bea2ab086361542c3b52b688813
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEB9T-Dm8cPd_DY3LS8YlSo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rp
match.prod.bidr.io/cookie-sync/ Frame 16C0
43 B
433 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.237.108 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-237-108.ap-northeast-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:47 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
magnite
prebid.a-mo.net/setuid/ Frame 16C0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LQAE4DBJ-U-JCL5
0
150 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQAE4DBJ-U-JCL5
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQAE4DBJ-U-JCL5
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
Expires
0
v1
match.sharethrough.com/sync/ Frame 16C0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQAE4DEK-K-50YH
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQAE4DEK-K-50YH
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
52.220.199.193 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-199-193.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:47 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQAE4DEK-K-50YH
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 16C0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQAE4DBJ-U-JCL5
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQAE4DBJ-U-JCL5
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:47 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQAE4DBJ-U-JCL5
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 16C0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQAE4DBJ-U-JCL5
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQAE4DBJ-U-JCL5
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQAE4DBJ-U-JCL5&ckls=true&ci=Q3vhs37FEP&nc=false&trid=-1031936398
43 B
1 KB
Image
General
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQAE4DBJ-U-JCL5&ckls=true&ci=Q3vhs37FEP&nc=false&trid=-1031936398
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
13.225.183.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-183-10.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
via
1.1 632eb0a30868eceed91db73a67cea410.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C4
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
lRUmDzP21jncLj-fiPpMFozGf4KXzQ1Is-uH90yimpaCe3bV7Er0eA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
via
1.1 632eb0a30868eceed91db73a67cea410.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C4
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQAE4DBJ-U-JCL5&ckls=true&ci=Q3vhs37FEP&nc=false&trid=-1031936398
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
A-CQHHPJ4R8VTMDVpobOS_lWi9MN5cLUhdO2o_Iu8MGpL7eKVKBBSg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cksync
hb.yahoo.net/ Frame 16C0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQAE4DEK-K-50YH&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQAE4DEK-K-50YH&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS0yUm1BN2hSRTJ1RXZucHJZdHEuVDJPcnJtcFBxbGZzMX5B&ovsid=LQAE4DEK-K-50YH&dpid=58160
57 B
649 B
Image
General
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0yUm1BN2hSRTJ1RXZucHJZdHEuVDJPcnJtcFBxbGZzMX5B&ovsid=LQAE4DEK-K-50YH&dpid=58160
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
H2
Server
23.220.70.96 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-220-70-96.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 18 Dec 2023 04:02:47 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Mon, 18 Dec 2023 04:02:47 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0yUm1BN2hSRTJ1RXZucHJZdHEuVDJPcnJtcFBxbGZzMX5B&ovsid=LQAE4DEK-K-50YH&dpid=58160
date
Mon, 18 Dec 2023 04:02:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tap.php
pixel.rubiconproject.com/ Frame 16C0
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1289afad-d6a6-43c5-9bcf-ef2defef2b7a&expires=30
42 B
843 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1289afad-d6a6-43c5-9bcf-ef2defef2b7a&expires=30
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3363059&wsid=0&pdom=www.hawtcelebs.com&purl=https%3A%2F%2Fwww.hawtcelebs.com%2F
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1289afad-d6a6-43c5-9bcf-ef2defef2b7a&expires=30
Date
Mon, 18 Dec 2023 04:02:47 GMT
Connection
keep-alive
X-CI-RTID
f78ac881-2f5f-4cd4-ac69-54ac0d267674
Content-Length
144
Content-Type
text/html; charset=utf-8
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 98D4
2 KB
1 KB
Document
General
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
5718
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 18 Dec 2023 02:27:35 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
x-amz-cf-id
hwfHDCNgIxp7kiDdErNuUNgqPmhbZMPJ-pn3-11uvOywcx0L76Rf3Q==
x-amz-cf-pop
NRT20-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pixels
bcp.crwdcntrl.net/ Frame 6732
887 B
1 KB
Document
General
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=135%2C61%2C14%2C103%2C125%2C2&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
3670871d82abc81777452e2aae061317365e31a3fd29671042376efde53bcc1e

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache
content-length
887
content-type
text/html
date
Mon, 18 Dec 2023 04:02:47 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.42.8.111
id5
sync.sharethis.com/ Frame 6732
Redirect Chain
  • https://id5-sync.com/s/19/9.gif?puid=442a1d36e311842d9a0f79f9a6e84fdd&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=45d05fd7-b774-43df-ba7c-91fe06509f64&ttl=%%TTL%%
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/19/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/19/2/7/3.gif?puid=3456854436429190532&gdpr=0&gdpr_consent=
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-b861SU3Ht00OttBbAOxpBbIMo22BEMnhabQaCevDEg/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F6%2F4.gif%3Fpuid%3D%24%21%7BTURN_...
  • https://id5-sync.com/c/19/224/6/4.gif?puid=7380707807691766283&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F136%2F5%2F5.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/19/136/5/5.gif?puid=ZX-EZgAHv4QGbABd&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/id5?uid=ID5-b861SU3Ht00OttBbAOxpBbIMo22BEMnhabQaCevDEg&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fid5-sync.com%2Fa%2F19%2F121%2F4%2F6%2Fgif%2F0%2F0%2F
42 B
232 B
Image
General
Full URL
https://sync.sharethis.com/id5?uid=ID5-b861SU3Ht00OttBbAOxpBbIMo22BEMnhabQaCevDEg&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fid5-sync.com%2Fa%2F19%2F121%2F4%2F6%2Fgif%2F0%2F0%2F
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=135%2C61%2C14%2C103%2C125%2C2&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
52.53.103.154 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-53-103-154.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:49 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/id5?uid=ID5-b861SU3Ht00OttBbAOxpBbIMo22BEMnhabQaCevDEg&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fid5-sync.com%2Fa%2F19%2F121%2F4%2F6%2Fgif%2F0%2F0%2F
date
Mon, 18 Dec 2023 04:02:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
utsync.ashx
ml314.com/ Frame 6732
43 B
384 B
Image
General
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=442a1d36e311842d9a0f79f9a6e84fdd&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=135%2C61%2C14%2C103%2C125%2C2&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0,Tue, 19 Dec 2023 04:02:47 GMT
382416.gif
idsync.rlcdn.com/ Frame 6732
42 B
288 B
Image
General
Full URL
https://idsync.rlcdn.com/382416.gif?partner_uid=442a1d36e311842d9a0f79f9a6e84fdd&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=135%2C61%2C14%2C103%2C125%2C2&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:47 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
7
sync.search.spotxchange.com/audience_sync/ Frame 6732
0
0

insync
thrtle.com/ Frame 6732
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10014&gdpr=0&vxii_pdid=442a1d36e311842d9a0f79f9a6e84fdd
  • https://thrtle.com/insync?gdpr=0&vxii_pdid=442a1d36e311842d9a0f79f9a6e84fdd&vxii_pid=12&vxii_pid1=10014&vxii_rcid=ec7a43bf-ae70-457c-b1e9-8d2f458c618c
43 B
294 B
Image
General
Full URL
https://thrtle.com/insync?gdpr=0&vxii_pdid=442a1d36e311842d9a0f79f9a6e84fdd&vxii_pid=12&vxii_pid1=10014&vxii_rcid=ec7a43bf-ae70-457c-b1e9-8d2f458c618c
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=135%2C61%2C14%2C103%2C125%2C2&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
54.158.15.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-15-169.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Mon, 18 Dec 2023 04:02:47 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&vxii_pdid=442a1d36e311842d9a0f79f9a6e84fdd&vxii_pid=12&vxii_pid1=10014&vxii_rcid=ec7a43bf-ae70-457c-b1e9-8d2f458c618c
date
Mon, 18 Dec 2023 04:02:47 GMT
content-type
text/html; charset=utf-8
content-length
189
p3p
CP="NOI OUR BUS UNI COM NAV"
rand=127181828
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/ Frame 6732
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=127181828
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/rand=127181828
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/rand=127181828
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=135%2C61%2C14%2C103%2C125%2C2&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.18.62
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
an-x-request-uuid
f5fc9d05-254e-41cb-b3c8-309a8cdddac9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/rand=127181828
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dc_oe=ChMIzaCxk42YgwMVflDCBR3cXQDkEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCObejpONmIMDFYeW6QUdj4IJuQ;dc_rmcid=CAQSTgAvHhf_YJlZ-ZvCOT-PQl99i0DAxjz4JPpLzG8B4FS84QzpsCxbPC9RsS9aadoBMYvhWNS...
ade.googlesyndication.com/ddm/activity/ Frame 6775
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzaCxk42YgwMVflDCBR3cXQDkEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCObejpONmIMDFYeW6QUdj4IJuQ;dc_rmcid=CAQSTgAvHhf_YJlZ-ZvCOT-PQl99i0DAxjz4JPpLzG8B4FS84QzpsCxbPC9RsS9aadoBMYvhWNSsGc28mr3th5ofAZfspFUXTVQ_catM6sexPxgB;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOliHr42TjZiDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D0,2673,0,0,0%26mtos%3D0,2673,2673,2673,2673%26amtos%3D0,0,0,0,0%26mcvt%3D2673%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2947%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D2%26pst%3D274%26dur%3D11520%26vmtime%3D2985%26dtos%3D639%26dtoss%3D2%26dvs%3D639%26dfvs%3D0%26dvpt%3D639%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D33554707%26c%3D0.92%26mc%3D0.92%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,2673,2673,2673,2673%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D667307141%26psm%3D7%26psv%3D6%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2673;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1702872164468;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6775
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CUWlnY8R_ZaahEIetpt8Pj4WmyAv1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEtAJP0J2ioVEDabUuJHHGsAskP4-nAmv5CJc_03aqVR9WU9fFoeAcTskWblJq_etiGTpJwMUftd5-wjqd4H9qkMdxTuTQPjWGfXwaXbgciYJ0k_AlvBMjAuYbW_HqA_R61uqkdOhf1tfPpSdzuctYc42i_rOqQC6GvYjPAs1Tf4fKslceldLPLqqB4ay7b0zw0FYLInGFNw0XKz22WjqVvQLG6dbSwAo4WlPCzMa-PZ8YNZGl70XPXwzRsumHV0onN_Mpz95f_xFwky_6bDn7ksxzBY-hgLUodP99r0g_JW21ko0kdXjeHLPZf6n2BixIkbr1WqT36jMULcHZZNjw6xgWWPlRBd1d3O7x5CyXchOH_TXIY-C318CgY-u2qj86JaLFk8YdsIBp0jrsBBwwMLFLKpmqn8AEyZHuzckE4AQDiAWBoM65TZAGAaAGdoAH6pCVvgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOliHr42TjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAeALAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJKUOINEwjI2Y2TjZiDAxWHlukFHY-CCbmwE8qjyBXIE96B9-MD2BMKiBQC2BQB0BUB-BYBgBcB6BcD&sigh=nSVoW9JCFIY&label=videoplaytime25&ad_mt=2986&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D0,2673,0,0,0%26mtos%3D0,2673,2673,2673,2673%26amtos%3D0,0,0,0,0%26mcvt%3D2673%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2947%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D2%26pst%3D274%26dur%3D11520%26vmtime%3D2985%26dtos%3D639%26dtoss%3D2%26dvs%3D639%26dfvs%3D0%26dvpt%3D639%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D33554707%26c%3D0.92%26mc%3D0.92%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,2673,2673,2673,2673%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D667307141%26psm%3D7%26psv%3D6%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2673&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1702872164468
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIl9izk42YgwMVz07CBR31tw4nEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCMaxmJONmIMDFfWc6QUd-J0DWQ;dc_rmcid=CAQSTwAvHhf_iRiOLW1GIisVlHLNhZMzjrC4s_iPWwpPRd9Cso9beA7qbo95jAANc-ecRBhtPaU...
ade.googlesyndication.com/ddm/activity/ Frame 96FB
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIl9izk42YgwMVz07CBR31tw4nEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCMaxmJONmIMDFfWc6QUd-J0DWQ;dc_rmcid=CAQSTwAvHhf_iRiOLW1GIisVlHLNhZMzjrC4s_iPWwpPRd9Cso9beA7qbo95jAANc-ecRBhtPaUSNN5YmyAnax70VjCs-vPvYbwZY-NrGx0xQRMYAQ;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOljF6paTjZiDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D21%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2950,0,0,0,0%26mtos%3D2950,2950,2950,2950,2950%26amtos%3D0,0,0,0,0%26mcvt%3D2950%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D3198%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D287%26dur%3D11520%26vmtime%3D3217%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D758656306%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2950;gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1702872164319;ecn1=1;etm1=0;eid1=200103;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIzaCxk42YgwMVflDCBR3cXQDkEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCObejpONmIMDFYeW6QUdj4IJuQ;dc_rmcid=CAQSTgAvHhf_YJlZ-ZvCOT-PQl99i0DAxjz4JPpLzG8B4FS84QzpsCxbPC9RsS9aadoBMYvhWNS...
ade.googlesyndication.com/ddm/activity/ Frame 6775
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzaCxk42YgwMVflDCBR3cXQDkEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCObejpONmIMDFYeW6QUdj4IJuQ;dc_rmcid=CAQSTgAvHhf_YJlZ-ZvCOT-PQl99i0DAxjz4JPpLzG8B4FS84QzpsCxbPC9RsS9aadoBMYvhWNSsGc28mr3th5ofAZfspFUXTVQ_catM6sexPxgB;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOliHr42TjZiDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D21%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D0,3088,0,0,0%26mtos%3D0,3088,3088,3088,3088%26amtos%3D0,0,0,0,0%26mcvt%3D3088%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D3362%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D2%26pst%3D274%26dur%3D11520%26vmtime%3D3401%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26cs%3D33554707%26c%3D0.92%26mc%3D0.92%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D667307141%26psm%3D15%26psv%3D14%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3088;gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1702872164468;ecn1=1;etm1=0;eid1=200103;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/usync/ Frame 7309
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 96F7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Dec 2023 04:02:47 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 18 Dec 2023 04:02:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 96F7
45 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
21b94bd9b58330fa42dedc329873a15eed8ea727c0482531798752e30664bcbd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Dec 2023 02:06:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79430
Connection
keep-alive
Content-Length
13202
Expires
Tue, 19 Dec 2023 02:06:37 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hawtcelebs.com%2F&domain=www.hawtcelebs.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 18 Dec 2023 04:02:46 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
194675
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
id.a-mx.com/sync/
0
0

sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hawtcelebs.com%2F&domain=www.hawtcelebs.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=rcTcqXxrT1hyWGQ1NnBrSWhUOUxkTk9JWEZIRWMxajdxakFVQ0RDVmxMM2xkeWZ5dUpTL0RUVmY2RDlZU3hocmpueVpLMVZCZVZreGwwSzRNSktlNGtnc1gzdlZvWFlCYTlFTnVNR2N6Q2JMRjVwaXRPdmxaSGtpOWJ0eH...
466 B
720 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=rcTcqXxrT1hyWGQ1NnBrSWhUOUxkTk9JWEZIRWMxajdxakFVQ0RDVmxMM2xkeWZ5dUpTL0RUVmY2RDlZU3hocmpueVpLMVZCZVZreGwwSzRNSktlNGtnc1gzdlZvWFlCYTlFTnVNR2N6Q2JMRjVwaXRPdmxaSGtpOWJ0eHE3eXdXc1hQd1c0ZWRnWG5oc0tQTkd3TDArbXRqa1M0a2VWZzRuWHlnTjAzUUdjcEc4SUVDd3FUSlBjOS9DMXlCb2pVb010MW5CVTE3TlFFcG9yWE82RTJodVNZWi8rMW13QmtpYmlaUm1IS0UwenpYSW5EbXRITGN6TmxzNmxUaWh5RlY1cEdoZC9ZRS9MTkIvaWQvWm5mbzkzVlZzajF6SXcvQ3JhS2t0WmwxVG9BWm1rRT18&cppv=2
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
da34738e44e21914517127fceb860b738c91f64053c4bc875f49ef870cc97213
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
682311
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://www.hawtcelebs.com
location
https://mug.criteo.com/sid?cpp=rcTcqXxrT1hyWGQ1NnBrSWhUOUxkTk9JWEZIRWMxajdxakFVQ0RDVmxMM2xkeWZ5dUpTL0RUVmY2RDlZU3hocmpueVpLMVZCZVZreGwwSzRNSktlNGtnc1gzdlZvWFlCYTlFTnVNR2N6Q2JMRjVwaXRPdmxaSGtpOWJ0eHE3eXdXc1hQd1c0ZWRnWG5oc0tQTkd3TDArbXRqa1M0a2VWZzRuWHlnTjAzUUdjcEc4SUVDd3FUSlBjOS9DMXlCb2pVb010MW5CVTE3TlFFcG9yWE82RTJodVNZWi8rMW13QmtpYmlaUm1IS0UwenpYSW5EbXRITGN6TmxzNmxUaWh5RlY1cEdoZC9ZRS9MTkIvaWQvWm5mbzkzVlZzajF6SXcvQ3JhS2t0WmwxVG9BWm1rRT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
290946
content-length
0
expires
0
prebid
id5-sync.com/api/config/
135 B
418 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
919c98e15e2d018403dcd1bd6c6501a6646518001a15f399c003711fcd808f44
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
isyn
prebid.a-mo.net/ Frame 002A
2 KB
667 B
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
5969d34ea0d3f6e0f988b867e406d73a10a96c7792e6258b98da981c3dfc0f6e

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
602
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 04:02:47 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
3
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 4FC0
2 KB
1 KB
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
age
9902
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
83748329c9450aec-NRT
content-encoding
br
content-type
text/html
date
Mon, 18 Dec 2023 04:02:47 GMT
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95PdjI1EXXusbCaEhwCJGMb5spYrdk527aoE785wfiSVauFrm5XMCYrgKfk0fhS52tvW4fwk7P%2FT%2F0VutckJhaUNl6JEQWJJM3NEKnEsMpB7P7LeeyU4JI7%2BZNbvM0PD0edvIYeNGRB7vBN8BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame 2536
6 KB
2 KB
Document
General
Full URL
https://csync.smilewanted.com/
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
83748329bc6ae05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:48 GMT
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame AE44
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
81078
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 18 Dec 2023 04:02:48 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
405, 577597
X-Served-By
cache-lga13626-LGA, cache-nrt-rjtf7700070-NRT
X-Timer
S1702872168.070946,VS0,VE0
sync
eb2.3lift.com/ Frame ABE9
1 KB
2 KB
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
43241a3520cacbbc702e51acc70f2a078512ec72e4a5b6f8cf2bbb06b11f0cdd

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1343
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 04:02:47 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pbjs
sync.quantumdex.io/usersync/ Frame F8B5
5 KB
1 KB
Document
General
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6209e843a2aa0549d02059da3c828c29a03aa00434f0800bed986bc5903b8494

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
83748329cce0f6b5-NRT
content-encoding
gzip
content-type
text/html
date
Mon, 18 Dec 2023 04:02:48 GMT
server
cloudflare
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=rcTcqXxrT1hyWGQ1NnBrSWhUOUxkTk9JWEZIRWMxajdxakFVQ0RDVmxMM2xkeWZ5dUpTL0RUVmY2RDlZU3hocmpueVpLMVZCZVZreGwwSzRNSktlNGtnc1gzdlZvWFlCYTlFTnVNR2N6Q2JMRjVwaXRPdmxaSGtpOWJ0eHE3eXdXc1hQd1c0ZWRnWG5oc0tQTkd3TDArbXRqa1M0a2VWZzRuWHlnTjAzUUdjcEc4SUVDd3FUSlBjOS9DMXlCb2pVb010MW5CVTE3TlFFcG9yWE82RTJodVNZWi8rMW13QmtpYmlaUm1IS0UwenpYSW5EbXRITGN6TmxzNmxUaWh5RlY1cEdoZC9ZRS9MTkIvaWQvWm5mbzkzVlZzajF6SXcvQ3JhS2t0WmwxVG9BWm1rRT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 18 Dec 2023 04:02:47 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
180288
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame 4FC0
35 B
413 B
Image
General
Full URL
https://sync.aralego.com/idsync?
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.98.2 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
connection
close
content-length
35
content-type
image/gif
xuid
eb2.3lift.com/ Frame ABE9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=45d05fd7-b774-43df-ba7c-91fe06509f64&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=45d05fd7-b774-43df-ba7c-91fe06509f64&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=45d05fd7-b774-43df-ba7c-91fe06509f64&dongle=0cfd&gdpr=0&gdpr_consent=
date
Mon, 18 Dec 2023 04:02:48 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame ABE9
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIzNzI5NDQzMTU4NTkwNjQ1MzY1OA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame ABE9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEfScpYiIL4_YJRB4miRBXg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEfScpYiIL4_YJRB4miRBXg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEfScpYiIL4_YJRB4miRBXg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ABE9
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIzNzI5NDQzMTU4NTkwNjQ1MzY1OA%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIzNzI5NDQzMTU4NTkwNjQ1MzY1OA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIzNzI5NDQzMTU4NTkwNjQ1MzY1OA%3D%3D
date
Mon, 18 Dec 2023 04:02:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame ABE9
0
144 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2237294431585906453658&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:47 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 5E7D0CE8681A4B09A7DFBF0948EB4F1B Ref B: TYO01EDGE1711 Ref C: 2023-12-18T04:02:48Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMwNKtzUdrXGh28Xv4sw==
xuid
eb2.3lift.com/ Frame ABE9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2237294431585906453658?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-rhG7ohtE2oTza8wV8Avbhv3fYLxleVKtKDkAqW2ZUg--~A&dongle=0883
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-rhG7ohtE2oTza8wV8Avbhv3fYLxleVKtKDkAqW2ZUg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 18 Dec 2023 04:02:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-rhG7ohtE2oTza8wV8Avbhv3fYLxleVKtKDkAqW2ZUg--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame ABE9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2237294431585906453658&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7965596858226237483&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=a18511a8-4739-4f63-9f2a-764feaa38b34&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=a18511a8-4739-4f63-9f2a-764feaa38b34&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=a18511a8-4739-4f63-9f2a-764feaa38b34&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 18 Dec 2023 04:02:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame ABE9
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=44c1b75a-56b1-4558-b9e2-c596f366b997&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=44c1b75a-56b1-4558-b9e2-c596f366b997&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:47 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=44c1b75a-56b1-4558-b9e2-c596f366b997&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1305164
content-length
0
expires
Mon, 18 Dec 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame ABE9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3456854436429190532&dongle=4d58&gdpr=0&gdpr_consent=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=3456854436429190532&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
an-x-request-uuid
3597b926-0919-4c4f-8aa7-9804b54fc510
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=3456854436429190532&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame ABE9
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=2237294431585906453658
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
an-x-request-uuid
7db03c06-89ee-459d-b14a-97fc0302e663
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cframe.js
assets.a-mo.net/js/ Frame 002A
13 KB
6 KB
Script
General
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
via
1.1 afb297fdc21cc738a9f3330dec8548d4.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
NRT12-C5
age
136
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"e3fef3a35c249816d0d7aa58df5e6bf4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
8374832a5efa6845-NRT
x-amz-cf-id
yVTgPXCOjN6hJqgH6eSsac1EKJPfyukDMA-3xZdJKCxYcsANvWqACA==
expires
Mon, 18 Dec 2023 05:02:48 GMT
async_usersync
ib.adnxs.com/ Frame AE44
0
596 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
an-x-request-uuid
40a9f48d-7c2a-4fc6-bc74-28eaf4ff48ec
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3FB6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZDlJIADj7gQPrgMfOQtPcsw5f9_amDW77jI1UrIMWUiFLTfWPN-eVQDIUwOtCGlYeB4U6jbMlRVz184EYWmxuiiSu98unzEJM8ySwFdDsy6O0PXbVyy-0zRjXIUV3ITL63mx6yBUbHsHsLt9RhEVEbghWbi534BhlhyUtt4NBUeSkXWKGG81e2Ym81TuVkotAKTLrFN2jYn8rxT-quW2346Vqrh1tgzRecE_RiZLBTZxFooo9yl4n5jgl5zLPrTx4SyKxWyYFNGP1P4IzJo5ifIFk8uldMoG5rQo0BiB546vWYV9kcTUlutL3PCh-s0HH-kn0hr1-yfwo4Vg2Xer6f6oVyj7PEVzQ5S7OovGLsmgE48PWR4DSkgVlckihCA&sai=AMfl-YTG8fgoUO2QfvGc83e7HRE2GfsfFEinfkv02kyYRiZp2EOP5HoZ7mX2L-IVK9rkVax0w_l8gh6f1gmU25jiqgpwVebEew1zayb3v6jNzEq_LjJYWrWjHisRMIztmKU&sig=Cg0ArKJSzCekkmx8NbkMEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 18 Dec 2023 04:02:48 GMT
setuid
sync.quantumdex.io/ Frame F8B5
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=6ac368a7-0a41-45c6-a666-84d78d8f6519
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=6ac368a7-0a41-45c6-a666-84d78d8f6519
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8374832b8e78f6b5-NRT
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=6ac368a7-0a41-45c6-a666-84d78d8f6519
date
Mon, 18 Dec 2023 04:02:48 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame F8B5
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-e781848b-10d2-3c7f-ba2b-4d98c447d3ac
43 B
94 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-e781848b-10d2-3c7f-ba2b-4d98c447d3ac
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8374832bfee4f6b5-NRT
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-e781848b-10d2-3c7f-ba2b-4d98c447d3ac
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
cache-control
no-store
content-length
0
expires
0
setuid
sync.quantumdex.io/ Frame F8B5
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=-1621377042681400765
  • https://sync.quantumdex.io/setuid?bidder=between&uid=5a45b45b-3759-5460-9a2f-075cff50c334
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=5a45b45b-3759-5460-9a2f-075cff50c334
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8374832d5825f6b5-NRT
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=5a45b45b-3759-5460-9a2f-075cff50c334
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame F8B5
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-b861SU3Ht00OttBbAOxpBbIMo22BEMnhabQaCevDEg
43 B
94 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-b861SU3Ht00OttBbAOxpBbIMo22BEMnhabQaCevDEg
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8374832cefc5f6b5-NRT
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-b861SU3Ht00OttBbAOxpBbIMo22BEMnhabQaCevDEg
date
Mon, 18 Dec 2023 04:02:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame F8B5
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=H1vSCLZH1GFpiRLqQlWJzlOb
43 B
94 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=H1vSCLZH1GFpiRLqQlWJzlOb
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8374832bceb8f6b5-NRT
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 18 Dec 2023 04:02:48 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=H1vSCLZH1GFpiRLqQlWJzlOb
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame F8B5
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=84e8bd6444
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=84e8bd6444
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8374832b5e4bf6b5-NRT
content-length
43
content-type
image/gif

Redirect headers

date
Mon, 18 Dec 2023 04:02:00 GMT
via
1.1 d51ceda436f155dcdc6b24ba6dcf73cc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT57-C4
age
48
x-cache
Hit from cloudfront
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=84e8bd6444
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
l9A0x5dFNKfF71yurx7dKEqe8uJZu2Vu8PRqMOr0JAakMRv3ItSVkQ==
setuid
sync.quantumdex.io/ Frame F8B5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3456854436429190532
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3456854436429190532
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8374832b9e79f6b5-NRT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
an-x-request-uuid
31ebb995-42a5-4bcf-ac73-d032b99d061f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3456854436429190532
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame CD3B
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
554ee102ac0cbc21d46280e3942ffa21801521807fcf72b9b396c5208abf4906

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8374832b1b29f6fa-NRT
content-encoding
br
content-type
text/html
date
Mon, 18 Dec 2023 04:02:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQNJivLlDJ1u%2FE5D8QkcDfe%2B2CO6ND%2BaLCkqNiZyeGVMGPHlx3X2YCDTm4d6kdjJqyzXCM6TJP4tjiO6Lzlk1zRMbmIIjrc%2B%2BbxAPPOa9vEZE7h34ibYffBdrFbg0jErzLSsja3SBCjFrg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame BD60
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
43 B
94 B
Document
General
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8374832b7e61f6b5-NRT
content-length
43
content-type
image/gif
date
Mon, 18 Dec 2023 04:02:48 GMT
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 18 Dec 2023 04:02:48 GMT
etag
OPTOUT
expires
0
location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
pragma
no-cache
user-sync
sync.adkernel.com/ Frame EB30
439 B
883 B
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.130.169.24 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e60890b3a603becea835b71025235429e9bedd1c5696e55941a4c7b32731f0bc

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
439
Content-Type
text/html; charset=utf-8
Date
Mon, 18 Dec 2023 04:02:48 GMT
Server
nginx
user-sync
sync.adkernel.com/ Frame 6C46
342 B
643 B
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.130.169.24 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ed59fe5e2bc627f9446d7d9815e97ab3ddd56e0eb3bec5abc09b6ec40e412b88

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
342
Content-Type
text/html; charset=utf-8
Date
Mon, 18 Dec 2023 04:02:48 GMT
Server
nginx
user-sync
sync.adkernel.com/ Frame 172F
342 B
643 B
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.130.169.24 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ed59fe5e2bc627f9446d7d9815e97ab3ddd56e0eb3bec5abc09b6ec40e412b88

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
342
Content-Type
text/html; charset=utf-8
Date
Mon, 18 Dec 2023 04:02:48 GMT
Server
nginx
user-sync
sync.adkernel.com/ Frame A1C4
706 B
1 KB
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.130.169.24 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
3cef1f45ec8b4e8d12863079a7d6f6553222886136c6a7fbe97faf24bd2b61f8

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
706
Content-Type
text/html; charset=utf-8
Date
Mon, 18 Dec 2023 04:02:48 GMT
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame FDDE
151 B
603 B
Document
General
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.214.250.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-236.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
3b52e599a07065ef3bab6554d37ff5889775a6c0d5cd31bec2af6fba0e9f3e27

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://sync.quantumdex.io/
content-length
151
content-type
text/html
date
Mon, 18 Dec 2023 04:02:48 GMT
server
istio-envoy
x-envoy-upstream-service-time
3
/
onetag-sys.com/usync/ Frame 66D3
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 856A
1 KB
2 KB
Document
General
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
649573deaa079e8166f15bd6b75c0896c253506cf25a9b45cd1399d61200af16

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1079
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 04:02:48 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D5C7
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=113802
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 18 Dec 2023 04:02:48 GMT
expires
Tue, 19 Dec 2023 11:39:30 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/
33 B
277 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
8754626f00d422663412eee1b5eacb81bd008682929d0e60fb524568ff611016
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CD3B
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:929:5a00:f441:9efb:57a2:8f1e Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame CD3B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3456854436429190532
43 B
734 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3456854436429190532
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6VeFj96%2FqKEKjuJuErXx5o3%2BAbz5caVVIKPTCCsZEWPJT2T2JufIA6yH%2F42jdlQcKoWAz36fEVb9vfVC8qw98QH843oxMMqU3P3eDuiyo6Z2gWWHG7E0jr2GqRCGSUdDg5YPNGriZUmaw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8374832bcbc5f6fa-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
an-x-request-uuid
7bcc6e3b-d990-48cc-b3fb-b2e95de925de
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3456854436429190532
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CD3B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
2406:da18:929:5a00:f441:9efb:57a2:8f1e Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB
date
Mon, 18 Dec 2023 04:02:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ie
match.prod.bidr.io/cookie-sync/ Frame CD3B
43 B
433 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.237.108 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-237-108.ap-northeast-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:48 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame CD3B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=hzidrib9tQE7W3yXPLN4
43 B
730 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=hzidrib9tQE7W3yXPLN4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxc2dxQN84MmQ81ssMZbtTY2wF04rszDZsFv0BUcia%2F7RSgYvwZ0JLxR05ISSlhH7oro0PyPAN8PeNKV%2FyvolNWlvt2pLYry8cNMWjtESAUn1Zsmtw6cXcea20SN4GfSxgeUNg6cKDIuUA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8374832cdca8f6fa-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:48 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=hzidrib9tQE7W3yXPLN4
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame CD3B
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=6edb453fa93a7dd28144c35b8353bad&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umw9bb2_7313789620212811627&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=45d05fd7-b774-43df-ba7c-91fe06509f64&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/6edb453fa93a7dd28144c35b8353bad?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-4Ghi9edE2oN8D.GfhPTzqdHHsaAjpEIeNFLnwMUe~A
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AAEHdE7K_4kAABSTifkKEw&dataProviderId=817&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NmVkYjQ1M2ZhOTNhN2RkMjgxNDRjMzViODM1M2JhZA==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMck04K3ZF1XCSYk0TN1x28&google_cver=1&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=3456854436429190532&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=y2LtAdkx1Rf4Q65&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=7898829&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gd...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=1289afad-d6a6-43c5-9bcf-ef2defef2b7a
  • https://jelly.mdhv.io/v4/pixie?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=513&userId=bd335a7c-dc62-4bbb-be35-86a65c6f184e
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=${TM_USER_ID}&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=ZX-EZgAHv4QGbABd&gdpr=0&gdpr_consent=
0
0

dcm
s.amazon-adsystem.com/ Frame CD3B
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A5JQWMNF06JNK2VKDEMG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame CD3B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7965596858226237483&expiration=1704081768
43 B
735 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7965596858226237483&expiration=1704081768
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYuT5xdIb4Q2j9TvoEWYqaC4FSag1m5b8HA9Qjhcvbrz%2FbNloyImOokgxH%2FFQPUwQEnl4%2BG5MGxiNj8j0n0%2Fd5e42AdqakEYIw9yfa2GEPpc6tuXN5dqKV1incOyg%2B6inlux2j00SaUePw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8374832bcbc7f6fa-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7965596858226237483&expiration=1704081768
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
setuid
sync.quantumdex.io/ Frame CD3B
43 B
105 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8374832b6e5af6b5-NRT
content-length
43
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 6EB9
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTI_afxp24FP96jT87Q08sgHXhr0Ba4bWA5FXdRlzy62KURSpLQivJ7awd0WFhNwKr1P0iAZ8o8ULb_yLoQjMvkFFUaw5MOC5VHLN7IyB9zC9lP74bxQVwAe9w79_DKgqn08qTlmh33pA&sai=AMfl-YQFtaNrT_ErPs3m6hYPZjlI1GdPeC6bI3XP4GYsMsEZSdDqb6-P8gfbn0gRp_eSjwTav2eS0ReQR7mP2GMjD72tSn4MxgJk2VgcHORVxN7SrSAsGH6FQCIgQX8b&sig=Cg0ArKJSzNdJPlX70mcNEAE&cid=CAQSPAAvHhf_huRwzTp-2qLLWELKdvpqxJasa-DOg54qfsleFVUnlVC178fnqQBdRmDJhhIIXO2Bt6L60delPxgB&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D2185,0,0,0,0%26mtos%3D2185,2185,2185,2185,2185%26amtos%3D0,0,0,0,0%26mcvt%3D2185%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2437%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D2%26pst%3D252%26dur%3D11520%26vmtime%3D2469%26dtos%3D2185%26dtoss%3D1%26dvs%3D2185%26dfvs%3D2185%26dvpt%3D2437%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D633706359%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2185&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1702872165781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 856A
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2237294431585906453658
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
an-x-request-uuid
36d8b1f9-35cb-4f0e-8ba2-93b4f6352a53
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 856A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232&dongle=4430
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232&dongle=4430
Date
Mon, 18 Dec 2023 04:02:48 GMT
Connection
keep-alive
Content-Length
140
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 856A
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=1289afad-d6a6-43c5-9bcf-ef2defef2b7a&dongle=d54f&gdpr=0&gdpr_consent=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=1289afad-d6a6-43c5-9bcf-ef2defef2b7a&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=1289afad-d6a6-43c5-9bcf-ef2defef2b7a&dongle=d54f&gdpr=0&gdpr_consent=
Date
Mon, 18 Dec 2023 04:02:48 GMT
Connection
keep-alive
X-CI-RTID
ed1eadd1-62f6-4b44-a351-ab31fdd4f4d3
Content-Length
149
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame 856A
43 B
168 B
Image
General
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.240.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-240-211.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:48 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame 856A
43 B
168 B
Image
General
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.240.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-240-211.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:48 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 856A
42 B
687 B
Image
General
Full URL
https://c.bing.com/c.gif?xid=2237294431585906453658&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
last-modified
Tue, 12 Dec 2023 19:03:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 309BE2839F6F489AB778FCC2877D3199 Ref B: TYAEDGE0709 Ref C: 2023-12-18T04:02:48Z
etag
"e8d91e42d2dda1:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 856A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAEHdE7K_4kAABSTifkKEw&dongle=bzwx&gdpr=0
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AAEHdE7K_4kAABSTifkKEw&dongle=bzwx&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AAEHdE7K_4kAABSTifkKEw&dongle=bzwx&gdpr=0
Date
Mon, 18 Dec 2023 04:02:48 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 856A
Redirect Chain
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=4bb72650258d1fc0&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAALhdgkZ7Uk7gN78nNOAAAAAAA&expiration=1702958568&is_secure=true&gdpr_consent=&gdpr=0
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAALhdgkZ7Uk7gN78nNOAAAAAAA&expiration=1702958568&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAALhdgkZ7Uk7gN78nNOAAAAAAA&expiration=1702958568&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 856A
0
187 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 856A
0
0
Image
General
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2237294431585906453658
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

idl.js
assets.a-mo.net/js/ Frame 002A
3 KB
2 KB
Script
General
Full URL
https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=www.hawtcelebs.com&e=27&uid=1f38f475-74a1-4382-b911-c4fb51df07fb
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
via
1.1 834e9cf6bb1bfd10d465a5562d06d926.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
NRT12-C2
age
594
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 02 Nov 2023 21:08:31 GMT
server
cloudflare
etag
W/"771a6a92588a8fb45e42a04fa3fe9ddd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
8374832c287b6845-NRT
x-amz-cf-id
pwSXuz6pb87SYFus13yXwVIOeshcXP84XyZxC5m8Rq_kBSrzLZ8qwg==
expires
Mon, 18 Dec 2023 05:02:48 GMT
setuid
prebid.a-mo.net/ Frame 002A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=1f38f475-74a1-4382-b911-c4fb51df07fb&gdpr=0&us_privacy=1---
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=0&gdpr_consent=&us_privacy=1---
0
136 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=0&gdpr_consent=&us_privacy=1---
Date
Mon, 18 Dec 2023 04:02:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
yahoo
prebid.a-mo.net/setuid/ Frame 002A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=1f38f475-74a1-4382-b911-c4fb51df07fb
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-3kMXH6tE2uFQJwlaEomAZmA40ujPgZp.Ci3pHIw-~A
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-3kMXH6tE2uFQJwlaEomAZmA40ujPgZp.Ci3pHIw-~A
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-3kMXH6tE2uFQJwlaEomAZmA40ujPgZp.Ci3pHIw-~A
date
Mon, 18 Dec 2023 04:02:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
u
id.a-mx.com/ Frame 002A
0
0

setuid
prebid.a-mo.net/ Frame 002A
Redirect Chain
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=openx&uid=a75166a0-ad35-4cf7-ac4f-5895eb6dfe39
0
113 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=openx&uid=a75166a0-ad35-4cf7-ac4f-5895eb6dfe39
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=openx&uid=a75166a0-ad35-4cf7-ac4f-5895eb6dfe39
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154
setuid
prebid.a-mo.net/ Frame 002A
Redirect Chain
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Dadform%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=adform&uid=7965596858226237483
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=adform&uid=7965596858226237483
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=adform&uid=7965596858226237483
date
Mon, 18 Dec 2023 04:02:49 GMT
server
nginx
content-length
0
content-type
text/plain
setuid
prebid.a-mo.net/ Frame 002A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-m...
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Dpubmatic%26uid%3D16F99F77-E4BA-46B4-9...
  • https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=pubmatic&uid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=pubmatic&uid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=pubmatic&uid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
date
Sun, 17 Dec 2023 22:33:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/ Frame 002A
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=index_rtb&uid=ZX-EZaWFGjsPKn42Fi5GIwAA%265489
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=index_rtb&uid=ZX-EZaWFGjsPKn42Fi5GIwAA%265489
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acmzYmXvbY25TVB7bMktjwPfFa6rY1eu7D2OQwFH%2B0tAmPS3Avn2E208z%2B5HVgDm3gR0TJGYzXDNpUrsnSJkfHa6eFmKy1oPMMkiTPE2HUzMuRuaV6j3hullla%2Fg63cj0lGZpmP1"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=index_rtb&uid=ZX-EZaWFGjsPKn42Fi5GIwAA%265489
cache-control
no-cache
cf-ray
8374832c3978261b-NRT
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
setuid
prebid.a-mo.net/ Frame 002A
Redirect Chain
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=sovrn&uid=H1vSCLZH1GFpiRLqQlWJzlOb
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=sovrn&uid=H1vSCLZH1GFpiRLqQlWJzlOb
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Mon, 18 Dec 2023 04:02:48 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=sovrn&uid=H1vSCLZH1GFpiRLqQlWJzlOb
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/ Frame 002A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=appnexus&uid=3456854436429190532
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=appnexus&uid=3456854436429190532
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
an-x-request-uuid
6b8f8d4d-7ae1-49ad-8ab2-108089e5153a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid.a-mo.net/setuid?A=1f38f475-74a1-4382-b911-c4fb51df07fb&bidder=appnexus&uid=3456854436429190532
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame 002A
0
248 B
Image
General
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=1f38f475-74a1-4382-b911-c4fb51df07fb&do=www.hawtcelebs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
content-length
0
content-type
text/html
setuid
prebid-server.rubiconproject.com/ Frame 002A
0
556 B
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=1f38f475-74a1-4382-b911-c4fb51df07fb&do=www.hawtcelebs.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
setuid
ib.adnxs.com/prebid/ Frame 002A
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=1f38f475-74a1-4382-b911-c4fb51df07fb&do=www.hawtcelebs.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
an-x-request-uuid
25d1d342-0fa6-49fb-9242-92b9458af9b7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 2536
48 KB
12 KB
Script
General
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
2053508
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8374832c3f1ee05a-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
11457132-38dd-4bd7-ad23-3ded55948dff
https://prebid.a-mo.net/ Frame 002A
179 B
0
Other
General
Full URL
blob:https://prebid.a-mo.net/11457132-38dd-4bd7-ad23-3ded55948dff
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ebd92b08caeeaf05c413f75f8d3aa48ff63abc99a80265cd11caf5ec618e596

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
179
Content-Type
drop_cookie_sw.php
csync.smilewanted.com/ Frame EE0F
0
329 B
Document
General
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8374832c5f34e05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:48 GMT
server
cloudflare
vary
Accept-Encoding
3831266057273496277
csync.smilewanted.com/set_partner_userid_get/smart/ Frame C10C
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://csync.smilewanted.com/set_partner_userid_get/smart/3831266057273496277
0
80 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/3831266057273496277
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8374832ccfbce05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:48 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Mon, 18 Dec 2023 04:02:48 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/3831266057273496277
fed
ups.analytics.yahoo.com/ups/58771/ Frame 002A
2 B
94 B
XHR
General
Full URL
https://ups.analytics.yahoo.com/ups/58771/fed?1p=0&gdpr=0&gdpr_consent=&us_privacy=&pixelId=58771&puid=1f38f475-74a1-4382-b911-c4fb51df07fb
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=www.hawtcelebs.com&e=27&uid=1f38f475-74a1-4382-b911-c4fb51df07fb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.228.126.19 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://prebid.a-mo.net/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://prebid.a-mo.net
content-type
application/json
access-control-allow-credentials
true
user-sync
sync.adkernel.com/ Frame EB30
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=xapads&user_id=A1171917415455838230
  • https://sync.adkernel.com/user-sync?dsp=3&t=image&uid=a18511a8-4739-4f63-9f2a-764feaa38b34
42 B
327 B
Image
General
Full URL
https://sync.adkernel.com/user-sync?dsp=3&t=image&uid=a18511a8-4739-4f63-9f2a-764feaa38b34
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Protocol
HTTP/1.1
Server
216.130.169.24 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:48 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif

Redirect headers

Location
//sync.adkernel.com/user-sync?dsp=3&t=image&uid=a18511a8-4739-4f63-9f2a-764feaa38b34
Date
Mon, 18 Dec 2023 04:02:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
user-sync
sync.adkernel.com/ Frame A1C4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=xapads&user_id=A1171917415455838230
  • https://sync.adkernel.com/user-sync?dsp=3&t=image&uid=a18511a8-4739-4f63-9f2a-764feaa38b34
42 B
327 B
Image
General
Full URL
https://sync.adkernel.com/user-sync?dsp=3&t=image&uid=a18511a8-4739-4f63-9f2a-764feaa38b34
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Protocol
HTTP/1.1
Server
216.130.169.24 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:48 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif

Redirect headers

Location
//sync.adkernel.com/user-sync?dsp=3&t=image&uid=a18511a8-4739-4f63-9f2a-764feaa38b34
Date
Mon, 18 Dec 2023 04:02:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
3456854436429190532
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame B0DB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/3456854436429190532
0
80 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/3456854436429190532
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8374832d7873e05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:48 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
2303da97-75d5-4816-8527-af5100eabcf4
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 04:02:48 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/3456854436429190532
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame 96F7
7 B
777 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQAE4DBJ-U-JCL5
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e8ee3bea2ab086361542c3b52b688813
Expires
0
LQAE4DBJ-U-JCL5
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame A056
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LQAE4DBJ-U-JCL5?gdpr=0
0
372 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LQAE4DBJ-U-JCL5?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8374832dd8e1e05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:48 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LQAE4DBJ-U-JCL5?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9641
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162882&userIdMacro=PM_UID&predirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D149271%26dsp%3D614719%26t%3Diframe%26uid%3DPM_UID
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=113802
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 18 Dec 2023 04:02:48 GMT
expires
Tue, 19 Dec 2023 11:39:30 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame 6C46
43 B
95 B
Document
General
Full URL
https://sync.quantumdex.io/setuid?bidder=xapads-mw&uid=A1171917415455838230
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8374832d5824f6b5-NRT
content-length
43
content-type
image/gif
date
Mon, 18 Dec 2023 04:02:48 GMT
server
cloudflare
setuid
sync.quantumdex.io/ Frame 172F
43 B
95 B
Document
General
Full URL
https://sync.quantumdex.io/setuid?bidder=xapads-mw&uid=A1171917415455838230
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8374832d5827f6b5-NRT
content-length
43
content-type
image/gif
date
Mon, 18 Dec 2023 04:02:48 GMT
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B672
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=113802
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 18 Dec 2023 04:02:48 GMT
expires
Tue, 19 Dec 2023 11:39:30 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
696.json
id5-sync.com/g/v2/
625 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/696.json
Requested by
Host: s3.vlitag.com
URL: https://s3.vlitag.com/vli-assets/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
bf55c907757df4edbe32c2a4bdc51d2177bdc436ea42100773cfdeacbdae3d07
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
dc_oe=ChMI5pXxk42YgwMVR4rpBR2WegsnEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCPqVwJONmIMDFWOK6QUd5WsE1g;dc_rmcid=CAQSPAAvHhf_huRwzTp-2qLLWELKdvpqxJasa-DOg54qfsleFVUnlVC178fnqQBdRmDJhhIIXO2...
ade.googlesyndication.com/ddm/activity/ Frame 6EB9
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5pXxk42YgwMVR4rpBR2WegsnEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCPqVwJONmIMDFWOK6QUd5WsE1g;dc_rmcid=CAQSPAAvHhf_huRwzTp-2qLLWELKdvpqxJasa-DOg54qfsleFVUnlVC178fnqQBdRmDJhhIIXO2Bt6L60delPxgB;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOliX7L6TjZiDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D2512,0,0,0,0%26mtos%3D2512,2512,2512,2512,2512%26amtos%3D0,0,0,0,0%26mcvt%3D2512%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2764%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D2%26pst%3D252%26dur%3D11520%26vmtime%3D2796%26dtos%3D327%26dtoss%3D2%26dvs%3D327%26dfvs%3D327%26dvpt%3D327%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2512,2512,2512,2512,2512%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D633706359%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9s,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2512;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1702872165781;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6EB9
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ch3KfZMR_ZfrTBOOUpt8P5deRsA31ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEsgJP0GQ-M7jkGyOGSgT_SYKQNbGmoJJmclm3X8E8p6KOZIpE3uNSuUqySrVy3_QlPT8Bv-mvNErVsm3Hb1eOy07clyiBmKrOIQWOyvSx5DV060OcE-9H30CFvI_l8YTVMfo34PhO7ZooL5JKzTGSI9RBtY3l6siKTRKFAFMvXN0xLG2gSEl9CTDqSSWj9ln4RTHVtC8KztqG_wENUu-Zsyj70DzqbrhAePfatIZ8X_RicdsNh8fmlA-N5umn5FrdEhhgzcq_ok3cwSws-LM3ZoCE9bcnYmJoLifx6v_GmM2xbMTHXeFavgWGlZ2BIwst8O-Ugn2tvPwGJij5jUMS3tJNWYRWMN0rJp3Zna_nwzMezFlXWhHPilXB2t7MukVqJv_NdHiAjfPnU-jPbkmbPMDWZ3PABMmR7s3JBOAEA4gFgaDOuU2QBgGgBnaAB-qQlb4BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYl-y-k42YgwPyCBthZHgtc3Vic3luLTk5Mzg1NjU4MjIwMzQ2ODCACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAqoNAkpQ4g0TCLyWv5ONmIMDFWOK6QUd5WsE1rATyqPIFcgT3oH34wPYEwqIFALYFAHQFQH4FgGAFwHoFwM&sigh=jJWUou9grwU&label=videoplaytime25&ad_mt=2797&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D2512,0,0,0,0%26mtos%3D2512,2512,2512,2512,2512%26amtos%3D0,0,0,0,0%26mcvt%3D2512%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2764%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D2%26pst%3D252%26dur%3D11520%26vmtime%3D2796%26dtos%3D327%26dtoss%3D2%26dvs%3D327%26dfvs%3D327%26dvpt%3D327%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2512,2512,2512,2512,2512%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D633706359%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9s,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2512&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1702872165781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 0AE7
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.74 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 22:56:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 9641
47 B
227 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5963600&p=162882&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162882&userIdMacro=PM_UID&predirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D149271%26dsp%3D614719%26t%3Diframe%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 18 Dec 2023 04:02:48 GMT
content-length
47
content-type
text/html; charset=UTF-8
f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame A845
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&partner_id=1010
0
399 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8374832e1915e05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:48 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Mon, 18 Dec 2023 04:02:48 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
user-sync
sync.adkernel.com/ Frame 882B
0
0
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=149271&dsp=614719&t=iframe&uid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162882&userIdMacro=PM_UID&predirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D149271%26dsp%3D614719%26t%3Diframe%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.130.169.24 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 18 Dec 2023 04:02:48 GMT
Server
nginx
setuid
u.4dex.io/ Frame 96F7
Redirect Chain
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LQAE4DBJ-U-JCL5
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LQAE4DBJ-U-JCL5
0
15 B
Image
General
Full URL
https://u.4dex.io/setuid?bidder=rubicon&uid=LQAE4DBJ-U-JCL5
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:49 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://u.4dex.io/setuid?bidder=rubicon&uid=LQAE4DBJ-U-JCL5
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4290507b7388fb86809e552482e2fff0
Expires
0
3bc52bf9-24cf-4180-81b6-5f6c148a94c6
csync.smilewanted.com/set_partner_userid_get/openx/ Frame BDD6
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://csync.smilewanted.com/set_partner_userid_get/openx/3bc52bf9-24cf-4180-81b6-5f6c148a94c6
0
397 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/openx/3bc52bf9-24cf-4180-81b6-5f6c148a94c6
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8374832e2925e05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:48 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Mon, 18 Dec 2023 04:02:48 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/openx/3bc52bf9-24cf-4180-81b6-5f6c148a94c6
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user-sync
sync.adkernel.com/ Frame 14E5
0
0
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=149271&dsp=614719&t=iframe&uid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162882&userIdMacro=PM_UID&predirect=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D149271%26dsp%3D614719%26t%3Diframe%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.130.169.24 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 18 Dec 2023 04:02:48 GMT
Server
nginx
16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame CADC
0
403 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8374832e392ce05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:49 GMT
server
cloudflare
vary
Accept-Encoding
H1vSCLZH1GFpiRLqQlWJzlOb
csync.smilewanted.com/set_partner_userid_get/sovrn/ Frame 7562
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/sovrn/H1vSCLZH1GFpiRLqQlWJzlOb
0
453 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/sovrn/H1vSCLZH1GFpiRLqQlWJzlOb
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8374832f1a41e05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:49 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Mon, 18 Dec 2023 04:02:48 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/sovrn/H1vSCLZH1GFpiRLqQlWJzlOb
X-Sovrn-Pod
ad_ap2sfo1
setuid
sync.quantumdex.io/ Frame EB30
43 B
95 B
Document
General
Full URL
https://sync.quantumdex.io/setuid?bidder=xap-184388&uid=A1171917415455838230
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8374832eb957f6b5-NRT
content-length
43
content-type
image/gif
date
Mon, 18 Dec 2023 04:02:48 GMT
server
cloudflare
setuid
sync.quantumdex.io/ Frame FDDE
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=rise&uid=c4AKnoZ-CH_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8374832eb959f6b5-NRT
content-length
43
content-type
image/gif
7965596858226237483
csync.smilewanted.com/set_partner_userid_get/adform/ Frame E6BC
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/7965596858226237483
0
419 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/7965596858226237483
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
837483314cc4e05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:49 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Mon, 18 Dec 2023 04:02:49 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/7965596858226237483
server
nginx
hzidrib9tQE7W3yXPLN4
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 27BE
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/hzidrib9tQE7W3yXPLN4?gdpr=0
0
614 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/hzidrib9tQE7W3yXPLN4?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
837483301b70e05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:49 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
112
Content-Type
text/html; charset=utf-8
Date
Mon, 18 Dec 2023 04:02:48 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/hzidrib9tQE7W3yXPLN4?gdpr=0
P3p
CP="We do not support P3P header."
Pragma
no-cache
5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 17C9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48?pi=smilewanted
0
458 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
83748330bc2ce05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:49 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 18 Dec 2023 04:02:48 GMT Mon, 18 Dec 2023 04:02:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48?pi=smilewanted
pragma
no-cache
setuid
sync.quantumdex.io/ Frame A1C4
43 B
117 B
Document
General
Full URL
https://sync.quantumdex.io/setuid?bidder=xapads-mw&uid=A1171917415455838230
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
837483300a59f6b5-NRT
content-length
43
content-type
image/gif
date
Mon, 18 Dec 2023 04:02:49 GMT
server
cloudflare
collect
analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-2CJZ9YTX9G&gtm=45je3bt0v894694930&_p=1702872163885&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&cid=667190260.1702872163&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1702872163&sct=1&seg=0&dl=https%3A%2F%2Fwww.hawtcelebs.com%2F&dt=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures&_s=2&tfd=9307
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2CJZ9YTX9G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI5pXxk42YgwMVR4rpBR2WegsnEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCPqVwJONmIMDFWOK6QUd5WsE1g;dc_rmcid=CAQSPAAvHhf_huRwzTp-2qLLWELKdvpqxJasa-DOg54qfsleFVUnlVC178fnqQBdRmDJhhIIXO2...
ade.googlesyndication.com/ddm/activity/ Frame 6EB9
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5pXxk42YgwMVR4rpBR2WegsnEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCPqVwJONmIMDFWOK6QUd5WsE1g;dc_rmcid=CAQSPAAvHhf_huRwzTp-2qLLWELKdvpqxJasa-DOg54qfsleFVUnlVC178fnqQBdRmDJhhIIXO2Bt6L60delPxgB;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOliX7L6TjZiDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D21%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D2981,0,0,0,0%26mtos%3D2981,2981,2981,2981,2981%26amtos%3D0,0,0,0,0%26mcvt%3D2981%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D3233%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D3%26pst%3D252%26dur%3D11520%26vmtime%3D3266%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D633706359%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200103c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2981;gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.01%26t%3D1702872165781;ecn1=1;etm1=0;eid1=200103;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
events-ssc.33across.com/ Frame 5FAE
68 B
82 B
Document
General
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Mon, 18 Dec 2023 04:02:49 GMT
via
1.1 google
genericpost
ww1097.smartadserver.com/ Frame
0
0
Preflight
General
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.hawtcelebs.com
date
Mon, 18 Dec 2023 04:02:50 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ Frame 3FB6
613 B
1 KB
XHR
General
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
af33a6f942a27610d4c4bf22966834702f4cfe69f3befa073dbc07021e1bbb89

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
c.tmyzer.com/c/ Frame 3FB6
0
280 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=96761&f=20&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96761&formatId=20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:49 GMT
server
nginx
x-iplb-request-id
9246C9E8:A220_36264064:01BB_657FC469_CBBF4F1:0F25
x-iplb-instance
58017
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
geo
rbx
publishertag.prebid.139.js
static.criteo.net/js/ld/ Frame 3FB6
95 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Dec 2023 04:02:49 GMT
setuid
u.4dex.io/ Frame 04F4
0
15 B
Document
General
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 18 Dec 2023 04:02:49 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
match
events-ssc.33across.com/ Frame 14B5
68 B
82 B
Document
General
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Mon, 18 Dec 2023 04:02:49 GMT
via
1.1 google
dc_oe=ChMIl9izk42YgwMVz07CBR31tw4nEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCMaxmJONmIMDFfWc6QUd-J0DWQ;dc_rmcid=CAQSTwAvHhf_iRiOLW1GIisVlHLNhZMzjrC4s_iPWwpPRd9Cso9beA7qbo95jAANc-ecRBhtPaU...
ade.googlesyndication.com/ddm/activity/ Frame 96FB
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIl9izk42YgwMVz07CBR31tw4nEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCMaxmJONmIMDFfWc6QUd-J0DWQ;dc_rmcid=CAQSTwAvHhf_iRiOLW1GIisVlHLNhZMzjrC4s_iPWwpPRd9Cso9beA7qbo95jAANc-ecRBhtPaUSNN5YmyAnax70VjCs-vPvYbwZY-NrGx0xQRMYAQ;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOljF6paTjZiDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D5276,0,0,0,0%26mtos%3D5276,5276,5276,5276,5276%26amtos%3D0,0,0,0,0%26mcvt%3D5276%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5524%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D287%26dur%3D11520%26vmtime%3D5544%26dtos%3D2734%26dtoss%3D3%26dvs%3D2734%26dfvs%3D2734%26dvpt%3D2734%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2734,2734,2734,2734,2734%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D758656306%26psm%3D63%26psv%3D62%26psfv%3D62%26psa%3D0%26pngs%3D9s,14,200103cs,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5276;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1702872164319;ecn1=1;etm1=0;eid1=18;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 96FB
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHIWLY8R_ZYb0GfW5pt8P-LuOyAX1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEtAJP0DbzkXxr76XuaKkAMrME5jPxg7JKoE9U_BCsYiMVOCMK__Nj5NIW2ofc0_vMGYBXbSxXyKC7fM7AWow5QDLi1ckV5fTJxKVGXo_6rok0aBmQgGwCfZT15ZoTiRJzFSC2w2S_gipooA6JU6_bYL2Eoxz6Gd7Wy5iUwI0rl7_LI5AibGaDhdR8EM-GHoJissMzbJGVkkJN7pVAG64hIdPYFUvhuE9eiqQqDeA3YWnFBU9IR1cu_GUD84Aq_JDeG9XclBeM_xmG9xw7oQygWGquk_ZFjddJ-ITpjb45FaHYuJYo0odsw4tnEBkP2bnvoXJKDBgCX8eNyec7vKQ0K5RyNOw-Qo987pKScaNuMioPFjUeGKSt_pDgx_uQWL4--07-CF1_uIx3H_DguCBorQcBVR0SIcAEyZHuzckE4AQDiAWBoM65TZAGAaAGdoAH6pCVvgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOljF6paTjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAeALAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJKUOINEwjenpeTjZiDAxX1nOkFHfidA1mwE8qjyBXIE96B9-MD2BMKiBQC2BQB0BUB-BYBgBcB6BcD&sigh=1Bd1ouNDuoc&label=videoplaytime50&ad_mt=5544&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D5276,0,0,0,0%26mtos%3D5276,5276,5276,5276,5276%26amtos%3D0,0,0,0,0%26mcvt%3D5276%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5524%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D287%26dur%3D11520%26vmtime%3D5544%26dtos%3D2734%26dtoss%3D3%26dvs%3D2734%26dfvs%3D2734%26dvpt%3D2734%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2734,2734,2734,2734,2734%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D758656306%26psm%3D63%26psv%3D62%26psfv%3D62%26psa%3D0%26pngs%3D9s,14,200103cs,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5276&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1702872164319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIzaCxk42YgwMVflDCBR3cXQDkEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCObejpONmIMDFYeW6QUdj4IJuQ;dc_rmcid=CAQSTgAvHhf_YJlZ-ZvCOT-PQl99i0DAxjz4JPpLzG8B4FS84QzpsCxbPC9RsS9aadoBMYvhWNS...
ade.googlesyndication.com/ddm/activity/ Frame 6775
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzaCxk42YgwMVflDCBR3cXQDkEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCObejpONmIMDFYeW6QUdj4IJuQ;dc_rmcid=CAQSTgAvHhf_YJlZ-ZvCOT-PQl99i0DAxjz4JPpLzG8B4FS84QzpsCxbPC9RsS9aadoBMYvhWNSsGc28mr3th5ofAZfspFUXTVQ_catM6sexPxgB;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOliHr42TjZiDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D0,5410,0,0,0%26mtos%3D0,5410,5410,5410,5410%26amtos%3D0,0,0,0,0%26mcvt%3D5410%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5684%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D6%26pst%3D274%26dur%3D11520%26vmtime%3D5725%26dtos%3D2737%26dtoss%3D3%26dvs%3D2737%26dfvs%3D0%26dvpt%3D2737%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D33555219%26c%3D0.92%26mc%3D0.92%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,2737,2737,2737,2737%26qnc%3D0.92%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D667307141%26psm%3D63%26psv%3D62%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,200103cs,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5410;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1702872164468;ecn1=1;etm1=0;eid1=18;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6775
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CUWlnY8R_ZaahEIetpt8Pj4WmyAv1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEtAJP0J2ioVEDabUuJHHGsAskP4-nAmv5CJc_03aqVR9WU9fFoeAcTskWblJq_etiGTpJwMUftd5-wjqd4H9qkMdxTuTQPjWGfXwaXbgciYJ0k_AlvBMjAuYbW_HqA_R61uqkdOhf1tfPpSdzuctYc42i_rOqQC6GvYjPAs1Tf4fKslceldLPLqqB4ay7b0zw0FYLInGFNw0XKz22WjqVvQLG6dbSwAo4WlPCzMa-PZ8YNZGl70XPXwzRsumHV0onN_Mpz95f_xFwky_6bDn7ksxzBY-hgLUodP99r0g_JW21ko0kdXjeHLPZf6n2BixIkbr1WqT36jMULcHZZNjw6xgWWPlRBd1d3O7x5CyXchOH_TXIY-C318CgY-u2qj86JaLFk8YdsIBp0jrsBBwwMLFLKpmqn8AEyZHuzckE4AQDiAWBoM65TZAGAaAGdoAH6pCVvgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOliHr42TjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAeALAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJKUOINEwjI2Y2TjZiDAxWHlukFHY-CCbmwE8qjyBXIE96B9-MD2BMKiBQC2BQB0BUB-BYBgBcB6BcD&sigh=nSVoW9JCFIY&label=videoplaytime50&ad_mt=5725&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D0,5410,0,0,0%26mtos%3D0,5410,5410,5410,5410%26amtos%3D0,0,0,0,0%26mcvt%3D5410%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5684%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D6%26pst%3D274%26dur%3D11520%26vmtime%3D5725%26dtos%3D2737%26dtoss%3D3%26dvs%3D2737%26dfvs%3D0%26dvpt%3D2737%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D33555219%26c%3D0.92%26mc%3D0.92%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,2737,2737,2737,2737%26qnc%3D0.92%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D667307141%26psm%3D63%26psv%3D62%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,200103cs,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5410&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1702872164468
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/
0
479 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_728x90_sticky_display_bottom_sticky_bot_cent&e=ufp&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:50 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447884
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8374833879ca2605-NRT
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_native_multi_native_under_related&e=ubs&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:50 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447884
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8374833879cb2605-NRT
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_extra_large_video_btflargevideo&e=ufp&dsReferer=aGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.25.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HGAT23GKZ7X3V9YZTT5D1QNR
date
Mon, 18 Dec 2023 04:02:50 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
447884
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8374833879cd2605-NRT
v1
adxadserv.com/px/heartbeat/ Frame EDE9
0
121 B
Ping
General
Full URL
https://adxadserv.com/px/heartbeat/v1?pv_uid=7f8f474a-e13d-4c78-9637-ce0fd2e32c17&t_op=6.359&p_nn=adxad-rtb&fpid_sa=1702872164753&fpid=b18a008359d2b02fe84b4210aefcfe42&feid_sa=1702872164753&sid_sa=1702872164753&feid=09564b4e71859ea18f8475f69e5ec470&sid=06208ca3311633cb9ac3b482db954cae&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=hawtcelebs.com&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Win32&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=0&lb=0&cd=24&hc=4&dm=8&dt=-1&ed=0&sr=6871947674800&fb=123643
Requested by
Host: adxadserv.com
URL: https://adxadserv.com/ascripts/pxl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.98.53.29 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.adxadserv.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 18 Dec 2023 04:02:51 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 136B
43 B
118 B
Document
General
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8374833e9f31f6b5-NRT
content-length
43
content-type
image/gif
date
Mon, 18 Dec 2023 04:02:51 GMT
server
cloudflare
setuid
sync.quantumdex.io/ Frame 20D1
43 B
95 B
Document
General
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8374833f0f8af6b5-NRT
content-length
43
content-type
image/gif
date
Mon, 18 Dec 2023 04:02:51 GMT
server
cloudflare
afr.php
ads.as.criteo.com/delivery/r/ Frame DF35
116 KB
42 KB
Document
General
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::22 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
6fe93ce9d3d8b0b64e7324728b1bfd72031d46d79763114abd19f2d3d2386c57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 04:02:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=Jca7fDIhXvOj9jyywZAoBGSFBFwjffJvoGjHsnYrAnTI3U0x98ncETxdtKNX8uSP2-uF0-iVlyaDnUfVGuBDGroZo42PZBmUSEYcvKd-sGlJHY-PJVv5vSMB5svtXoOnVtQWbui-HtM3k2ZXCfVLfWbbG2MNoNizlnuzRrCKMSlajySA43VJe8M3vWDW2_-T4TH6hDR3unMSGLvYVSs7SPQmeoW-kGp89QXi_SFOuxZIsuM1nDkHZIJ6_v0"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
30337055
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
lib_watermark.js
ads.themoneytizer.com/ Frame 3FB6
6 KB
2 KB
Script
General
Full URL
https://ads.themoneytizer.com/lib_watermark.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96761&formatId=20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d300::19 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a72baa0c1d82bdc8930d5e2698d3ef2173094bd40ef2d157e6b3e49fab07ba44

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop
tokyoJP
date
Mon, 18 Dec 2023 04:02:51 GMT
content-encoding
gzip
x-age-lb
0, 82440
x-77-cache
HIT
x-accel-date
1702789731
x-77-nzt
EwwB1GYyBwH3CEIBAAwBWbuiMAH3AAAAAAwBJRPCLgH3JQAAAA
pragma
public
x-accel-expires
@1702876131
x-cache-lb
HIT, HIT
x-77-age
82477
last-modified
Mon, 24 Apr 2023 13:12:59 GMT
server
CDN77-Turbo
x-77-nzt-ray
aefca1171437e7e36bc47f652511b51a
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Sat, 16 Dec 2023 05:08:49 GMT
tpd
cat.jp2.as.criteo.com/ Frame 483C
43 B
462 B
Image
General
Full URL
https://cat.jp2.as.criteo.com/tpd?dd=nMZ2bl9tZGFUblJUSU1kTjZvU1oyS2tJUzJqSzBEbUE1ZEVrejM4VCUyQjVPNURFd1c3Y0Z4MHdpT0tWRE9GNFhQWGE0VDNvNmc5S0lDdnRuZldJVjczYUQ3WnRMN3RWV21TRWFCYmY4MW1IU0JYQVolMkJzcmFETkNZSVlmZE9PUnNBeU5pSkZreG9OWWZrMHA0c2pXZSUyRk9mZnczQm92U2Q3eG5sSlBYYVM3TVRUem9kTFlvQTZvSnVYd0pvN29IcFhrU3JBYVBlbTBocmNYJTJGQlhaWmZxMUM2TnRsSW5ObHRYNWNqSVRsRVlxVTFBbW9MTTJRQUVzRmlqY1klMkZib0hQdHhRaVBESzYzSjljazlZUGVlc0lmbHpkWG9melBocTRlQU0xUzd5TjZqQW9NMUlGNGV5RGVTWEdIeDZodXpacTc3R0tiY2ZnNkFWeEtKR0h5RXkxS29neFU3VnFzRElxZndWZnd0d0pPckZEaSUyRmp2bjRMdGc0ajluJTJCMkc0T1dhV0lDRTltUFBvbHM3JTJGMTV2aWtWNEVibmFRRmVzeFNQVzR1WGFXTGo5YlM4YTBNMlBFcXpBaW56NDJOSVF6NDFIcXdtenRmTUNBcGZ4WGxIbnU3QUV4TXUyNWxzZUElM0QlM0Q
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.13 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
247623
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
dc_oe=ChMI5pXxk42YgwMVR4rpBR2WegsnEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCPqVwJONmIMDFWOK6QUd5WsE1g;dc_rmcid=CAQSPAAvHhf_huRwzTp-2qLLWELKdvpqxJasa-DOg54qfsleFVUnlVC178fnqQBdRmDJhhIIXO2...
ade.googlesyndication.com/ddm/activity/ Frame 6EB9
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5pXxk42YgwMVR4rpBR2WegsnEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCPqVwJONmIMDFWOK6QUd5WsE1g;dc_rmcid=CAQSPAAvHhf_huRwzTp-2qLLWELKdvpqxJasa-DOg54qfsleFVUnlVC178fnqQBdRmDJhhIIXO2Bt6L60delPxgB;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOliX7L6TjZiDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D5436,0,0,0,0%26mtos%3D5436,5436,5436,5436,5436%26amtos%3D0,0,0,0,0%26mcvt%3D5436%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5688%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D12%26pst%3D252%26dur%3D11520%26vmtime%3D5729%26dtos%3D2924%26dtoss%3D3%26dvs%3D2924%26dfvs%3D2924%26dvpt%3D2924%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2924,2924,2924,2924,2924%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D633706359%26psm%3D63%26psv%3D62%26psfv%3D62%26psa%3D0%26pngs%3D9s,14,200103cs,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5436;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1702872165781;ecn1=1;etm1=0;eid1=18;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6EB9
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ch3KfZMR_ZfrTBOOUpt8P5deRsA31ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEsgJP0GQ-M7jkGyOGSgT_SYKQNbGmoJJmclm3X8E8p6KOZIpE3uNSuUqySrVy3_QlPT8Bv-mvNErVsm3Hb1eOy07clyiBmKrOIQWOyvSx5DV060OcE-9H30CFvI_l8YTVMfo34PhO7ZooL5JKzTGSI9RBtY3l6siKTRKFAFMvXN0xLG2gSEl9CTDqSSWj9ln4RTHVtC8KztqG_wENUu-Zsyj70DzqbrhAePfatIZ8X_RicdsNh8fmlA-N5umn5FrdEhhgzcq_ok3cwSws-LM3ZoCE9bcnYmJoLifx6v_GmM2xbMTHXeFavgWGlZ2BIwst8O-Ugn2tvPwGJij5jUMS3tJNWYRWMN0rJp3Zna_nwzMezFlXWhHPilXB2t7MukVqJv_NdHiAjfPnU-jPbkmbPMDWZ3PABMmR7s3JBOAEA4gFgaDOuU2QBgGgBnaAB-qQlb4BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYl-y-k42YgwPyCBthZHgtc3Vic3luLTk5Mzg1NjU4MjIwMzQ2ODCACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAqoNAkpQ4g0TCLyWv5ONmIMDFWOK6QUd5WsE1rATyqPIFcgT3oH34wPYEwqIFALYFAHQFQH4FgGAFwHoFwM&sigh=jJWUou9grwU&label=videoplaytime50&ad_mt=5730&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D5436,0,0,0,0%26mtos%3D5436,5436,5436,5436,5436%26amtos%3D0,0,0,0,0%26mcvt%3D5436%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5688%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D12%26pst%3D252%26dur%3D11520%26vmtime%3D5729%26dtos%3D2924%26dtoss%3D3%26dvs%3D2924%26dfvs%3D2924%26dvpt%3D2924%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2924,2924,2924,2924,2924%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D633706359%26psm%3D63%26psv%3D62%26psfv%3D62%26psa%3D0%26pngs%3D9s,14,200103cs,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5436&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1702872165781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame DF35
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 12 Dec 2024 04:02:51 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame DF35
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 12 Dec 2024 04:02:51 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame DF35
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 12 Dec 2024 04:02:51 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame DF35
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 12 Dec 2024 04:02:51 GMT
lg.php
cat.jp2.as.criteo.com/delivery/ Frame DF35
43 B
347 B
Image
General
Full URL
https://cat.jp2.as.criteo.com/delivery/lg.php?cppv=3&cpp=EjzwDM7EwwkVmMQlNlKszzrOqywLInNXzfioKq2p33h70sfg7qLnqSM-ZOfV9JMua1MrQDNl6H0KRkCT756Bc6Dh-PRDfvP9WYcdSC1o2TsRHNksE1eBEciy9xDCg3XUO8JjNX2m32YefN1pA9L9EMCRU2YKXtVSuxq3ryyj6qtN8rvl719IgQmTj3XuLP7_mOWbQdmIq7MAdM7TU-gmdTp9H8lZF0IYqJc9lZbTPN7dqBydrtx_l1HzqmGd6MNxrqqt6Dq9xsd9IDHrUKdLVvn3PsTGvP_2V0MLQFMQwpoeq5xCVAnLlha7t5GP2MoPFYOVMWO8vqvh3vgBWb5KEWdNSj_-xvJVhVPAYIhYMXC1XrzhCbNlUW-0CfxVH0S-tfBffUInuin4Z0Qj8y7VVM00gpFMz4Lte5eNLvIfvsl4CkJ9TjCsz1BKzWz8KnjH6Ngl6QqR3kacudfdeOZxiObjBxg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.13 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1986203
expires
Mon, 26 Jul 1997 05:00:00 GMT
dis.aspx
widget.jp2.as.criteo.com/dis/ Frame 99C4
5 KB
3 KB
Document
General
Full URL
https://widget.jp2.as.criteo.com/dis/dis.aspx?pu=205817&cb=657fc46ab24558d2ac0e8130c2588d01&r=https%3a%2f%2fwww.hawtcelebs.com%2f&crossorigin=false
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
88fbdc214f148ab318ff1bab6825373aaafbe5325b71bf3b1d2c473adf1d7a8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 18 Dec 2023 04:02:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2097585
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
animejs.js
static.criteo.net/animejs/ Frame DF35
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 12 Dec 2024 04:02:51 GMT
img
imageproxy.as.criteo.net/img/ Frame DF35
10 KB
11 KB
Image
General
Full URL
https://imageproxy.as.criteo.net/img/img?cq=256&h=800&m=0&partner=22210&q=80&r=0&u=https%3A%2F%2Fwww.softbank.jp%2Finternet%2Fset%2Fdata%2Fad%2Fimg%2Fcriteo_air5_221014.png%3Fcb%3D1&v=3&w=800&rid=73&s=1RcTRxeNA8mI6WeHSDxecTi6&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0e76f2c0eeb74891005e12aab2c883fc7ff2c3e025157df67656d72106a7a3f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
10686
expires
Sat, 16 Nov 2024 12:43:24 GMT
img
imageproxy.as.criteo.net/img/ Frame DF35
90 B
303 B
Image
General
Full URL
https://imageproxy.as.criteo.net/img/img?h=400&m=0&partner=22210&q=80&r=0&u=http%3A%2F%2Fstatic.jp2.as.criteo.net%2Fimages%2Fproduits%2F22210%2Fbdg%2Fbdg_0.png&v=3&w=400&rid=73&s=T0gO0N25AYyicieeKdTHVWol
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
9345176643ceca75b9134c859f54e7461407ef3302bd7ab6f9e09cf6a5798dbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
90
expires
Fri, 15 Nov 2024 14:50:33 GMT
img
imageproxy.as.criteo.net/img/ Frame DF35
10 KB
10 KB
Image
General
Full URL
https://imageproxy.as.criteo.net/img/img?h=108&m=0&partner=22210&q=80&r=0&u=http%3A%2F%2Fstatic.jp2.as.criteo.net%2Fdesign%2Fdt%2F22210%2F170926%2Fc3665616de244ac3861f1db71d30a692_logo_all_horizontal.png&v=3&w=316&rid=73&s=-TK8pAf2-MFpcTGsRL7NAvyq
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
8b689a1753dd80419b61e76923e0c6a60c15b74c1c087d54f4af167bee67a19e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
9776
expires
Sun, 08 Dec 2024 07:27:30 GMT
all
csm.as.criteo.net/ Frame DF35
0
128 B
Ping
General
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=Jca7fDIhXvOj9jyywZAoBGSFBFwjffJvoGjHsnYrAnTI3U0x98ncETxdtKNX8uSP2-uF0-iVlyaDnUfVGuBDGroZo42PZBmUSEYcvKd-sGlJHY-PJVv5vSMB5svtXoOnVtQWbui-HtM3k2ZXCfVLfWbbG2MNoNizlnuzRrCKMSlajySA43VJe8M3vWDW2_-T4TH6hDR3unMSGLvYVSs7SPQmeoW-kGp89QXi_SFOuxZIsuM1nDkHZIJ6_v0&sds=2&rev=89791&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 18 Dec 2023 04:02:50 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
privacy.svg
static.criteo.net/flash/icon/ Frame DF35
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 12 Dec 2024 04:02:51 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 6521
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-AHZQTzviUu-uPmYpVHXLQwwlnVBWz0pSDlIIaw&google_cm&google_hm=ay1BSFpRVHp2aVV1LXVQbVlwVkhYTFF3d2xuVkJXejBwU...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-AHZQTzviUu-uPmYpVHXLQwwlnVBWz0pSDlIIaw&google_gid=CAESELWiAbKg15AI4yOjfD81dGo&google_cver=1&google_ula=913071,0
43 B
370 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-AHZQTzviUu-uPmYpVHXLQwwlnVBWz0pSDlIIaw&google_gid=CAESELWiAbKg15AI4yOjfD81dGo&google_cver=1&google_ula=913071,0
Protocol
H2
Server
182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1309935
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-AHZQTzviUu-uPmYpVHXLQwwlnVBWz0pSDlIIaw&google_gid=CAESELWiAbKg15AI4yOjfD81dGo&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 6521
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-J0KiajviUu-uPmYpVHXLQwwlnVCcUOfyOZ4x-g&expires=30
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 6521
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3456854436429190532
43 B
370 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3456854436429190532
Protocol
H2
Server
182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2686221
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:51 GMT
an-x-request-uuid
86bdd959-3271-4b6b-b2ca-c1ee8ce71104
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3456854436429190532
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 6521
57 B
625 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-clANZTviUu-uPmYpVHXLQwwlnVAXsd_eArjjRA
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.148.27 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-148-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 18 Dec 2023 04:02:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Mon, 18 Dec 2023 04:02:51 GMT
tap.php
pixel.rubiconproject.com/ Frame 6521
42 B
843 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-swv3tTviUu-uPmYpVHXLQwwlnVDwSeDLGhC8sw&expires=30
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame 6521
43 B
480 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-w_R2vjviUu-uPmYpVHXLQwwlnVBUbBOiCIKyLA
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.56 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:51 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 6521
0
374 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-FnhzYDviUu-uPmYpVHXLQwwlnVCXO4D5Yai1Vw
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.231.48 , Hong Kong, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
50811
um
criteo-sync.teads.tv/ Frame 6521
23 B
278 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-U_cmKzviUu-uPmYpVHXLQwwlnVA4pyCLDhX-Vg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.101 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Mon, 18 Dec 2023 04:02:51 GMT
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:51 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 6521
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-i6xcEzviUu-uPmYpVHXLQwwlnVDIXqWxL2ezvA&dongle=013b
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ups.analytics.yahoo.com/ups/58301/ Frame 6521
0
382 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-X7UlPDviUu-uPmYpVHXLQwwlnVDOl5jLFDfPCw
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.228.126.19 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
adgen.socdm.com/rtb/ Frame 6521
43 B
819 B
Image
General
Full URL
https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.151 Miyado, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-SO-Cluster-ID
0
Date
Mon, 18 Dec 2023 04:02:51 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=adgen&dspid=23","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.232","key":"ZX-Ea8Co8HAAAHg0fUEAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad433"}
X-SO-Key
ZX-Ea8Co8HAAAHg0fUEAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad433
P3P
CP="See also http://www.scaleout.jp/privacy/"
Content-Type
image/gif
Cache-Control
private
X-SO-HostName
m-ad433.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
43
X-SO-LB-Hostname
m-ng12.dc4p.scaleout.jp
X-SO-IP
146.70.201.232
idsync
tg.socdm.com/aux/ Frame 6521
43 B
861 B
Image
General
Full URL
https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-fv7FCjviUu-uPmYpVHXLQwwlnVCdxCzHDJ5pNQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.167 Miyado, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-SO-Cluster-ID
0
Date
Mon, 18 Dec 2023 04:02:51 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-fv7FCjviUu-uPmYpVHXLQwwlnVCdxCzHDJ5pNQ","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.232","key":"ZX-Ea8Co8YkAADtZrDMAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad84"}
X-SO-Key
ZX-Ea8Co8YkAADtZrDMAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad84
P3P
CP="See also http://www.scaleout.jp/privacy/"
Content-Type
image/gif
Cache-Control
private
X-SO-HostName
m-ad84.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
3
Content-Length
43
X-SO-LB-Hostname
m-tgng37.dc4p.scaleout.jp
X-SO-IP
146.70.201.232
sync
ad.as.amanad.adtdp.com/v1/ Frame 6521
42 B
833 B
Image
General
Full URL
https://ad.as.amanad.adtdp.com/v1/sync?dsp_id=4,5&uid=k-tbpJITviUu-uPmYpVHXLQwwlnVB5TUL4TdFJcA
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-96.nrt57.r.cloudfront.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:51 GMT
via
1.1 f79910dd066cb79d5b224ab3f88841e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
42
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
LpeMosfXqKK0gfXfeuf4oq7DXSoXzKJxa_yY9tTPb-Ra38nPjyfp5g==
expires
Thu, 01 Jan 1970 09:00:00 GMT
sync
tags.bluekai.com/site/29001/ Frame 6521
Redirect Chain
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=I9ojyVrE2czwzG1EqrkEyzQEVXAPPoso
62 B
532 B
Image
General
Full URL
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=I9ojyVrE2czwzG1EqrkEyzQEVXAPPoso
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Server
23.36.17.70 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-17-70.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:51 GMT
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control
max-age=0, no-cache, no-store
content-length
62
bk-server
22bc
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

location
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=I9ojyVrE2czwzG1EqrkEyzQEVXAPPoso
date
Mon, 18 Dec 2023 04:02:51 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
604315
content-length
0
rum
r.casalemedia.com/ Frame 6521
43 B
537 B
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-j-cs7jviUu-uPmYpVHXLQwwlnVCaxY54_q40Lg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJ2WjW7r3yVbKvkDPxUbasALmFPDP5Gn48v%2B8qxCJrHC7o5GRosYaNTlgiOpt7GGCQiRjQP4R0bel%2BC0JBjFqgAGD%2FYRuLgU3ElMTPxtWvd95nUJw%2FBXD4NL1sUNuYBuXcdg"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8374834078d9261b-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
pixel
adx.dable.io/ Frame 6521
0
141 B
Image
General
Full URL
https://adx.dable.io/pixel?dsp_id=6&uid=k-J9cKTzviUu-uPmYpVHXLQwwlnVAU68qVomBKzw
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.37.95.197 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-37-95-197.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:51 GMT
server
nginx
/
cs.adingo.jp/sync/ Frame 6521
43 B
413 B
Image
General
Full URL
https://cs.adingo.jp/sync/?from=criteo&id=k-hsdWOzviUu-uPmYpVHXLQwwlnVCpyKwtaWsujA
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.118.63 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-118-63.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:51 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
image/gif
server
nginx
expires
Wed, 17 Sep 1975 21:32:10 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6521
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-9RTE2TviUu-uPmYpVHXLQwwlnVCz5kyAPuLMsg
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=7380707807691766283&redirectID=0&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&gdpr=0&gdpr_consent=
0
187 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&gdpr=0&gdpr_consent=
Protocol
H2
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:51 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:51 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702872171770077-69
362338.gif
idsync.rlcdn.com/ Frame 6521
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/362338.gif?partner_uid=k-7rG5PDviUu-uPmYpVHXLQwwlnVByvG7nWq_U1g
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:51 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
c.gif
c.bing.com/ Frame 6521
42 B
174 B
Image
General
Full URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-vXjSazviUu-uPmYpVHXLQwwlnVCgcgT1v1b6uw
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:51 GMT
last-modified
Tue, 12 Dec 2023 19:03:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7C42FBB0F76F48F1AB9B5723F35C3AC8 Ref B: TYAEDGE0709 Ref C: 2023-12-18T04:02:51Z
etag
"e8d91e42d2dda1:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
cookie-sync
sync.outbrain.com/ Frame 6521
0
287 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-eCi7PjviUu-uPmYpVHXLQwwlnVDFzUKYyxk49g&initiator=partner
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.159 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:52 GMT
Cache-Control
no-cache
X-TraceId
c0bc4fd1f67e07d42331fadecbb4a4cc
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6521
0
74 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-VhvOkzviUu-uPmYpVHXLQwwlnVBrIvSXh-z-Dw
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 17 Dec 2023 22:58:50 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
s.ad.smaato.net/c/ Frame 6521
0
383 B
Image
General
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-wzMabjviUu-uPmYpVHXLQwwlnVC-xQtg0H3w6A
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b7:a800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:51 GMT
cache-control
no-cache, must-revalidate
via
1.1 d51ceda436f155dcdc6b24ba6dcf73cc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT57-C4
x-amz-cf-id
ZzLPu857Ei1jiuYXb5wv9VbYAoDcF6glFmiBHZzXUyiulRh83QOMcw==
x-cache
Miss from cloudfront
sync.htm
ade.clmbtech.com/uid/ Frame 6521
68 B
259 B
Image
General
Full URL
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-xCw_dTviUu-uPmYpVHXLQwwlnVCUT1jSC28r_A
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:5000::1738:ab7d Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Mon, 18 Dec 2023 04:02:51 GMT
x-content-type-options
nosniff
server
Bhoot
x-frame-options
sameorigin
content-type
image/jpeg
x-upstream
172.29.17.244:80
content-length
68
x-xss-protection
1; mode=block
sync
sync-criteo.ads.yieldmo.com/ Frame 6521
43 B
620 B
Image
General
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-Jc1FpDviUu-uPmYpVHXLQwwlnVBeqrsANhdj5A&pn_id=criteo&ext=1
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?u=%7CvqVHB9eCPG3RG0hVyG8FGPCTHkFwhwFeGSbzQoGDWcI%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57ocHLi7YLeFrRBkXm2kFok6LCJc8rDrFx4DCy2mjOFN7KJconb_DT3mwl5khP7RedJpCF09vvpqqaMhrksZ_CYDysGEk3oD9bh-StcoJf-0uOxw_KsbJrLUbJk8PM9d5PFwf_OB4-_t9TmhibJDbNOTRV1JUv_aT3jBJBAsQ-I37ST8U9DricID2YgL_Qbu2WQTcz60YGccvwo7qFZvkWxfbcLmAmpOFMMNDxicAUxSy3TuTTx3duH-pcOhBtUZBGKxn-2SzDjllUijIerExpebXygrKQRqXstsKff4LjSqYCW4no00LORE_hdoyNEnwXydhysNTxD7e2nldRlzM0SUOEABN0KLa4ojG7P9AqhXKQUMuk8teYm6jm5TvUhPQwlotv3GtrOt9IjYpQwzt8yfnh6MNVcEU1NV15g02EAD0owtjYNGQZL6TedvD9OMR2iDyrTC5v4uKtDvN3mkSm2dlW7HMpNqtlvk_BLG0XzK9UZ4Lbeh251DMAWwuld_OmjJwggkflCzEOvTCTAjw0E4FnlstnM534xpJYZ0PCTUNWJkvfmeUQn81hpK6om_4wI7LuHq7Zs806EO6NADEc1aVD54eCrhHX66bd8APb2gyKc92OROYi8zA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.232.112 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-232-112.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:51 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 09E1
0
426 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
837483408dfce05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:51 GMT
server
cloudflare
vary
Accept-Encoding
cksync
hb.yahoo.net/ Frame 6521
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-X7UlPDviUu-uPmYpVHXLQwwlnVDOl5jLFDfPCw
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58301&ovsid=k-X7UlPDviUu-uPmYpVHXLQwwlnVDOl5jLFDfPCw&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS0yUm1BN2hSRTJ1RXZucHJZdHEuVDJPcnJtcFBxbGZzMX5B&ovsid=k-X7UlPDviUu-uPmYpVHXLQwwlnVDOl5jLFDfPCw&dpid=58301
57 B
504 B
Image
General
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0yUm1BN2hSRTJ1RXZucHJZdHEuVDJPcnJtcFBxbGZzMX5B&ovsid=k-X7UlPDviUu-uPmYpVHXLQwwlnVDOl5jLFDfPCw&dpid=58301
Protocol
H2
Server
23.220.70.96 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-220-70-96.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 18 Dec 2023 04:02:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Mon, 18 Dec 2023 04:02:51 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0yUm1BN2hSRTJ1RXZucHJZdHEuVDJPcnJtcFBxbGZzMX5B&ovsid=k-X7UlPDviUu-uPmYpVHXLQwwlnVDOl5jLFDfPCw&dpid=58301
date
Mon, 18 Dec 2023 04:02:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/ Frame 6521
43 B
946 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-O_S6oTviUu-uPmYpVHXLQwwlnVBAuy-O7dX3QA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:51 GMT
an-x-request-uuid
a88e269f-9b0c-4865-8892-9ae883c84393
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 6521
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=3Sfz23t-TN18WptSwmGOoApyvEJPtWTN
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=3Sfz23t-TN18WptSwmGOoApyvEJPtWTN
Protocol
H2
Server
35.160.8.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-8-191.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
beacon-n016-pdx-prod.krxd.net
date
Mon, 18 Dec 2023 04:02:52 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1702872172
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=3Sfz23t-TN18WptSwmGOoApyvEJPtWTN
date
Mon, 18 Dec 2023 04:02:51 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
629155
content-length
0
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
cors
data.ad-score.com/data/
1 B
274 B
Fetch
General
Full URL
https://data.ad-score.com/data/cors?pm_st=kGbpickaiRkDrFHkEieGxMpiIzwFpBWP-FE7fPshldVPjNSMb3XnAF0rCOsk=-E03BPsVkY1viMQ==&pm_ct=28cb5d651d6d0d8960e679e3&pm_pl=1702872165212&pm_td=6853&pid=1000177&en=1.1&callback=__pm_glbl_2r4LpRnqhg0ftE61tPcNmTZ1._gc4&tt=opt&v=8e71a8c
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Mon, 18 Dec 2023 04:02:52 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
cors
data.ad-score.com/data/
1 B
274 B
Fetch
General
Full URL
https://data.ad-score.com/data/cors?pm_st=kGbpickaiRkDrFHkEieGxMpiIzwFpBWP-FE7fPshldVPjNSMb3XnAF0rCOsk=-E03BPsVkY1viMQ==&pm_ct=6d412816d5168761b6f4f836&pm_pl=1702872165381&pm_td=6691&pid=1000177&en=1.1&callback=__pm_glbl_ArfDu7dIkIaa4gc9C8xpfmDd._gc4&tt=opt&v=8e71a8c
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Mon, 18 Dec 2023 04:02:52 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
cors
data.ad-score.com/data/
1 B
274 B
Fetch
General
Full URL
https://data.ad-score.com/data/cors?pm_st=kGbpickaiRkDrFHkEieGxMpiIzwFpBWP-FE7fPshldVPjNSMb3XnAF0rCOsk=-E03BPsVkY1viMQ==&pm_ct=28cb5d651d6d0d8960e679e3&pm_pl=1702872165212&pm_td=7081&pid=1000177&en=1.1&callback=__pm_glbl_2r4LpRnqhg0ftE61tPcNmTZ1._gc5&tt=opt&v=8e71a8c
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Mon, 18 Dec 2023 04:02:52 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
cors
data.ad-score.com/data/
1 B
274 B
Fetch
General
Full URL
https://data.ad-score.com/data/cors?pm_st=kGbpickaiRkDrFHkEieGxMpiIzwFpBWP-FE7fPshldVPjNSMb3XnAF0rCOsk=-E03BPsVkY1viMQ==&pm_ct=6d412816d5168761b6f4f836&pm_pl=1702872165381&pm_td=6942&pid=1000177&en=1.1&callback=__pm_glbl_ArfDu7dIkIaa4gc9C8xpfmDd._gc5&tt=opt&v=8e71a8c
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Mon, 18 Dec 2023 04:02:52 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
/
onetag-sys.com/usync/ Frame CC0F
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1702872166812&gdpr=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
isync
visitor.omnitagjs.com/visitor/ Frame 1FC0
6 KB
2 KB
Document
General
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
4c27cc14f780ed75750558f4eef6e093a7270f6a97fe86504fa3f59e6fa8692f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1648
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:52 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
4
usync.html
eus.rubiconproject.com/ Frame F3AF
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Dec 2023 04:02:52 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
csync.smilewanted.com/ Frame 5FF0
6 KB
2 KB
Document
General
Full URL
https://csync.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f64367cbf01a066e916b86c8987a7f35b1e4ec23798f37819402f62f03c5e5a

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
837483464bebe05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:52 GMT
server
cloudflare
vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame E376
9 KB
4 KB
Document
General
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.154.83 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
63708
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 17 Dec 2023 10:21:05 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 ecddf7c2880cdca1fc448f578fd6d1d8.cloudfront.net (CloudFront)
x-amz-cf-id
YbtO-HZwg3YwjRROmH__ShC1QRj9_3YFpUYj6tW_qf_82urHtsqmWg==
x-amz-cf-pop
LAX53-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
isyn
prebid.a-mo.net/ Frame 2EB8
360 B
324 B
Document
General
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CsQBShJ3d3cuaGF3dGNlbGVicy5jb21SC2Fhcy0xYWMwOWE4WghwYmExLjMuM2oSd3d3Lmhhd3RjZWxlYnMuY29t-gEGOC4yNC4w6AIBiAPkiP-rBqgDMeoDJDk0Y2ZhNjNlLTI2MDktNGE4ZS1iNzgzLTYxZjU4MGQ5OTExNKoEA0RDSLIFA1VTRNIFCTEwNTE5OTU0MtgFAeAFAeoFB2Rlc2t0b3D6BQNzZ3CqBwN3ZWLKBw5oYXd0Y2VsZWJzLmNvbeAHAQ
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
b03d9834bb5da50c6a1cf6dd2f3ed2c45d9dbe7bec3124cc9a13dc88a72dc991

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
266
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 04:02:52 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
match
match.360yield.com/ Frame 3FB6
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=84&publisher_user_id=f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&publisher_dsp_id=370&publisher_call_type=redirect&publisher_redirecturl=https://ap-ice....
  • https://match.360yield.com/match?publisher_dsp_id=370&gdpr=0&gdpr_consent=&external_user_id=3831266057273496277
43 B
424 B
Image
General
Full URL
https://match.360yield.com/match?publisher_dsp_id=370&gdpr=0&gdpr_consent=&external_user_id=3831266057273496277
Protocol
H2
Server
18.141.75.199 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-75-199.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 18 Dec 2023 04:02:52 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://match.360yield.com/match?publisher_dsp_id=370&gdpr=0&gdpr_consent=&external_user_id=3831266057273496277
date
Mon, 18 Dec 2023 04:02:51 GMT
content-length
0
prebid
b1h.zemanta.com/usersync/ Frame 3FB6
26 B
315 B
Image
General
Full URL
https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

P3p
CP="We do not support P3P header."
Date
Mon, 18 Dec 2023 04:02:52 GMT
Content-Length
26
Content-Type
image/gif
v1
match.sharethrough.com/sync/ Frame 3FB6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=45d05fd7-b774-43df-ba7c-91fe06509f64&gdpr=0&gdpr_consent=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=45d05fd7-b774-43df-ba7c-91fe06509f64&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.220.199.193 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-199-193.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:52 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=45d05fd7-b774-43df-ba7c-91fe06509f64&gdpr=0&gdpr_consent=
date
Mon, 18 Dec 2023 04:02:52 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 3FB6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1294&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=tYyXe2fcCnEgDUj176HQNZKu&source_user_id=7965596858226237483&gdpr=0&gdpr_consent=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=tYyXe2fcCnEgDUj176HQNZKu&source_user_id=7965596858226237483&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.220.199.193 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-199-193.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:52 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://match.sharethrough.com/sync/v1?source_id=tYyXe2fcCnEgDUj176HQNZKu&source_user_id=7965596858226237483&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
match
ad.360yield.com/ Frame 3FB6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&google_hm=ZjFjZjNlODUtNGVmYi00ZWM2LThlMTAtZDA1YWExMmM1Nzg2&dsp_callback=0
  • https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEMS9RO6fjNRTE2Q2eiweDkM&google_cver=1
43 B
433 B
Image
General
Full URL
https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEMS9RO6fjNRTE2Q2eiweDkM&google_cver=1
Protocol
H2
Server
18.141.75.199 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-75-199.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 18 Dec 2023 04:02:52 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEMS9RO6fjNRTE2Q2eiweDkM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 3FB6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQAE4DBJ-U-JCL5&gdpr=0
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQAE4DBJ-U-JCL5&gdpr=0
Protocol
H2
Server
52.220.199.193 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-199-193.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:52 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQAE4DBJ-U-JCL5&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
Expires
0
match
match.360yield.com/ Frame 3FB6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8c8-hU77TsaOENBaoSxXhg&google_cm&dsp_callback=0&publisher_dsp_id=340
  • https://match.360yield.com/match?dsp_callback=0&publisher_dsp_id=340&google_gid=CAESEGPNg-DynbRV4RiY_JLSAG8&google_cver=1
43 B
434 B
Image
General
Full URL
https://match.360yield.com/match?dsp_callback=0&publisher_dsp_id=340&google_gid=CAESEGPNg-DynbRV4RiY_JLSAG8&google_cver=1
Protocol
H2
Server
18.141.75.199 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-75-199.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 18 Dec 2023 04:02:52 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.360yield.com/match?dsp_callback=0&publisher_dsp_id=340&google_gid=CAESEGPNg-DynbRV4RiY_JLSAG8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ad.360yield.com/ Frame 3FB6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=improve&publisher_user_id=f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&publisher_dsp_id=191&publisher_call_type=redirect&publisher_redirecturl=https://ap-ice.360yield.com/m...
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=improve&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=improve&gdpr=0&user_id=vyRGPuolR22kcBRh7yFcPuwoQjmkIUFh7SkhU4z5
  • https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=0&gdpr_consent=
43 B
443 B
Image
General
Full URL
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=0&gdpr_consent=
Protocol
H2
Server
18.141.75.199 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-75-199.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 18 Dec 2023 04:02:52 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Location
//ad.360yield.com/match?publisher_dsp_id=191&external_user_id=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=0&gdpr_consent=
Date
Mon, 18 Dec 2023 04:02:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
45d05fd7-b774-43df-ba7c-91fe06509f64
map.go.affec.tv/map/ttd/ Frame 3FB6
Redirect Chain
  • https://go.affec.tv/i/63886d3155f992ad608ace30?af_mp=0&publisher_user_id=f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&publisher_dsp_id=440&publisher_call_type=redirect&publisher_redirecturl=https://ap-ice....
  • https://match.360yield.com/match?external_user_id=657fc4655d4b1a0001b44aac&gdpr=&gdpr_consent=&publisher_dsp_id=440&r=https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fim%2F%3Fpublisher_user_id%3D%7BPUB_USER_I...
  • https://map.go.affec.tv/map/im/?publisher_user_id=f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&redir=//go.affec.tv/px
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D657fc46c5d4b1a0001b45256%26chc%3Dim%26redirect_url%3D%26gdpr%3D%255BGDPR_APPLIES%255D%26gdpr_consent%3D%255B...
  • https://map.go.affec.tv/map/an/3456854436429190532?ch=657fc46c5d4b1a0001b45256&chc=im&redirect_url=&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D&gdpr=[GDPR_APPLIES]&gdpr_conse...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D
  • https://map.go.affec.tv/map/ttd/45d05fd7-b774-43df-ba7c-91fe06509f64?ttd_puid=&gdpr=0&gdpr_consent=
0
654 B
Image
General
Full URL
https://map.go.affec.tv/map/ttd/45d05fd7-b774-43df-ba7c-91fe06509f64?ttd_puid=&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.76.7.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-7-220.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
content-encoding
gzip
vary
Accept-Encoding

Redirect headers

location
https://map.go.affec.tv/map/ttd/45d05fd7-b774-43df-ba7c-91fe06509f64?ttd_puid=&gdpr=0&gdpr_consent=
date
Mon, 18 Dec 2023 04:02:53 GMT
server
Kestrel
content-length
229
v1
match.sharethrough.com/sync/ Frame 3FB6
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=s&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DxTFJbLbs37tyhbKsPP9VC2cm%26source_user_id%3D%24UID
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=84e8bd6444
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=84e8bd6444
Protocol
H2
Server
52.220.199.193 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-199-193.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:52 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Mon, 18 Dec 2023 04:02:52 GMT
via
1.1 d51ceda436f155dcdc6b24ba6dcf73cc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT57-C4
x-cache
Miss from cloudfront
location
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=84e8bd6444
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
X2p2lPApe0W-t9B3Zy5ufmjGaLPs0BUckvBHsPi_xjrQxcPv-cPciQ==
v1
match.sharethrough.com/sync/ Frame 3FB6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=15&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232&gdpr=0&gdpr_consent=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.220.199.193 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-199-193.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:52 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232&gdpr=0&gdpr_consent=
Date
Mon, 18 Dec 2023 04:02:52 GMT
Connection
keep-alive
Content-Length
201
Content-Type
text/html; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame F3AF
45 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
21b94bd9b58330fa42dedc329873a15eed8ea727c0482531798752e30664bcbd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Dec 2023 02:06:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79425
Connection
keep-alive
Content-Length
13202
Expires
Tue, 19 Dec 2023 02:06:37 GMT
cframe.js
assets.a-mo.net/js/ Frame 2EB8
13 KB
6 KB
Script
General
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CsQBShJ3d3cuaGF3dGNlbGVicy5jb21SC2Fhcy0xYWMwOWE4WghwYmExLjMuM2oSd3d3Lmhhd3RjZWxlYnMuY29t-gEGOC4yNC4w6AIBiAPkiP-rBqgDMeoDJDk0Y2ZhNjNlLTI2MDktNGE4ZS1iNzgzLTYxZjU4MGQ5OTExNKoEA0RDSLIFA1VTRNIFCTEwNTE5OTU0MtgFAeAFAeoFB2Rlc2t0b3D6BQNzZ3CqBwN3ZWLKBw5oYXd0Y2VsZWJzLmNvbeAHAQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:52 GMT
via
1.1 afb297fdc21cc738a9f3330dec8548d4.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
NRT12-C5
age
140
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"e3fef3a35c249816d0d7aa58df5e6bf4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
83748346ccf26845-NRT
x-amz-cf-id
yVTgPXCOjN6hJqgH6eSsac1EKJPfyukDMA-3xZdJKCxYcsANvWqACA==
expires
Mon, 18 Dec 2023 05:02:52 GMT
u
id.a-mx.com/ Frame 2EB8
0
0

sync
visitor-usa02.omnitagjs.com/visitor/ Frame 1FC0
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2f...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=3456854436429190532&gdpr=0&gdpr_consent=&gdpr=0&gdpr_c...
49 B
181 B
Image
General
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=3456854436429190532&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
89
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
an-x-request-uuid
7d661c24-7cf6-4663-958e-39bb1cfeb393
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=3456854436429190532&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 1FC0
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26vis...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=3456854436429190532&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
49 B
181 B
Image
General
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=3456854436429190532&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
63
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
an-x-request-uuid
a58fdf8e-03ca-45f9-97d7-314664ecb7a6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=3456854436429190532&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 1FC0
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
49 B
180 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
6
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT, Mon, 18 Dec 2023 04:02:52 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ayl_pixel
api-2-0.spot.im/pixels/ Frame 1FC0
0
0

sync
visitor.omnitagjs.com/visitor/ Frame 1FC0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adyoulike&bsw_param=a18511a8-4739-4f63-9f2a-764feaa38b34&google_hm=YTE4NTExYTgtNDczOS00ZjYzLTlmMmEtNzY0ZmVhYTM4YjM0
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAp82Y1T4suROUnaVSX6dLI&google_cver=1&ssp=adyoulike&bsw_param=a18511a8-4739-4f63-9f2a-764feaa38b34
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=a18511a8-4739-4f63-9f2a-764feaa38b34&name=BIDSWITCH&gdpr=&gdpr_consent=
49 B
180 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=a18511a8-4739-4f63-9f2a-764feaa38b34&name=BIDSWITCH&gdpr=&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

Location
//visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=a18511a8-4739-4f63-9f2a-764feaa38b34&name=BIDSWITCH&gdpr=&gdpr_consent=
Date
Mon, 18 Dec 2023 04:02:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 1FC0
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De77031af...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=d8ffadde7e6cec391fc4698eed7655b0&gdpr=0&gdpr_consent=
49 B
178 B
Image
General
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=d8ffadde7e6cec391fc4698eed7655b0&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

date
Mon, 18 Dec 2023 04:02:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=d8ffadde7e6cec391fc4698eed7655b0&gdpr=0&gdpr_consent=
access-control-allow-credentials
true
cf-ray
837483482e6ae05a-NRT
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
aul
match.prod.bidr.io/cookie-sync/ Frame 1FC0
20 B
20 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/aul
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.237.108 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-237-108.ap-northeast-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
3b4790db39169dba45a44fd79ec37da5557302627546df0adcde836570ace0bc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
20
content-type
text/plain
sync
visitor.omnitagjs.com/visitor/ Frame 1FC0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=45d05fd7-b774-43df-ba7c-91fe06509f64&name=THE_TRADE_DESK
49 B
189 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=45d05fd7-b774-43df-ba7c-91fe06509f64&name=THE_TRADE_DESK
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=45d05fd7-b774-43df-ba7c-91fe06509f64&name=THE_TRADE_DESK
date
Mon, 18 Dec 2023 04:02:52 GMT
server
Kestrel
content-length
319
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 1FC0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=hzidrib9tQE7W3yXPLN4&gdpr=0&gdpr_consent=&gdpr=0
49 B
178 B
Image
General
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=hzidrib9tQE7W3yXPLN4&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:52 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=hzidrib9tQE7W3yXPLN4&gdpr=0&gdpr_consent=&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
217
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 1FC0
Redirect Chain
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdp...
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=95316415-6455-41aa-b917-892edbaccb8c%20&gdpr_consent=null&gdpr=0
49 B
178 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=95316415-6455-41aa-b917-892edbaccb8c%20&gdpr_consent=null&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=95316415-6455-41aa-b917-892edbaccb8c &gdpr_consent=null&gdpr=0
date
Mon, 18 Dec 2023 04:02:53 GMT
server
_
content-length
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 1FC0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visit...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=hzidrib9tQE7W3yXPLN4&gdpr=0&gdpr_consent=&gdpr=0
49 B
178 B
Image
General
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=hzidrib9tQE7W3yXPLN4&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:53 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=hzidrib9tQE7W3yXPLN4&gdpr=0&gdpr_consent=&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
221
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 1FC0
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&gdpr=0&gdpr_consent=
49 B
178 B
Image
General
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C&gdpr=0&gdpr_consent=
date
Mon, 18 Dec 2023 04:02:52 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
216
content-type
text/html; charset=utf-8
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 1FC0
Redirect Chain
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09ee220400c20f648f2a7e85&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
49 B
178 B
Image
General
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09ee220400c20f648f2a7e85&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09ee220400c20f648f2a7e85&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
date
Mon, 18 Dec 2023 04:02:53 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame 1FC0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232&name=STACKADAPT&gdpr=0&gdpr_consent=
49 B
180 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232&name=STACKADAPT&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232&name=STACKADAPT&gdpr=0&gdpr_consent=
Date
Mon, 18 Dec 2023 04:02:52 GMT
Connection
keep-alive
Content-Length
220
Content-Type
text/html; charset=utf-8
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 1FC0
0
0
Image
General
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DRISE_CODES%26ttl%3D720%26uid%3D48b439bcf2930e6408d6e795f7f1cdd2%26visitor%3D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.214.250.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-236.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pixel
ap.lijit.com/ Frame 1FC0
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 18 Dec 2023 04:02:53 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 1FC0
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=00cefed71db242f482ccb75a903e683c&gdpr=0&gdpr_consent=
49 B
205 B
Image
General
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=00cefed71db242f482ccb75a903e683c&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
22
content-length
49
expires
0

Redirect headers

Date
Mon, 18 Dec 2023 04:02:53 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=00cefed71db242f482ccb75a903e683c&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
101967
jadserve.postrelease.com/suid/ Frame 1FC0
43 B
534 B
Image
General
Full URL
https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.95.187 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 1FC0
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=5a45b45b-3759-5460-9a2f-075cff50c334&name=BETWEENX&gdpr=0&gdpr_consent=
49 B
181 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=5a45b45b-3759-5460-9a2f-075cff50c334&name=BETWEENX&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
72
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=5a45b45b-3759-5460-9a2f-075cff50c334&name=BETWEENX&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame 1FC0
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=48667174-16df-4ab3-a314-0418cacaab71&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
49 B
181 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=48667174-16df-4ab3-a314-0418cacaab71&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
25
content-length
49
expires
0

Redirect headers

x-servername
track006-sjc
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:18 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=48667174-16df-4ab3-a314-0418cacaab71&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
cache-control
private,no-cache
content-length
315
expires
-1
711333.gif
id.rlcdn.com/ Frame 1FC0
42 B
296 B
Image
General
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usync.html
eus.rubiconproject.com/ Frame A335
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Dec 2023 04:02:52 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 18 Dec 2023 04:02:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 7968
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Dec 2023 04:02:52 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 18 Dec 2023 04:02:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame F254
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame FB7C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Dec 2023 04:02:52 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 18 Dec 2023 04:02:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
de.tynt.com/deb/ Frame 4D9D
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26v...
998 B
2 KB
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
3363b53644a153bc7f22e29963708f849257573b731fda4f94db38368438bb5d

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
998
content-type
text/html
date
Mon, 18 Dec 2023 04:02:52 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 18 Dec 2023 04:02:52 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP009
x-33x-status
8340000A
sync
ssbsync.smartadserver.com/api/ Frame 8799
1010 B
1 KB
Document
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
70a1d5296c9fbf75d86330788eb63f05afb3e3ed495a7f56766217b0169c5548

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
1010
content-type
text/html
date
Mon, 18 Dec 2023 04:02:52 GMT
usync.js
eus.rubiconproject.com/ Frame A335
45 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
21b94bd9b58330fa42dedc329873a15eed8ea727c0482531798752e30664bcbd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Dec 2023 02:06:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79425
Connection
keep-alive
Content-Length
13202
Expires
Tue, 19 Dec 2023 02:06:37 GMT
usync.js
eus.rubiconproject.com/ Frame FB7C
45 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
21b94bd9b58330fa42dedc329873a15eed8ea727c0482531798752e30664bcbd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Dec 2023 02:06:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79425
Connection
keep-alive
Content-Length
13202
Expires
Tue, 19 Dec 2023 02:06:37 GMT
usync.js
eus.rubiconproject.com/ Frame 7968
45 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
21b94bd9b58330fa42dedc329873a15eed8ea727c0482531798752e30664bcbd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Dec 2023 02:06:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79425
Connection
keep-alive
Content-Length
13202
Expires
Tue, 19 Dec 2023 02:06:37 GMT
khaos.json
token.rubiconproject.com/ Frame A335
7 B
777 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQAE4DBJ-U-JCL5
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e8ee3bea2ab086361542c3b52b688813
Expires
0
khaos.json
token.rubiconproject.com/ Frame FB7C
7 B
777 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQAE4DBJ-U-JCL5
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
Expires
0
khaos.json
token.rubiconproject.com/ Frame 7968
7 B
777 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQAE4DBJ-U-JCL5
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e8ee3bea2ab086361542c3b52b688813
Expires
0
dc_oe=ChMIzaCxk42YgwMVflDCBR3cXQDkEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCObejpONmIMDFYeW6QUdj4IJuQ;dc_rmcid=CAQSTgAvHhf_YJlZ-ZvCOT-PQl99i0DAxjz4JPpLzG8B4FS84QzpsCxbPC9RsS9aadoBMYvhWNS...
ade.googlesyndication.com/ddm/activity/ Frame 6775
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzaCxk42YgwMVflDCBR3cXQDkEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCObejpONmIMDFYeW6QUdj4IJuQ;dc_rmcid=CAQSTgAvHhf_YJlZ-ZvCOT-PQl99i0DAxjz4JPpLzG8B4FS84QzpsCxbPC9RsS9aadoBMYvhWNSsGc28mr3th5ofAZfspFUXTVQ_catM6sexPxgB;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOliHr42TjZiDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D0,8109,0,0,0%26mtos%3D0,8109,8109,8109,8109%26amtos%3D0,0,0,0,0%26mcvt%3D8109%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D8383%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D7%26pst%3D274%26dur%3D11520%26vmtime%3D8426%26dtos%3D2699%26dtoss%3D4%26dvs%3D2699%26dfvs%3D0%26dvpt%3D2699%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D33555219%26c%3D0.92%26mc%3D0.92%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,2699,2699,2699,2699%26qnc%3D0.92%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D667307141%26psm%3D511%26psv%3D510%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,200103cs,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,8109;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1702872164468;ecn1=1;etm1=0;eid1=960585;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6775
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CUWlnY8R_ZaahEIetpt8Pj4WmyAv1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEtAJP0J2ioVEDabUuJHHGsAskP4-nAmv5CJc_03aqVR9WU9fFoeAcTskWblJq_etiGTpJwMUftd5-wjqd4H9qkMdxTuTQPjWGfXwaXbgciYJ0k_AlvBMjAuYbW_HqA_R61uqkdOhf1tfPpSdzuctYc42i_rOqQC6GvYjPAs1Tf4fKslceldLPLqqB4ay7b0zw0FYLInGFNw0XKz22WjqVvQLG6dbSwAo4WlPCzMa-PZ8YNZGl70XPXwzRsumHV0onN_Mpz95f_xFwky_6bDn7ksxzBY-hgLUodP99r0g_JW21ko0kdXjeHLPZf6n2BixIkbr1WqT36jMULcHZZNjw6xgWWPlRBd1d3O7x5CyXchOH_TXIY-C318CgY-u2qj86JaLFk8YdsIBp0jrsBBwwMLFLKpmqn8AEyZHuzckE4AQDiAWBoM65TZAGAaAGdoAH6pCVvgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOliHr42TjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAeALAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJKUOINEwjI2Y2TjZiDAxWHlukFHY-CCbmwE8qjyBXIE96B9-MD2BMKiBQC2BQB0BUB-BYBgBcB6BcD&sigh=nSVoW9JCFIY&label=videoplaytime75&ad_mt=8427&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D0,8109,0,0,0%26mtos%3D0,8109,8109,8109,8109%26amtos%3D0,0,0,0,0%26mcvt%3D8109%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D8383%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D7%26pst%3D274%26dur%3D11520%26vmtime%3D8426%26dtos%3D2699%26dtoss%3D4%26dvs%3D2699%26dfvs%3D0%26dvpt%3D2699%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D33555219%26c%3D0.92%26mc%3D0.92%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,2699,2699,2699,2699%26qnc%3D0.92%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D667307141%26psm%3D511%26psv%3D510%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,200103cs,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,8109&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1702872164468
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIl9izk42YgwMVz07CBR31tw4nEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCMaxmJONmIMDFfWc6QUd-J0DWQ;dc_rmcid=CAQSTwAvHhf_iRiOLW1GIisVlHLNhZMzjrC4s_iPWwpPRd9Cso9beA7qbo95jAANc-ecRBhtPaU...
ade.googlesyndication.com/ddm/activity/ Frame 96FB
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIl9izk42YgwMVz07CBR31tw4nEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCMaxmJONmIMDFfWc6QUd-J0DWQ;dc_rmcid=CAQSTwAvHhf_iRiOLW1GIisVlHLNhZMzjrC4s_iPWwpPRd9Cso9beA7qbo95jAANc-ecRBhtPaUSNN5YmyAnax70VjCs-vPvYbwZY-NrGx0xQRMYAQ;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOljF6paTjZiDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D8244,0,0,0,0%26mtos%3D8244,8244,8244,8244,8244%26amtos%3D0,0,0,0,0%26mcvt%3D8244%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D8492%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D44%26pst%3D287%26dur%3D11520%26vmtime%3D8514%26dtos%3D2968%26dtoss%3D4%26dvs%3D2968%26dfvs%3D2968%26dvpt%3D2968%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2968,2968,2968,2968,2968%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D758656306%26psm%3D511%26psv%3D510%26psfv%3D510%26psa%3D0%26pngs%3D9s,14,200103cs,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,8244;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1702872164319;ecn1=1;etm1=0;eid1=960585;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 96FB
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHIWLY8R_ZYb0GfW5pt8P-LuOyAX1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEtAJP0DbzkXxr76XuaKkAMrME5jPxg7JKoE9U_BCsYiMVOCMK__Nj5NIW2ofc0_vMGYBXbSxXyKC7fM7AWow5QDLi1ckV5fTJxKVGXo_6rok0aBmQgGwCfZT15ZoTiRJzFSC2w2S_gipooA6JU6_bYL2Eoxz6Gd7Wy5iUwI0rl7_LI5AibGaDhdR8EM-GHoJissMzbJGVkkJN7pVAG64hIdPYFUvhuE9eiqQqDeA3YWnFBU9IR1cu_GUD84Aq_JDeG9XclBeM_xmG9xw7oQygWGquk_ZFjddJ-ITpjb45FaHYuJYo0odsw4tnEBkP2bnvoXJKDBgCX8eNyec7vKQ0K5RyNOw-Qo987pKScaNuMioPFjUeGKSt_pDgx_uQWL4--07-CF1_uIx3H_DguCBorQcBVR0SIcAEyZHuzckE4AQDiAWBoM65TZAGAaAGdoAH6pCVvgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOljF6paTjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAeALAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJKUOINEwjenpeTjZiDAxX1nOkFHfidA1mwE8qjyBXIE96B9-MD2BMKiBQC2BQB0BUB-BYBgBcB6BcD&sigh=1Bd1ouNDuoc&label=videoplaytime75&ad_mt=8514&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D8244,0,0,0,0%26mtos%3D8244,8244,8244,8244,8244%26amtos%3D0,0,0,0,0%26mcvt%3D8244%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D8492%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D44%26pst%3D287%26dur%3D11520%26vmtime%3D8514%26dtos%3D2968%26dtoss%3D4%26dvs%3D2968%26dfvs%3D2968%26dvpt%3D2968%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2968,2968,2968,2968,2968%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D758656306%26psm%3D511%26psv%3D510%26psfv%3D510%26psa%3D0%26pngs%3D9s,14,200103cs,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,8244&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1702872164319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 5FF0
48 KB
12 KB
Script
General
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
2053512
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
837483486ea7e05a-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 6D54
0
587 B
Document
General
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
837483488ee2e05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:53 GMT
server
cloudflare
vary
Accept-Encoding
3831266057273496277
csync.smilewanted.com/set_partner_userid_get/smart/ Frame 12B0
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://csync.smilewanted.com/set_partner_userid_get/smart/3831266057273496277
0
429 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/3831266057273496277
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
837483490fade05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:53 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Mon, 18 Dec 2023 04:02:52 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/3831266057273496277
sync
visitor.omnitagjs.com/visitor/ Frame 8799
49 B
178 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=3831266057273496277&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0
v1
match.sharethrough.com/sync/ Frame 8799
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3831266057273496277&gdpr=0&gdpr_consent=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3831266057273496277&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.220.199.193 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-199-193.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3831266057273496277&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 8799
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09ee220400896e30d8c89a64&gdpr=0&gdpr_consent=
43 B
564 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09ee220400896e30d8c89a64&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.56 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09ee220400896e30d8c89a64&gdpr=0&gdpr_consent=
date
Mon, 18 Dec 2023 04:02:53 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 8799
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MzgzMTI2NjA1NzI3MzQ5NjI3Nw==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEL3wiyWyCDtc8A1tOXg0JNk&gdpr=0&gdpr_consent=&google_cver=1
43 B
511 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEL3wiyWyCDtc8A1tOXg0JNk&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.56 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEL3wiyWyCDtc8A1tOXg0JNk&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 8799
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=45d05fd7-b774-43df-ba7c-91fe06509f64&gdpr=0&gdpr_consent=
43 B
520 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=45d05fd7-b774-43df-ba7c-91fe06509f64&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.56 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=45d05fd7-b774-43df-ba7c-91fe06509f64&gdpr=0&gdpr_consent=
date
Mon, 18 Dec 2023 04:02:52 GMT
server
Kestrel
content-length
299
3456854436429190532
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame A5D2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/3456854436429190532
0
437 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/3456854436429190532
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
837483495833e05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:53 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
bf407490-b4cc-48d0-9fbd-8b0620e4d545
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 04:02:52 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/3456854436429190532
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
13926
g2.gumgum.com/usync/ Frame CA13
3 KB
1 KB
Document
General
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.231.25.160 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a4b944b33ea343a98b1b45d9b07dcf90eac92be9b715c8220d0f7c4067cb80a1

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 18 Dec 2023 04:02:52 GMT
etag
W/"0070e052635399291c913eda4ec7f5433"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 73CD
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 67A7
872 B
974 B
Document
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
a4116ec6bf9d337665a479eb0bdf5e38d16a9874afad2d145692ed6803034643

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
872
content-type
text/html
date
Mon, 18 Dec 2023 04:02:52 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 9085
1 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b02268d59f15c37bf4c8d701a814fb8518ed3ad3735a34ac2eabdc9318da7b3

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
837483490e97f6fa-NRT
content-encoding
br
content-type
text/html
date
Mon, 18 Dec 2023 04:02:52 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lajSsjS8lWj1s%2B7BHL8qlU%2BpGZYyUSJAIxT2kgAy6CMrWcj%2F2XOGYEZ92t82H6ZbvQbj4YEISfRzCypSFJ9aYYypV7kyTp3KvlibR6Lxhwjg3XsPwCOrzcsf54MiV5%2FwyUraZo0AucAHjw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5310
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Dec 2023 04:02:52 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 18 Dec 2023 04:02:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 60A4
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=113798
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 18 Dec 2023 04:02:52 GMT
expires
Tue, 19 Dec 2023 11:39:30 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 6353
398 B
1016 B
Document
General
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c4:9400:1f:4c18:bd40:93a1 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
0d84a8c1a73a3eaea2d0ffb16006c3b624a5fce03e877009c304fa553d86598a

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
398
content-type
text/html
date
Mon, 18 Dec 2023 04:02:53 GMT
server
istio-envoy
via
1.1 0922677d7a4dc7dd73582b22ecc5c332.cloudfront.net (CloudFront)
x-amz-cf-id
rY_KRg1cJ84y4Md3LJgFxhhUyRGqcS4qFVxJYUFv2_-y0ITK9HwAfA==
x-amz-cf-pop
NRT57-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
3
user-sync
sync.adkernel.com/ Frame D99E
1 KB
1 KB
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.130.169.24 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4f47487cd6e354bbc7cb8d6e40cc937c30c8ed776d256bfc51c543e9b1b54809

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 18 Dec 2023 04:02:53 GMT
Server
nginx
Transfer-Encoding
chunked
sync-iframe
cs-server-s2s.yellowblue.io/ Frame A86E
145 B
598 B
Document
General
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.214.250.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-236.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
bef9909bdcd3e7c6632326f1f3f166b340d5411667f36129c145d69ec38a02ea

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
145
content-type
text/html
date
Mon, 18 Dec 2023 04:02:53 GMT
server
istio-envoy
x-envoy-upstream-service-time
4
sync
ads.servenobid.com/ Frame E376
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=3456854436429190532
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=312&uid=3456854436429190532
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
an-x-request-uuid
43a6136d-636d-4e2b-a60b-6acf5f789d6a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=3456854436429190532
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame E376
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=H1vSCLZH1GFpiRLqQlWJzlOb
0
350 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=310&uid=H1vSCLZH1GFpiRLqQlWJzlOb
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:53 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=H1vSCLZH1GFpiRLqQlWJzlOb
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1sea1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame E376
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=310&uid=H1vSCLZH1GFpiRLqQlWJzlOb
0
350 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=310&uid=H1vSCLZH1GFpiRLqQlWJzlOb
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Mon, 18 Dec 2023 04:02:53 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=H1vSCLZH1GFpiRLqQlWJzlOb
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync
ads.servenobid.com/ Frame E376
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2069.26%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=719234585
  • https://sync.1rx.io/usersync3/appnexus/2069.26/3456854436429190532?zcc=0&sspret=1&rndcb=719234585
  • https://sync.targeting.unrulymedia.com/csync/RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
  • https://ads.servenobid.com/sync?pid=321&uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
0
361 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
date
Mon, 18 Dec 2023 04:02:53 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXcbc9ef06f4124a65a669479c1b0eafed004
content-type
text/html
sync
ads.servenobid.com/ Frame E376
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1976306195132350986
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1976306195132350986
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1976306195132350986
Date
Mon, 18 Dec 2023 04:02:53 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame E376
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=643a2bf9-4a90-4828-b0f4-6d74658c8e3b
0
357 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=332&uid=643a2bf9-4a90-4828-b0f4-6d74658c8e3b
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:55 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-25
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.servenobid.com/sync?pid=332&uid=643a2bf9-4a90-4828-b0f4-6d74658c8e3b
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
u
id.a-mx.com/ Frame E376
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F33507%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D1YN-%26A%3D1f38f475-74a1-4382-b...
0
0

sync
ads.servenobid.com/ Frame E376
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-3kMXH6tE2uFQJwlaEomAZmA40ujPgZp.Ci3pHIw-~A
0
367 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-3kMXH6tE2uFQJwlaEomAZmA40ujPgZp.Ci3pHIw-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-3kMXH6tE2uFQJwlaEomAZmA40ujPgZp.Ci3pHIw-~A
date
Mon, 18 Dec 2023 04:02:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame E376
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-e781848b-10d2-3c7f-ba2b-4d98c447d3ac
0
358 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-e781848b-10d2-3c7f-ba2b-4d98c447d3ac
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-e781848b-10d2-3c7f-ba2b-4d98c447d3ac
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame E376
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-3kMXH6tE2uFQJwlaEomAZmA40ujPgZp.Ci3pHIw-~A
0
367 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-3kMXH6tE2uFQJwlaEomAZmA40ujPgZp.Ci3pHIw-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-3kMXH6tE2uFQJwlaEomAZmA40ujPgZp.Ci3pHIw-~A
date
Mon, 18 Dec 2023 04:02:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame E376
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://ads.servenobid.com/sync?pid=351&uid=6ac368a7-0a41-45c6-a666-84d78d8f6519&gdpr=0
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=351&uid=6ac368a7-0a41-45c6-a666-84d78d8f6519&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=351&uid=6ac368a7-0a41-45c6-a666-84d78d8f6519&gdpr=0
date
Mon, 18 Dec 2023 04:02:53 GMT
content-length
0
sync
ads.servenobid.com/ Frame E376
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=3458737661274461000V10
0
346 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=353&uid=3458737661274461000V10
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 18 Dec 2023 04:02:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=3458737661274461000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 18 Dec 2023 04:02:53 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 7968
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&khaos=LQAE4DBJ-U-JCL5
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQAE4DBJ-U-JCL5&name=RUBICON&gdpr=0
49 B
180 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQAE4DBJ-U-JCL5&name=RUBICON&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
8
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQAE4DBJ-U-JCL5&name=RUBICON&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7ab15ef0d9c4b64200bd5d6be68979a8
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 9085
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=YrPDojeywvF555H9MrbZojG_x6V5tsT9ML7fAa6D
43 B
733 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=YrPDojeywvF555H9MrbZojG_x6V5tsT9ML7fAa6D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POkje9rnEPubyC1hbE5TEx5WZDSvV6L0pTLFsUaevNhx4BRtKPeJFSCHk0pkNMEPZX5xweEc%2B7knxMhmmAOP0Mnh8wAA6VHycf27TeLbTiFzp4bFvsfDEOOgTdeAgLs8iVMBOK%2FdJh8VhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83748349aefff6fa-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=YrPDojeywvF555H9MrbZojG_x6V5tsT9ML7fAa6D
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9085
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718683373&external_user_id=a0c82877-73af-4d52-8f4a-37a0462ba4c0
43 B
735 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718683373&external_user_id=a0c82877-73af-4d52-8f4a-37a0462ba4c0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYf1YCdbne19l79S00UBhaYeOh0%2F9dXz5Ij2SZIV9Zos3VUET9f0ACfMrMLz68qTX23m6lPL7ba7WN3jgziCPx2PsBtjpkM2PngCFgDa%2FGE8RWoOKi%2FH2gkNC7MZECGieJxs0NToX6N39g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8374834a3f7df6fa-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 18 Dec 2023 04:02:53 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718683373&external_user_id=a0c82877-73af-4d52-8f4a-37a0462ba4c0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame 9085
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7380707807691766283
43 B
737 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7380707807691766283
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCoyw%2F%2BMMxEvMzmpqvfPNci5YyO9qPEn85j%2BkiauusbexTNouOcOSTqOJNx7h6Gxpj7Z0HsBSnzN%2FhQuAxCdarNW38HXeuNo%2FkW0UwLNYs20Ev1o0UjKwiI8o9OWHYslFNAaG5ULTZinMA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83748349aefbf6fa-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7380707807691766283
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 9085
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=77E8C90F12574DEC950120C50FB7BA09
43 B
732 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=77E8C90F12574DEC950120C50FB7BA09
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9sBf9JES84hozYz0SJ9AlS8e4aG1YPUrpZaISG3cgHdV%2BrAa4O3E5dFTRjp4MzlN5DwSSbFPvYL7mRkkqqtuY0OXTFB2NIt45RQPuGfpUc282jc9Xkcw6BBu1iLFEjplIvHe1kf%2BEKolA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83748349bf0af6fa-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 18 Dec 2023 04:02:53 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=77E8C90F12574DEC950120C50FB7BA09
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 17 Dec 2023 04:02:53 GMT
crum
dsum-sec.casalemedia.com/ Frame 9085
Redirect Chain
  • https://dynalyst-sync.adtdp.com/cookie/sync?pid=43
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=216&external_user_id=a32f81a5-206f-4e41-b59c-8baf39af49b6
43 B
737 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=216&external_user_id=a32f81a5-206f-4e41-b59c-8baf39af49b6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4V%2Fp8vAvYUSbzH6AsLSvfpzkJEqdAOXIDNYrjBK5Exsq8DBVLUDQzPvOBa%2FWpQ1Wu5NCXwA4jkvlq8TIlaFUc36dB%2FRgzWvTONRNArfd5SD8hEfjzwLiNSf59mdGi4AZRhPqPWFu0UIKg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8374834aaff5f6fa-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=216&external_user_id=a32f81a5-206f-4e41-b59c-8baf39af49b6
Date
Mon, 18 Dec 2023 04:02:53 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 9085
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=1fa01134-44cf-4092-97a7-5ffb77006b7b
43 B
741 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=1fa01134-44cf-4092-97a7-5ffb77006b7b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqAbCwjlLJpsrjf6IIVr%2BJttKZXV65Ez4bkF6zmYThnuvMqNZj3WFPRYvi8t8%2Fx8m%2BMWpZjhTETfPBGjVd2%2F9qvvIc5gDhCBET8sjQJ02KrHeut1e%2FCQ0xVKu2QcFI9%2FYrWH%2ByCJRztgVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8374834ab804f6fa-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=1fa01134-44cf-4092-97a7-5ffb77006b7b
date
Mon, 18 Dec 2023 04:02:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
rtset
bh.contextweb.com/bh/ Frame 9085
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZX-EZaWFGjsPKn42Fi5GIwAA%265489&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1595%26userId%3D%24%7BUID%7D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1595&userId=a75166a0-ad35-4cf7-ac4f-5895eb6dfe39
  • https://bh.contextweb.com/bh/rtset?pid=561914&ev=1&us_privacy=$
49 B
751 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?pid=561914&ev=1&us_privacy=$
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
74.214.196.131 -, , ASN (),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
jp-JP
content-type
image/gif
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7fc76965fd-6dwz9
expires
-1

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:53 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://bh.contextweb.com/bh/rtset?pid=561914&ev=1&us_privacy=$
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702872173423031-69
rum
dsum.casalemedia.com/ Frame 9085
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=&gdpr_consent=&us_privacy=
43 B
734 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EiGE0s0WFfcOLtcqhAafFli6rFjTfSgQp9JUMNvW7OWbjc3q7ezpExeu%2FzGKChH7J2lI1Z8wUyEJiKwR2%2F7VpYfV7OieLyJKJP9eXztrRipWiMldrS6HTcT2Pn4F339tHaGEYn3F"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
837483494af4261b-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 18 Dec 2023 04:02:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.servenobid.com/ Frame 9085
0
357 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
LQAE4DBJ-U-JCL5
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 2EA5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LQAE4DBJ-U-JCL5?gdpr=0
0
433 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LQAE4DBJ-U-JCL5?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
83748349e8bfe05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:53 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LQAE4DBJ-U-JCL5?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
content-length
0
usync.js
eus.rubiconproject.com/ Frame 5310
45 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
21b94bd9b58330fa42dedc329873a15eed8ea727c0482531798752e30664bcbd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Dec 2023 02:06:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79424
Connection
keep-alive
Content-Length
13202
Expires
Tue, 19 Dec 2023 02:06:37 GMT
usersync
usersync.gumgum.com/ Frame CA13
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=3456854436429190532
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=3456854436429190532
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
an-x-request-uuid
ae7e41f7-966a-4ae6-b092-2e8b3743b925
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=3456854436429190532
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame CA13
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_a89f188c-1442-4e3e-9297-22e418a40ced&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://usersync.gumgum.com/usersync?b=bsw&i=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=0&gdpr_consent=&us_privacy=1---
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=a18511a8-4739-4f63-9f2a-764feaa38b34&gdpr=0&gdpr_consent=&us_privacy=1---
Date
Mon, 18 Dec 2023 04:02:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame CA13
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=69b24d1f-3cbf-4748-a0b8-886da2663df2
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=69b24d1f-3cbf-4748-a0b8-886da2663df2
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 18 Dec 2023 04:02:53 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=69b24d1f-3cbf-4748-a0b8-886da2663df2
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame CA13
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546$ip$146.70.201.232
Date
Mon, 18 Dec 2023 04:02:53 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame CA13
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-qYNO14dE2pd4MsHfIBXxN1RZxrW41ewqJ9pF~A
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-qYNO14dE2pd4MsHfIBXxN1RZxrW41ewqJ9pF~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 18 Dec 2023 04:02:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-qYNO14dE2pd4MsHfIBXxN1RZxrW41ewqJ9pF~A
content-length
0
usersync
usersync.gumgum.com/ Frame CA13
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=1289afad-d6a6-43c5-9bcf-ef2defef2b7a
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=1289afad-d6a6-43c5-9bcf-ef2defef2b7a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=1289afad-d6a6-43c5-9bcf-ef2defef2b7a
Date
Mon, 18 Dec 2023 04:02:53 GMT
Connection
keep-alive
X-CI-RTID
c4026ca5-bf76-4ce2-868a-24329ef04583
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame CA13
0
44 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 -, , ASN (),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:52 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame CA13
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_a89f188c-1442-4e3e-9297-22e418a40ced&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=hzidrib9tQE7W3yXPLN4&gdpr=0&us_privacy=1---
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=hzidrib9tQE7W3yXPLN4&gdpr=0&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:53 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=hzidrib9tQE7W3yXPLN4&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame CA13
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=6mue6nSQfQ4x&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
35 B
208 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=6mue6nSQfQ4x&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
13.231.25.160 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
jp-JP
location
https://rtb.gumgum.com/usersync?b=pln&i=6mue6nSQfQ4x&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7fc76965fd-6dwz9
expires
-1
usersync
usersync.gumgum.com/ Frame CA13
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=3831266057273496277
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3831266057273496277
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3831266057273496277
date
Mon, 18 Dec 2023 04:02:52 GMT
content-length
0
sync
ads.servenobid.com/ Frame CA13
0
357 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_a89f188c-1442-4e3e-9297-22e418a40ced
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame 501C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=7965596858226237483&gdpr=0&gdpr_consent=
35 B
208 B
Document
General
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=7965596858226237483&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.231.25.160 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Mon, 18 Dec 2023 04:02:53 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 18 Dec 2023 04:02:53 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=7965596858226237483&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 943A
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hODlmMTg4Yy0xNDQyLTRlM2UtOTI5Ny0yMmU0MThhNDBjZWQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 04:02:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D1B3
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=113797
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 18 Dec 2023 04:02:53 GMT
expires
Tue, 19 Dec 2023 11:39:30 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame E289
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=45d05fd7-b774-43df-ba7c-91fe06509f64
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=45d05fd7-b774-43df-ba7c-91fe06509f64
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 18 Dec 2023 04:02:53 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Mon, 18 Dec 2023 04:02:53 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=45d05fd7-b774-43df-ba7c-91fe06509f64
server
Kestrel
usersync
usersync.gumgum.com/ Frame 683C
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZX-Ea8Co8HAAAHg0fUEAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZX-Ea8Co8HAAAHg0fUEAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 18 Dec 2023 04:02:53 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 18 Dec 2023 04:02:53 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZX-Ea8Co8HAAAHg0fUEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
4
X-SO-Cluster-ID
0
X-SO-HostName
m-ad433.dc4p.scaleout.jp
X-SO-IP
146.70.201.232
X-SO-Key
ZX-Ea8Co8HAAAHg0fUEAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.232","key":"ZX-Ea8Co8HAAAHg0fUEAAAAA","privacy_sensitive":false,"uid":"ZX-Ea8Co8HAAAHg0fUEAAAAA","upstream_id":"m-ad433"}
X-SO-LB-Hostname
m-tgng37.dc4p.scaleout.jp
X-SO-UID
ZX-Ea8Co8HAAAHg0fUEAAAAA
X-SO-Upstream-ID
m-ad433
usersync
usersync.gumgum.com/ Frame A5AD
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48&pi=gumgum
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48&pi=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 18 Dec 2023 04:02:53 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 18 Dec 2023 04:02:53 GMT Mon, 18 Dec 2023 04:02:53 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 5343
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Dec 2023 04:02:53 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 18 Dec 2023 04:02:53 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame 5046
0
358 B
Document
General
Full URL
https://ads.servenobid.com/sync?pid=316&uid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 18 Dec 2023 04:02:53 GMT
sync
ads.servenobid.com/ Frame 67A7
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=317&uid=3831266057273496277&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 67A7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=hzidrib9tQE7W3yXPLN4&gdpr=0
43 B
536 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=hzidrib9tQE7W3yXPLN4&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.56 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:53 GMT
Content-Type
text/html; charset=utf-8
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=hzidrib9tQE7W3yXPLN4&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 67A7
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=84e8bd6444
43 B
515 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=84e8bd6444
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.56 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Mon, 18 Dec 2023 04:02:53 GMT
via
1.1 d51ceda436f155dcdc6b24ba6dcf73cc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT57-C4
x-cache
Miss from cloudfront
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=84e8bd6444
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
-G7Su5ykWGzoDJezhxGYwqHFiSouPnpG0G7ghHJaOjOFwzK7sEI_gQ==
/
rtb-csync.smartadserver.com/redir/ Frame 67A7
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=6ac368a7-0a41-45c6-a666-84d78d8f6519&gdpr=0
43 B
541 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=6ac368a7-0a41-45c6-a666-84d78d8f6519&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.56 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=6ac368a7-0a41-45c6-a666-84d78d8f6519&gdpr=0
date
Mon, 18 Dec 2023 04:02:53 GMT
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 67A7
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MzgzMTI2NjA1NzI3MzQ5NjI3Nw==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEL3wiyWyCDtc8A1tOXg0JNk&gdpr=0&gdpr_consent=&google_cver=1
43 B
511 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEL3wiyWyCDtc8A1tOXg0JNk&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.56 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEL3wiyWyCDtc8A1tOXg0JNk&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 6A44
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&partner_id=1010
0
453 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8374834a08e3e05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:53 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Mon, 18 Dec 2023 04:02:53 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/f1cf3e85-4efb-4ec6-8e10-d05aa12c5786&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
user-sync
sync.adkernel.com/ Frame D99E
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D578434%26t%3Dimage%26uid%3D%24UID%26us_privacy%3D1YN-
  • https://sync.adkernel.com/user-sync?zone=181225&dsp=578434&t=image&uid=3456854436429190532&us_privacy=1YN-
42 B
327 B
Image
General
Full URL
https://sync.adkernel.com/user-sync?zone=181225&dsp=578434&t=image&uid=3456854436429190532&us_privacy=1YN-
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Protocol
HTTP/1.1
Server
216.130.169.24 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:53 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
an-x-request-uuid
63912852-5c8e-4ab3-8a7d-577bc86bc94b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
//sync.adkernel.com/user-sync?zone=181225&dsp=578434&t=image&uid=3456854436429190532&us_privacy=1YN-
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 5B34
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 18 Dec 2023 04:02:53 GMT
Expires
0
Pragma
no-cache
/
onetag-sys.com/usync/ Frame C1F4
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5adb88524e24e50&us_privacy=1YN-
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
29f836b1c2dd7f7b
ads.us.e-planning.net/uspd/1/ Frame 985D
351 B
591 B
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1YN-
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.120.110.138 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
6b75c264b91673bb073fd9627ccd022e0b8f97f7ea6903d4e96f8d879f243b36

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-length
351
content-type
text/html
date
Mon, 18 Dec 2023 04:02:53 GMT
expires
Mon, 18 Dec 2023 04:02:53 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-721
152mediaweb
sync.quantumdex.io/usersync/ Frame FB6E
1 KB
678 B
Document
General
Full URL
https://sync.quantumdex.io/usersync/152mediaweb
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca071af098c8212021fff20845935b78be4bba96fa1699ead6d2180902b72419

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
83748349a8edf6b5-NRT
content-encoding
gzip
content-type
text/html
date
Mon, 18 Dec 2023 04:02:53 GMT
server
cloudflare
usync.js
eus.rubiconproject.com/ Frame 5343
45 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
21b94bd9b58330fa42dedc329873a15eed8ea727c0482531798752e30664bcbd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Dec 2023 02:06:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79424
Connection
keep-alive
Content-Length
13202
Expires
Tue, 19 Dec 2023 02:06:37 GMT
3bc52bf9-24cf-4180-81b6-5f6c148a94c6
csync.smilewanted.com/set_partner_userid_get/openx/ Frame A04B
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://csync.smilewanted.com/set_partner_userid_get/openx/3bc52bf9-24cf-4180-81b6-5f6c148a94c6
0
456 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/openx/3bc52bf9-24cf-4180-81b6-5f6c148a94c6
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8374834a18f9e05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:53 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Mon, 18 Dec 2023 04:02:53 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/openx/3bc52bf9-24cf-4180-81b6-5f6c148a94c6
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
ads.servenobid.com/ Frame D47E
0
358 B
Document
General
Full URL
https://ads.servenobid.com/sync?pid=316&uid=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 18 Dec 2023 04:02:53 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 4D9D
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1702872173027.&ri=0015a00003HljHyAAJ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26t...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212384919919253&gdpr=0&gdpr_consent=
49 B
181 B
Image
General
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212384919919253&gdpr=0&gdpr_consent=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
7
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212384919919253&gdpr=0&gdpr_consent=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
db_sync
px.ads.linkedin.com/ Frame 4D9D
0
143 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=v%2F8YZmV%2FxGVI1XAuIYep%2Fw%3D%3D&us_privacy=&_rand=1702872173027.2
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:52 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: A35A37A370204C69A67CA7E855B9FF22 Ref B: TYO01EDGE1711 Ref C: 2023-12-18T04:02:53Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMwNL7PAeAkICxFqnd0g==
H1vSCLZH1GFpiRLqQlWJzlOb
csync.smilewanted.com/set_partner_userid_get/sovrn/ Frame DB3D
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/sovrn/H1vSCLZH1GFpiRLqQlWJzlOb
0
539 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/sovrn/H1vSCLZH1GFpiRLqQlWJzlOb
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8374834b19d9e05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:53 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Mon, 18 Dec 2023 04:02:53 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/sovrn/H1vSCLZH1GFpiRLqQlWJzlOb
X-Sovrn-Pod
ad_ap2sfo1
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 985D
566 B
521 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1YN-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.206.157.242 New York, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:52 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 16 Dec 2028 04:02:52 GMT
sync
x.bidswitch.net/ Frame 985D
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1YN-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usersync
usersync.gumgum.com/ Frame 172B
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 18 Dec 2023 04:02:53 GMT
Expires
0
Pragma
no-cache
sync
ads.servenobid.com/ Frame A86E
0
340 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=352&uid=c4AKnoZ-CH_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
7965596858226237483
csync.smilewanted.com/set_partner_userid_get/adform/ Frame C2D2
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/7965596858226237483
0
495 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/7965596858226237483
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8374834c1b09e05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:53 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Mon, 18 Dec 2023 04:02:53 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/7965596858226237483
server
nginx
cs
cs-rtb.minutemedia-prebid.com/ Frame 6353
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=8b928a1f03e7d2281861d05d497e50b5
0
486 B
Image
General
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=8b928a1f03e7d2281861d05d497e50b5
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:20c4:9400:1f:4c18:bd40:93a1 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
via
1.1 0922677d7a4dc7dd73582b22ecc5c332.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
NRT57-C2
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
3J1Kz3Y2gZ2Auc0eSjD3x6I8XNhlNRud5K5WGAEv5oC-h4xh2Q4jxQ==

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:52 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=8b928a1f03e7d2281861d05d497e50b5
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 6353
0
341 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=348&uid=vl6KcoSzCp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
hzidrib9tQE7W3yXPLN4
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 3221
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/hzidrib9tQE7W3yXPLN4?gdpr=0
0
494 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/hzidrib9tQE7W3yXPLN4?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8374834c1b0fe05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:53 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
112
Content-Type
text/html; charset=utf-8
Date
Mon, 18 Dec 2023 04:02:53 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/hzidrib9tQE7W3yXPLN4?gdpr=0
P3p
CP="We do not support P3P header."
Pragma
no-cache
setuid
sync.quantumdex.io/ Frame FB6E
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=between&uid=5a45b45b-3759-5460-9a2f-075cff50c334
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=5a45b45b-3759-5460-9a2f-075cff50c334
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8374834b5a38f6b5-NRT
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=5a45b45b-3759-5460-9a2f-075cff50c334
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
user-sync
sync.adkernel.com/ Frame FB6E
42 B
327 B
Image
General
Full URL
https://sync.adkernel.com/user-sync?dsp=61&t=image&uid=ae3a5a15-451e-4796-9c64-61e771895600
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.130.169.24 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:53 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif
/
onetag-sys.com/usync/ Frame B34D
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 694B
1 KB
2 KB
Document
General
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
87f6ea4e435a7964b4fa6d5c4c12e270b7bd7269895ee0ded734ed0405ef5106

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1225
content-type
text/html; charset=utf-8
date
Mon, 18 Dec 2023 04:02:53 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 1640
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48?pi=smilewanted
0
523 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8374834c9b9de05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:53 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 18 Dec 2023 04:02:53 GMT Mon, 18 Dec 2023 04:02:53 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48?pi=smilewanted
pragma
no-cache
xuid
eb2.3lift.com/ Frame 694B
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=77E8C90F12574DEC950120C50FB7BA09&dongle=yf3
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=77E8C90F12574DEC950120C50FB7BA09&dongle=yf3
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 18 Dec 2023 04:02:53 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=77E8C90F12574DEC950120C50FB7BA09&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 17 Dec 2023 04:02:53 GMT
xuid
eb2.3lift.com/ Frame 694B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=hzidrib9tQE7W3yXPLN4&gdpr=0
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=hzidrib9tQE7W3yXPLN4&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:53 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=hzidrib9tQE7W3yXPLN4&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 694B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7380707807691766283&dongle=d407&gdpr=0&gdpr_consent=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=7380707807691766283&dongle=d407&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=7380707807691766283&dongle=d407&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
xuid
eb2.3lift.com/ Frame 694B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=4DrCh7U7w9T7bpDYsD_Yh7M2xoD7P8XYsjer60eQ
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=4DrCh7U7w9T7bpDYsD_Yh7M2xoD7P8XYsjer60eQ
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=4DrCh7U7w9T7bpDYsD_Yh7M2xoD7P8XYsjer60eQ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
img
sync.mathtag.com/sync/ Frame 694B
0
0

xuid
eb2.3lift.com/ Frame 694B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=ZX-EZgAHv4QGbABd&dongle=3c0a&gdpr=0&gdpr_consent=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=ZX-EZgAHv4QGbABd&dongle=3c0a&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

x-served-by
cache-nrt-rjtf7700050-NRT
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702872173.338110,VS0,VE0
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=ZX-EZgAHv4QGbABd&dongle=3c0a&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame 694B
Redirect Chain
  • https://s.company-target.com/s/tlx?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D8804%26xuid%3D%7Bxuid%7D%26dongle%3D6aix
  • https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=a0c82877-73af-4d52-8f4a-37a0462ba4c0
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=a0c82877-73af-4d52-8f4a-37a0462ba4c0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 18 Dec 2023 04:02:53 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.3lift.com
location
https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=a0c82877-73af-4d52-8f4a-37a0462ba4c0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
xuid
eb2.3lift.com/ Frame 694B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6019&xuid=y2LtAdkx1Rf4Q65&dongle=465e&gdpr=0&gdpr_consent=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=6019&xuid=y2LtAdkx1Rf4Q65&dongle=465e&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:53 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-019419e25e51af8eb@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://eb2.3lift.com/xuid?mid=6019&xuid=y2LtAdkx1Rf4Q65&dongle=465e&gdpr=0&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 694B
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6547&xuid=5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=6547&xuid=5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 18 Dec 2023 04:02:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=6547&xuid=5mrcBcYZ8_JhsVDe1tXR8FXaojFGWm6wQrqX-ezBE48&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT, Mon, 18 Dec 2023 04:02:53 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
CookieSyncTripleLift
rtb.adentifi.com/ Frame 694B
0
285 B
Image
General
Full URL
https://rtb.adentifi.com/CookieSyncTripleLift?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.64.103 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:53 GMT
y-3kMXH6tE2uFQJwlaEomAZmA40ujPgZp.Ci3pHIw-~A&gdpr=0
csync.smilewanted.com/set_partner_userid_get/yahoo/ Frame 062C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-3kMXH6tE2uFQJwlaEomAZmA40ujPgZp.Ci3pHIw-~A&gdpr=0
0
712 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-3kMXH6tE2uFQJwlaEomAZmA40ujPgZp.Ci3pHIw-~A&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8374834bdab8e05a-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 04:02:53 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

age
0
content-length
0
date
Mon, 18 Dec 2023 04:02:53 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-3kMXH6tE2uFQJwlaEomAZmA40ujPgZp.Ci3pHIw-~A&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 985D
59 KB
18 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 20:21:14 GMT
content-encoding
gzip
via
1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C1
age
27700
x-amz-server-side-encryption
AES256
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
3noivQFkXcZZTOF4tHvLCrhPK3H9iN-NeGgvARgbmOCJdI6A7uteVg==
user-sync
sync.adkernel.com/ Frame 5A14
0
0
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=181225&dsp=629319&t=iframe&uid=AIhrPcY1-OUrujN8&us_privacy=1YN-
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/29f836b1c2dd7f7b?ruidm=1&du=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D629319%26t%3Diframe%26uid%3D%24UID%26us_privacy%3D1YN-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.130.169.24 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 18 Dec 2023 04:02:53 GMT
Server
nginx
khaos.json
token.rubiconproject.com/ Frame 5310
7 B
777 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQAE4DBJ-U-JCL5
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
Expires
0
khaos.json
token.rubiconproject.com/ Frame 5343
7 B
777 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQAE4DBJ-U-JCL5
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e8ee3bea2ab086361542c3b52b688813
Expires
0
sync
ads.servenobid.com/ Frame 5310
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LQAE4DBJ-U-JCL5
  • https://ads.servenobid.com/sync?pid=323&uid=LQAE4DBJ-U-JCL5
0
343 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LQAE4DBJ-U-JCL5
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.25.192.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-192-112.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 04:02:54 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LQAE4DBJ-U-JCL5
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b6c391ede0c9b3c7eab11a335db29fb
Expires
0
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 985D
155 B
647 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 17 Dec 2023 20:52:37 GMT
via
1.1 c6a9836e54cf7bc2bb59e3fb86f871e0.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-C1
age
25817
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
4n3E1EOZUtFA60jdvzNwdqfImxHMnY0TnygODS39_kZdYbuPulaCcg==
data
bcp.crwdcntrl.net/6/ Frame 985D
263 B
1 KB
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
1b78f81310f0a2ef27646c37f50e8d44239992aedb5a5cee2a685262dde78cc1

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:53 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.42.24.246
access-control-allow-credentials
true
content-length
263
expires
0
usersync
usersync.gumgum.com/ Frame 5343
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LQAE4DBJ-U-JCL5
  • https://usersync.gumgum.com/usersync?b=mag&i=LQAE4DBJ-U-JCL5
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LQAE4DBJ-U-JCL5
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LQAE4DBJ-U-JCL5
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
Expires
0
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 9556
2 KB
1 KB
Document
General
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
5724
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 18 Dec 2023 02:27:35 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
x-amz-cf-id
dLe7rTdcb1Ric3Ie4UiJWYdrV_Plj7WCRBnMZ4WFk_fM12RYr8ZsUg==
x-amz-cf-pop
NRT20-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pixels
bcp.crwdcntrl.net/ Frame EDFA
868 B
1 KB
Document
General
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=43%2C65%2C108%2C105%2C2%2C115&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d7cc44eaadf9501a48aabca5ed8fc96c219c14fbc3ab4acaa613258ecb2a8170

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache
content-length
868
content-type
text/html
date
Mon, 18 Dec 2023 04:02:53 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.42.25.76
qmap
sync.crwdcntrl.net/ Frame EDFA
Redirect Chain
  • https://ce.lijit.com/merge?pid=5001&3pid=442a1d36e311842d9a0f79f9a6e84fdd&gdpr=0&location=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D5436%26tp%3DSVRN%26tpid%3D%5BSOVRNID%5D%26gdpr%3D0
  • https://sync.crwdcntrl.net/qmap?c=5436&tp=SVRN&tpid=H1vSCLZH1GFpiRLqQlWJzlOb&gdpr=0
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=5436&tp=SVRN&tpid=H1vSCLZH1GFpiRLqQlWJzlOb&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=43%2C65%2C108%2C105%2C2%2C115&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:54 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.7.213
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 18 Dec 2023 04:02:54 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://sync.crwdcntrl.net/qmap?c=5436&tp=SVRN&tpid=H1vSCLZH1GFpiRLqQlWJzlOb&gdpr=0
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1sea1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame EDFA
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=231793304734001942203&gdpr=0&gdpr_consent=
49 B
263 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=231793304734001942203&gdpr=0&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=43%2C65%2C108%2C105%2C2%2C115&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:54 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.2.12
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:54 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=231793304734001942203&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
/
bcp.crwdcntrl.net/map/c=10924/tp=OOLA/ Frame EDFA
Redirect Chain
  • https://trc.taboola.com/sg/lotame/1/cm
  • https://bcp.crwdcntrl.net/map/c=10924/tp=OOLA/
49 B
264 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=10924/tp=OOLA/
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=43%2C65%2C108%2C105%2C2%2C115&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:54 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.9.208
content-length
49
expires
0

Redirect headers

x-vcl-time-ms
80
date
Mon, 18 Dec 2023 04:02:54 GMT
via
1.1 varnish
x-served-by
cache-tyo11939-TYO
server
nginx
x-timer
S1702872174.023364,VS0,VE80
x-fastly-to-nlb-rtt
78740
x-cache
MISS
location
https://bcp.crwdcntrl.net/map/c=10924/tp=OOLA/
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
qmap
sync.crwdcntrl.net/ Frame EDFA
Redirect Chain
  • https://pixel.shareaholic.com/sync?r=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D9193%26tp%3DSHLC%26tpid%3D%24u_id%26gdpr%3D0
  • https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=489db5eb-c149-476b-8586-d86dee430dc3&gdpr=0
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=489db5eb-c149-476b-8586-d86dee430dc3&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=43%2C65%2C108%2C105%2C2%2C115&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:54 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.1.243
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=489db5eb-c149-476b-8586-d86dee430dc3&gdpr=0
pragma
no-cache
date
Mon, 18 Dec 2023 04:02:54 GMT
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
rand=444261244
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/ Frame EDFA
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=444261244
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/rand=444261244
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/rand=444261244
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=43%2C65%2C108%2C105%2C2%2C115&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:54 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.27.90
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:54 GMT
an-x-request-uuid
fc194c12-86b8-420f-b6a3-18ed769650d3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3456854436429190532/gdpr=0/rand=444261244
x-proxy-origin
146.70.201.232; 146.70.201.232; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ltm
audex.userreport.com/sync/put/ Frame EDFA
43 B
433 B
Image
General
Full URL
https://audex.userreport.com/sync/put/ltm?ltmid=442a1d36e311842d9a0f79f9a6e84fdd
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=43%2C65%2C108%2C105%2C2%2C115&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.109 -, , ASN (),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 04:02:54 GMT
Via
1.1 af1dba21626a829695c3fa888cc0952c.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.22.0
X-Amz-Cf-Pop
NRT57-P4
X-Cache
Miss from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
jXl9MWLOb-oWOQI0L72upGC_aiAzW6k6M0GGd7fz6fwF0Kmtq8zqDA==
dc_oe=ChMI5pXxk42YgwMVR4rpBR2WegsnEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCPqVwJONmIMDFWOK6QUd5WsE1g;dc_rmcid=CAQSPAAvHhf_huRwzTp-2qLLWELKdvpqxJasa-DOg54qfsleFVUnlVC178fnqQBdRmDJhhIIXO2...
ade.googlesyndication.com/ddm/activity/ Frame 6EB9
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5pXxk42YgwMVR4rpBR2WegsnEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCPqVwJONmIMDFWOK6QUd5WsE1g;dc_rmcid=CAQSPAAvHhf_huRwzTp-2qLLWELKdvpqxJasa-DOg54qfsleFVUnlVC178fnqQBdRmDJhhIIXO2Bt6L60delPxgB;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOliX7L6TjZiDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D8140,0,0,0,0%26mtos%3D8140,8140,8140,8140,8140%26amtos%3D0,0,0,0,0%26mcvt%3D8140%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D8392%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D12%26pst%3D252%26dur%3D11520%26vmtime%3D8434%26dtos%3D2704%26dtoss%3D4%26dvs%3D2704%26dfvs%3D2704%26dvpt%3D2704%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2704,2704,2704,2704,2704%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D633706359%26psm%3D511%26psv%3D510%26psfv%3D510%26psa%3D0%26pngs%3D9s,14,200103cs,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,8140;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1702872165781;ecn1=1;etm1=0;eid1=960585;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6EB9
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ch3KfZMR_ZfrTBOOUpt8P5deRsA31ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEsgJP0GQ-M7jkGyOGSgT_SYKQNbGmoJJmclm3X8E8p6KOZIpE3uNSuUqySrVy3_QlPT8Bv-mvNErVsm3Hb1eOy07clyiBmKrOIQWOyvSx5DV060OcE-9H30CFvI_l8YTVMfo34PhO7ZooL5JKzTGSI9RBtY3l6siKTRKFAFMvXN0xLG2gSEl9CTDqSSWj9ln4RTHVtC8KztqG_wENUu-Zsyj70DzqbrhAePfatIZ8X_RicdsNh8fmlA-N5umn5FrdEhhgzcq_ok3cwSws-LM3ZoCE9bcnYmJoLifx6v_GmM2xbMTHXeFavgWGlZ2BIwst8O-Ugn2tvPwGJij5jUMS3tJNWYRWMN0rJp3Zna_nwzMezFlXWhHPilXB2t7MukVqJv_NdHiAjfPnU-jPbkmbPMDWZ3PABMmR7s3JBOAEA4gFgaDOuU2QBgGgBnaAB-qQlb4BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYl-y-k42YgwPyCBthZHgtc3Vic3luLTk5Mzg1NjU4MjIwMzQ2ODCACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAqoNAkpQ4g0TCLyWv5ONmIMDFWOK6QUd5WsE1rATyqPIFcgT3oH34wPYEwqIFALYFAHQFQH4FgGAFwHoFwM&sigh=jJWUou9grwU&label=videoplaytime75&ad_mt=8434&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D8140,0,0,0,0%26mtos%3D8140,8140,8140,8140,8140%26amtos%3D0,0,0,0,0%26mcvt%3D8140%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D8392%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D12%26pst%3D252%26dur%3D11520%26vmtime%3D8434%26dtos%3D2704%26dtoss%3D4%26dvs%3D2704%26dfvs%3D2704%26dvpt%3D2704%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2704,2704,2704,2704,2704%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D633706359%26psm%3D511%26psv%3D510%26psfv%3D510%26psa%3D0%26pngs%3D9s,14,200103cs,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,8140&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1702872165781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 96FB
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~lqae4br0&c=1324699826774&slotId=662349913387&qqid=CMaxmJONmIMDFfWc6QUd-J0DWQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2014&mt=video%2Fmp4&vs=1280x720&dm=11000&met.4=5s.4ma~2sbc.7q7~10s.8jo&event_name=first_pause&asset_bytes=3390803&video_bytes=3188075&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=21&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=11.52&video_muted=true&video_seconds_loaded=11.52&vqdf=5&vqtf=276&vqfr=24&endedMediaDiff=-520
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIl9izk42YgwMVz07CBR31tw4nEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCMaxmJONmIMDFfWc6QUd-J0DWQ;dc_rmcid=CAQSTwAvHhf_iRiOLW1GIisVlHLNhZMzjrC4s_iPWwpPRd9Cso9beA7qbo95jAANc-ecRBhtPaU...
ade.googlesyndication.com/ddm/activity/ Frame 96FB
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIl9izk42YgwMVz07CBR31tw4nEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCMaxmJONmIMDFfWc6QUd-J0DWQ;dc_rmcid=CAQSTwAvHhf_iRiOLW1GIisVlHLNhZMzjrC4s_iPWwpPRd9Cso9beA7qbo95jAANc-ecRBhtPaUSNN5YmyAnax70VjCs-vPvYbwZY-NrGx0xQRMYAQ;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOljF6paTjZiDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D4%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26p0%3D0,0,0,0%26p1%3D1,1,169,299%26p2%3D1,1,169,299%26p3%3D1,1,169,299%26tos%3D11246,0,0,0,0%26mtos%3D11246,11246,11246,11246,11246%26amtos%3D0,0,0,0,0%26mtos1%3D2542,0,0%26mtos2%3D2734,0,0%26mtos3%3D2968,0,0%26mcvt%3D11246%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11494%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D49%26pst%3D287%26dur%3D11520%26vmtime%3D11520%26dtos%3D3002%26dtoss%3D5%26dvs%3D3002%26dfvs%3D3002%26dvpt%3D3002%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3002,3002,3002,3002,3002%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D758656306%26psm%3D4095%26psv%3D4094%26psfv%3D4094%26psa%3D0%26pngs%3D9s,14,200103cs,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11246%26ss0%3D0%26ss1%3D0,0.02,0.02%26ss2%3D0.02%26ss3%3D0.02;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1702872164319;ecn1=1;etm1=0;eid1=13;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 96FB
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHIWLY8R_ZYb0GfW5pt8P-LuOyAX1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEtAJP0DbzkXxr76XuaKkAMrME5jPxg7JKoE9U_BCsYiMVOCMK__Nj5NIW2ofc0_vMGYBXbSxXyKC7fM7AWow5QDLi1ckV5fTJxKVGXo_6rok0aBmQgGwCfZT15ZoTiRJzFSC2w2S_gipooA6JU6_bYL2Eoxz6Gd7Wy5iUwI0rl7_LI5AibGaDhdR8EM-GHoJissMzbJGVkkJN7pVAG64hIdPYFUvhuE9eiqQqDeA3YWnFBU9IR1cu_GUD84Aq_JDeG9XclBeM_xmG9xw7oQygWGquk_ZFjddJ-ITpjb45FaHYuJYo0odsw4tnEBkP2bnvoXJKDBgCX8eNyec7vKQ0K5RyNOw-Qo987pKScaNuMioPFjUeGKSt_pDgx_uQWL4--07-CF1_uIx3H_DguCBorQcBVR0SIcAEyZHuzckE4AQDiAWBoM65TZAGAaAGdoAH6pCVvgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOljF6paTjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAeALAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJKUOINEwjenpeTjZiDAxX1nOkFHfidA1mwE8qjyBXIE96B9-MD2BMKiBQC2BQB0BUB-BYBgBcB6BcD&sigh=1Bd1ouNDuoc&label=videoplaytime100&ad_mt=11520&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D4%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26p0%3D0,0,0,0%26p1%3D1,1,169,299%26p2%3D1,1,169,299%26p3%3D1,1,169,299%26tos%3D11246,0,0,0,0%26mtos%3D11246,11246,11246,11246,11246%26amtos%3D0,0,0,0,0%26mtos1%3D2542,0,0%26mtos2%3D2734,0,0%26mtos3%3D2968,0,0%26mcvt%3D11246%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11494%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D49%26pst%3D287%26dur%3D11520%26vmtime%3D11520%26dtos%3D3002%26dtoss%3D5%26dvs%3D3002%26dfvs%3D3002%26dvpt%3D3002%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3002,3002,3002,3002,3002%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D758656306%26psm%3D4095%26psv%3D4094%26psfv%3D4094%26psa%3D0%26pngs%3D9s,14,200103cs,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11246%26ss0%3D0%26ss1%3D0,0.02,0.02%26ss2%3D0.02%26ss3%3D0.02&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1702872164319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 6775
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~lqae4boy&c=5702684397138&slotId=2851342198569&qqid=CObejpONmIMDFYeW6QUdj4IJuQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2014&mt=video%2Fmp4&vs=1280x720&dm=11000&met.4=5s.4y5~2sbc.824~10s.8o6&event_name=first_pause&asset_bytes=3390615&video_bytes=3188075&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=21&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=11.52&video_muted=true&video_seconds_loaded=11.52&vqdf=2&vqtf=276&vqfr=24&endedMediaDiff=-520
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIzaCxk42YgwMVflDCBR3cXQDkEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCObejpONmIMDFYeW6QUdj4IJuQ;dc_rmcid=CAQSTgAvHhf_YJlZ-ZvCOT-PQl99i0DAxjz4JPpLzG8B4FS84QzpsCxbPC9RsS9aadoBMYvhWNS...
ade.googlesyndication.com/ddm/activity/ Frame 6775
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzaCxk42YgwMVflDCBR3cXQDkEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCObejpONmIMDFYeW6QUdj4IJuQ;dc_rmcid=CAQSTgAvHhf_YJlZ-ZvCOT-PQl99i0DAxjz4JPpLzG8B4FS84QzpsCxbPC9RsS9aadoBMYvhWNSsGc28mr3th5ofAZfspFUXTVQ_catM6sexPxgB;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOliHr42TjZiDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D4%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26p0%3D0,0,0,0%26p1%3D1,1,169,299%26p2%3D1,1,169,299%26p3%3D1,1,169,299%26tos%3D0,11200,0,0,0%26mtos%3D0,11200,11200,11200,11200%26amtos%3D0,0,0,0,0%26mtos1%3D0,2673,0%26mtos2%3D0,2737,0%26mtos3%3D0,2699,0%26mcvt%3D11200%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11474%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D10%26pst%3D274%26dur%3D11520%26vmtime%3D11520%26dtos%3D3091%26dtoss%3D5%26dvs%3D3091%26dfvs%3D0%26dvpt%3D3091%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D33555219%26c%3D0.92%26c0%3D0%26c1%3D0,0.92,0.92%26c2%3D0.92%26c3%3D0.92%26mc%3D0.92%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,3091,3091,3091,3091%26qnc%3D0.92%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D667307141%26psm%3D4095%26psv%3D4094%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,200103cs,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11200%26ss0%3D0%26ss1%3D0,0.02,0.02%26ss2%3D0.02%26ss3%3D0.02;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1702872164468;ecn1=1;etm1=0;eid1=13;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6775
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CUWlnY8R_ZaahEIetpt8Pj4WmyAv1ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEtAJP0J2ioVEDabUuJHHGsAskP4-nAmv5CJc_03aqVR9WU9fFoeAcTskWblJq_etiGTpJwMUftd5-wjqd4H9qkMdxTuTQPjWGfXwaXbgciYJ0k_AlvBMjAuYbW_HqA_R61uqkdOhf1tfPpSdzuctYc42i_rOqQC6GvYjPAs1Tf4fKslceldLPLqqB4ay7b0zw0FYLInGFNw0XKz22WjqVvQLG6dbSwAo4WlPCzMa-PZ8YNZGl70XPXwzRsumHV0onN_Mpz95f_xFwky_6bDn7ksxzBY-hgLUodP99r0g_JW21ko0kdXjeHLPZf6n2BixIkbr1WqT36jMULcHZZNjw6xgWWPlRBd1d3O7x5CyXchOH_TXIY-C318CgY-u2qj86JaLFk8YdsIBp0jrsBBwwMLFLKpmqn8AEyZHuzckE4AQDiAWBoM65TZAGAaAGdoAH6pCVvgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOliHr42TjZiDA_IIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAeALAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJKUOINEwjI2Y2TjZiDAxWHlukFHY-CCbmwE8qjyBXIE96B9-MD2BMKiBQC2BQB0BUB-BYBgBcB6BcD&sigh=nSVoW9JCFIY&label=videoplaytime100&ad_mt=11520&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D4%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26p0%3D0,0,0,0%26p1%3D1,1,169,299%26p2%3D1,1,169,299%26p3%3D1,1,169,299%26tos%3D0,11200,0,0,0%26mtos%3D0,11200,11200,11200,11200%26amtos%3D0,0,0,0,0%26mtos1%3D0,2673,0%26mtos2%3D0,2737,0%26mtos3%3D0,2699,0%26mcvt%3D11200%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11474%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D10%26pst%3D274%26dur%3D11520%26vmtime%3D11520%26dtos%3D3091%26dtoss%3D5%26dvs%3D3091%26dfvs%3D0%26dvpt%3D3091%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D33555219%26c%3D0.92%26c0%3D0%26c1%3D0,0.92,0.92%26c2%3D0.92%26c3%3D0.92%26mc%3D0.92%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,3091,3091,3091,3091%26qnc%3D0.92%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D667307141%26psm%3D4095%26psv%3D4094%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,200103cs,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11200%26ss0%3D0%26ss1%3D0,0.02,0.02%26ss2%3D0.02%26ss3%3D0.02&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1702872164468
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 6EB9
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lqae4cd7&c=2538611180369&slotId=1269305590184.5&qqid=CPqVwJONmIMDFWOK6QUd5WsE1g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2014&mt=video%2Fmp4&vs=1280x720&dm=11000&met.4=vfl.1ph~5s.5ca~2sbc.8ga~10s.92c&event_name=first_pause&asset_bytes=3391610&video_bytes=3188075&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=22&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=11.52&video_muted=true&video_seconds_loaded=11.52&vqdf=1&vqtf=276&vqfr=24&endedMediaDiff=-520
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4001:c12::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:57 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI5pXxk42YgwMVR4rpBR2WegsnEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCPqVwJONmIMDFWOK6QUd5WsE1g;dc_rmcid=CAQSPAAvHhf_huRwzTp-2qLLWELKdvpqxJasa-DOg54qfsleFVUnlVC178fnqQBdRmDJhhIIXO2...
ade.googlesyndication.com/ddm/activity/ Frame 6EB9
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5pXxk42YgwMVR4rpBR2WegsnEAAYACChztlhOhoIpPS2vgEQyZHuzckEGN6B9-MDILHht7ucEkITCPqVwJONmIMDFWOK6QUd5WsE1g;dc_rmcid=CAQSPAAvHhf_huRwzTp-2qLLWELKdvpqxJasa-DOg54qfsleFVUnlVC178fnqQBdRmDJhhIIXO2Bt6L60delPxgB;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOliX7L6TjZiDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D4%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26p0%3D0,0,0,0%26p1%3D1,164,119,373%26p2%3D1,164,119,373%26p3%3D1,164,119,373%26tos%3D11226,0,0,0,0%26mtos%3D11226,11226,11226,11226,11226%26amtos%3D0,0,0,0,0%26mtos1%3D2512,0,0%26mtos2%3D2924,0,0%26mtos3%3D2704,0,0%26mcvt%3D11226%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11478%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D16%26pst%3D252%26dur%3D11520%26vmtime%3D11520%26dtos%3D3086%26dtoss%3D5%26dvs%3D3086%26dfvs%3D3086%26dvpt%3D3086%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3086,3086,3086,3086,3086%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D633706359%26psm%3D4095%26psv%3D4094%26psfv%3D4094%26psa%3D0%26pngs%3D9s,14,200103cs,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11226%26ss0%3D0%26ss1%3D0,0.01,0.01%26ss2%3D0.01%26ss3%3D0.01;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1702872165781;ecn1=1;etm1=0;eid1=13;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6EB9
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ch3KfZMR_ZfrTBOOUpt8P5deRsA31ru7tdLHht7ucEvAuEAEglZvKIWCJ88WE9BPIAQWpAitXNfmOJos-qAMByAObBKoEsgJP0GQ-M7jkGyOGSgT_SYKQNbGmoJJmclm3X8E8p6KOZIpE3uNSuUqySrVy3_QlPT8Bv-mvNErVsm3Hb1eOy07clyiBmKrOIQWOyvSx5DV060OcE-9H30CFvI_l8YTVMfo34PhO7ZooL5JKzTGSI9RBtY3l6siKTRKFAFMvXN0xLG2gSEl9CTDqSSWj9ln4RTHVtC8KztqG_wENUu-Zsyj70DzqbrhAePfatIZ8X_RicdsNh8fmlA-N5umn5FrdEhhgzcq_ok3cwSws-LM3ZoCE9bcnYmJoLifx6v_GmM2xbMTHXeFavgWGlZ2BIwst8O-Ugn2tvPwGJij5jUMS3tJNWYRWMN0rJp3Zna_nwzMezFlXWhHPilXB2t7MukVqJv_NdHiAjfPnU-jPbkmbPMDWZ3PABMmR7s3JBOAEA4gFgaDOuU2QBgGgBnaAB-qQlb4BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYl-y-k42YgwPyCBthZHgtc3Vic3luLTk5Mzg1NjU4MjIwMzQ2ODCACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAqoNAkpQ4g0TCLyWv5ONmIMDFWOK6QUd5WsE1rATyqPIFcgT3oH34wPYEwqIFALYFAHQFQH4FgGAFwHoFwM&sigh=jJWUou9grwU&label=videoplaytime100&ad_mt=11520&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D4%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26p0%3D0,0,0,0%26p1%3D1,164,119,373%26p2%3D1,164,119,373%26p3%3D1,164,119,373%26tos%3D11226,0,0,0,0%26mtos%3D11226,11226,11226,11226,11226%26amtos%3D0,0,0,0,0%26mtos1%3D2512,0,0%26mtos2%3D2924,0,0%26mtos3%3D2704,0,0%26mcvt%3D11226%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11478%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D16%26pst%3D252%26dur%3D11520%26vmtime%3D11520%26dtos%3D3086%26dtoss%3D5%26dvs%3D3086%26dfvs%3D3086%26dvpt%3D3086%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3086,3086,3086,3086,3086%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103,200104%26avms%3Dnio%26qi%3D633706359%26psm%3D4095%26psv%3D4094%26psfv%3D4094%26psa%3D0%26pngs%3D9s,14,200103cs,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11226%26ss0%3D0%26ss1%3D0,0.01,0.01%26ss2%3D0.01%26ss3%3D0.01&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1702872165781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 04:02:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
de.tynt.com/deb/
4 B
382 B
Script
General
Full URL
https://de.tynt.com/deb/v2?id=w!a9etg89wet&dn=TC&cc=2&chmob=0&r=&pu=https%3A%2F%2Fwww.hawtcelebs.com%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Mon, 18 Dec 2023 04:02:59 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
4
expires
Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusUOUcUrUYxZuji6PCEdkehggsr7btLI8gFWbf3ijI-U06374a8USJYyG6IdIK3F9pUOtj_7-qMrD4vZ6LEWlUQ0heLdAA7jbO5sPZw6ImVHe7R-nYiUSRHylYmoJZ2oENj6-1-ToNZuPAw7s5zuNz_sRqFuan4SL55F3onQroxAHMrk4Uv-GDm20WhuNgI_6OmvwXmsEXgqxba_0cGWA667bNvAOqFjTLEGtcnoP-MG6OpZIK5rQIYH7RzhKSiPfInW3va92-MLlyzK857LUQVJ4c2zXj5eHXNk1jiFLMToWe1TreoCa7kh4FzDe3Rxwkz4TuRBZbCm2uVpqFIH_1nYJW7kMV8wngp51gkYEXn6e94Y9nv0Ni8KA0WFxfcg7xoHwhiEP1UHQB3j_WHwQ10NLirmaWkyZtVQWSxVnFIhxkPPOy9NC7yauqwVw&sai=AMfl-YRS4ODWR9NsLC5KqgcAyRMQDFCOAdsCIXNpTIbm4PS4VL7HMAkveDfjgdVp_QQm8wpsEb-SzDqPVRRihkV47b1oDv9VzNeoZRDgOCvZ-NnCZcy0BpECB382c-20pJJz1ou-0iq0hNT7UzSgcEXqPj4&sig=Cg0ArKJSzNBVBNZlwd-_EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Domain
trends.revcontent.com
URL
https://trends.revcontent.com/sync?gdpr=0&gdpr_consent=undefined
Domain
trends.revcontent.com
URL
https://trends.revcontent.com/sync?gdpr=0&gdpr_consent=undefined
Domain
trends.revcontent.com
URL
https://trends.revcontent.com/sync?gdpr=0&gdpr_consent=undefined
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=andN_Kzaer7ikjrkHcnnVW
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=bHj7xyza8r7ikjrkHcnnVW
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=byadUMza8r7ikjrkHcnnVW
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=bCzQXWza8r7ikjrkHcnnVW
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=aiQovMzaer7ikjrkHcnnVW
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=bpjP6uza8r7ikjrkHcnnVW
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/audience_sync/7?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16299%26tp%3DSPXC%26tpid%3D%24SPOTX_AUDIENCE_ID%26gdpr%3D0
Domain
id.a-mx.com
URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://www.hawtcelebs.com/&tl=https://www.hawtcelebs.com/&nf=0&rt=true&v=8.21.0&av=2.0&vg=vlipb&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=ZX-EZgAHv4QGbABd&gdpr=0&gdpr_consent=
Domain
id.a-mx.com
URL
https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Damx_com%26uid%3D
Domain
id.a-mx.com
URL
https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Damx_com%26uid%3D
Domain
api-2-0.spot.im
URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=8b928a1f03e7d2281861d05d497e50b5
Domain
id.a-mx.com
URL
https://id.a-mx.com/u?&gdpr=0&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F33507%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D1YN-%26A%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Damx_com%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=

Verdicts & Comments Add Verdict or Comment

542 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| documentPictureInPicture object| __cfQR string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi object| demandSupplyTc object| demandSupplyTcI number| demandSupplyPDI number| demandSupplyPDSA number| demandSupplyDFSS number| demandSupplyCRR object| demandSupply object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| google_measure_js_timing object| zh object| dspbjs object| demandSupplyFS object| _app object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MTRmY2FjNzkwYjE3NTI0MGxvYWRlcl9qcw== string| MTRmY2FjNzkwYjE3NTI0MGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| regeneratorRuntime object| ox_esp object| pbjs object| criteo_pubtag object| criteo_identitytag_145 object| Criteo object| Criteo_identitytag_145 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| _33across object| __uid2SecureSignalProvider object| __uid2 number| google_unique_id object| gaGlobal object| google_reactive_ads_global_state undefined| $ function| jQuery function| gtag object| dataLayer object| menuItems object| trigger number| width object| bounding number| step function| slideMenu object| google_tag_manager object| _PBCFG object| vitag string| tagApi object| viAPItag function| onYouTubeIframeAPIReady object| pbTag function| getEidsByVLI object| _Hasync object| places string| p function| setA object| app function| a object| _wau boolean| __cfRLUnblockHandlers object| $sf object| WAU_ren function| WAU_classic function| WAU_classic_request function| WAU_r_c function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| wpJsonRciWidget object| ua_result object| revcontent function| renderRCWidget object| vlipbChunk object| vlipb object| ADAGIO object| mnet string| nobidVersion object| nobid object| owpbjsChunk object| owpbjs object| PWT function| dspCriteoRTUSCallback function| dspCMCallback number| infolinks_pid object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| observeElementInViewport function| chfh function| chfh2 string| _HST_cntval object| Histats function| Splide object| viSplide object| GoogleGcLKhOms object| img object| script boolean| IL_INIT object| $iceboot object| INFOLINKS object| x string| x1 string| x2 object| Tynt object| _0x591e function| _0x1f06 function| _oscript object| ls function| _getRandomInt function| _loadSingle function| _load function| parseDataTag function| randomSort function| _cb object| cv object| _dtspv function| _typeof function| _defineProperty object| sas object| apntag object| _ADAGIO object| _33Across function| __uspapi object| otpbjs function| postscribe number| $iceId object| onetag function| otpbjsChunk object| _HistatsCounterGraphics_0_setValues object| __pm_glbl object| __pm_glbl_2r4LpRnqhg0ftE61tPcNmTZ1 object| __pm_ads_list string| AdScoreObject function| adScore object| __pm_glbl_ArfDu7dIkIaa4gc9C8xpfmDd object| _0x1a80 function| _0x2af5 object| lotame_3825 number| char boolean| 8ade0ea5-4131-4b6a-807c-3ec8590bd3f1 object| bubble object| skins object| google_logging_queue number| tmod object| google_ad_modifications object| adsbygoogle string| google_user_agent_client_hint object| criteo_syncframe_state object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 function| lt3825_ba function| lt3825_b undefined| lt3825_c undefined| lt3825_ca undefined| lt3825_da function| lt3825_ea object| lt3825_e function| lt3825_fa function| lt3825_g function| lt3825_ha object| lt3825_ object| lt3825_na object| lt3825_oa object| lt3825_Oa object| lt3825_Ya object| lt3825_Za object| lt3825_7 function| lt3825_aa function| lt3825_a function| lt3825_d function| lt3825_f function| lt3825_h function| lt3825_ga function| lt3825_ia function| lt3825_i function| lt3825_ja function| lt3825_j function| lt3825_k function| lt3825_l function| lt3825_m function| lt3825_n function| lt3825_la function| lt3825_ka function| lt3825_o function| lt3825_p function| lt3825_ma function| lt3825_q function| lt3825_r function| lt3825_s function| lt3825_t function| lt3825_u function| lt3825_sa function| lt3825_pa function| lt3825_qa function| lt3825_w function| lt3825_ra function| lt3825_x function| lt3825_y function| lt3825_z function| lt3825_A function| lt3825_v function| lt3825_B function| lt3825_C function| lt3825_ta function| lt3825_D function| lt3825_E function| lt3825_ua function| lt3825_F function| lt3825_G function| lt3825_va function| lt3825_H function| lt3825_I function| lt3825_J function| lt3825_wa function| lt3825_L function| lt3825_M function| lt3825_K function| lt3825_xa function| lt3825_ya function| lt3825_N function| lt3825_za function| lt3825_Aa function| lt3825_Ba function| lt3825_Ca function| lt3825_Da function| lt3825_Ea function| lt3825_Fa function| lt3825_Ja function| lt3825_Ga function| lt3825_Ha function| lt3825_Ia function| lt3825_Ka function| lt3825_Ma function| lt3825_La function| lt3825_Na function| lt3825_O function| lt3825_Pa function| lt3825_Qa function| lt3825_Ra function| lt3825_Sa function| lt3825_Ta function| lt3825_Ua function| lt3825_Va function| lt3825_Wa function| lt3825_Xa function| lt3825_P function| lt3825__a function| lt3825_0a function| lt3825_1a function| lt3825_Q function| lt3825_R function| lt3825_2a function| lt3825_S function| lt3825_T function| lt3825_3a function| lt3825_4a function| lt3825_5a function| lt3825_U function| lt3825_V function| lt3825_W function| lt3825_X function| lt3825_Y function| lt3825_6a function| lt3825_9a function| lt3825_8a function| lt3825_7a function| lt3825_Z function| lt3825__ function| lt3825_0 function| lt3825_1 function| lt3825_4 function| lt3825_ab function| lt3825_cb function| lt3825_bb function| lt3825_eb function| lt3825_db function| lt3825_2 function| lt3825_gb function| lt3825_ib function| lt3825_hb function| lt3825_3 function| lt3825_$a function| lt3825_fb function| lt3825_jb function| lt3825_kb function| lt3825_lb function| lt3825_mb function| lt3825_5 function| lt3825_6 function| lt3825_nb function| lt3825_ob function| lt3825_pb function| lt3825_qb function| lt3825_rb function| lt3825_sb function| lt3825_tb function| lt3825_ub function| lt3825_vb function| lt3825_wb function| lt3825_8 function| lt3825_zb function| lt3825_Ab function| lt3825_yb function| lt3825_xb function| lt3825_Cb function| lt3825_Bb function| lt3825_Eb function| lt3825_Db function| lt3825_Fb function| lt3825_Gb function| lt3825_Hb function| lt3825_Ib function| lt3825_Jb function| lt3825_Kb function| lt3825_Mb function| lt3825_Pb function| lt3825_Ob function| lt3825_Lb function| lt3825_Sb function| lt3825_Nb function| lt3825_Qb function| lt3825_Ub function| lt3825_Tb function| lt3825_Vb function| lt3825_Rb function| lt3825_Wb function| lt3825_Xb function| lt3825_Yb function| lt3825_9 function| lt3825_Zb function| lt3825__b function| lt3825_0b function| lt3825_1b function| lt3825_2b function| lt3825_$ function| lt3825_3b function| lt3825_4b function| lt3825_5b function| lt3825_6b function| lt3825_7b function| lt3825_8b function| lt3825_9b function| lt3825_$b function| lt3825_bc function| lt3825_cc function| lt3825_dc function| lt3825_ac function| ILVideo object| n object| s object| google_image_requests object| ONFOCUS

291 Cookies

Domain/Path Name / Value
map.go.affec.tv/map/ttd Name: oo
Value: 1
map.go.affec.tv/map/an Name: oo
Value: 1
.3lift.com/sync Name: sync
Value: CgoIgAIQqu7c2McxCgoIoQEQtuzc2McxCgoIgQIQqu7c2McxCgoI4gEQqu7c2McxCgoI5gEQtuzc2McxCgoIhwIQtuzc2McxCgkISRCq7tzYxzEKCgiMAhC27NzYxzEKCgisAhCq7tzYxzEKCgitAhCq7tzYxzEKCgiRAhC27NzYxzEKCgiSAhCq7tzYxzEKCgi0AhC27NzYxzEKCgiUAhCq7tzYxzEKCgi3AhC27NzYxzEKCQg6ELbs3NjHMQoJCBsQqu7c2McxCgoI3gEQqu7c2McxCgkIXxC27NzYxzEKCQgfELbs3NjHMQ==
i.liadm.com/s Name: _li_ss
Value: ChMKBgiiARDhFgoJCP____8HEOsW
i6.liadm.com/s Name: _li_ss
Value: CgA
live.demand.supply/ Name: demandSupplyTi
Value: 88839566-4a26-41da-b49a-5a7fcf3cdb54
.demand.supply/ Name: __cf_bm
Value: JH2gBH_qNLJyqjG.mjcNRgA_wpg4SnWaw3zzEDyTaSQ-1702872162-1-AWsQtz4dxlFsSsUvwJzeClmyU4p9OQZXFdswvmGYNsKTcNr3Vxb6dXFlsGwO1OultL1x4/+kOQd+w2FWMFNSCYI=
.hawtcelebs.com/ Name: lotame_domain_check
Value: hawtcelebs.com
.openx.net/ Name: i
Value: 4d23d636-bd2d-40e9-9d15-50680e110f49|1702872163
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 442a1d36e311842d9a0f79f9a6e84fdd
.hawtcelebs.com/ Name: _cc_id
Value: 442a1d36e311842d9a0f79f9a6e84fdd
.hawtcelebs.com/ Name: panoramaId
Value: 74287c03e9fb7c33eb4b2d01e80c185ca02c6cc8189c492931ff26741f8b8615
.hawtcelebs.com/ Name: panoramaIdType
Value: panoDevice
.hawtcelebs.com/ Name: __gads
Value: ID=856128fbdaf7cb4e:T=1702872163:RT=1702872163:S=ALNI_MaCaSkjlpkSSjfEuZvcoGP1vL6D8g
.hawtcelebs.com/ Name: __gpi
Value: UID=00000cb34ee6121f:T=1702872163:RT=1702872163:S=ALNI_Mbo_APU2J5Lqig4D1ZRFQ8e8aiNGA
.doubleclick.net/ Name: IDE
Value: AHWqTUkMwKnlw27dJs3NRfzdEAfA1K3AnrIBtO-p1_UxnJuQEj8njP6DJXHC8uk1PoE
.doubleclick.net/ Name: APC
Value: AfxxVi4xWFncjk1cULfC-5ij1RjMH_fk-KSrhm2RG6NTC_P3xhzZFQ
.hawtcelebs.com/ Name: _ga
Value: GA1.1.667190260.1702872163
www.hawtcelebs.com/ Name: __ppIdCC
Value: gwqtxekeva_xon21796876104193
www.hawtcelebs.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.hawtcelebs.com/ Name: sharedid
Value: 231286dc-7bbe-468b-a244-e0e553e9246d
www.hawtcelebs.com/ Name: ucf_uid
Value: 31b8eac5-f448-4ac3-af3d-70e694d2bb8a
www.hawtcelebs.com/ Name: HstCfa1890596
Value: 1702872164393
www.hawtcelebs.com/ Name: HstCla1890596
Value: 1702872164393
www.hawtcelebs.com/ Name: HstCmu1890596
Value: 1702872164393
www.hawtcelebs.com/ Name: HstPn1890596
Value: 1
www.hawtcelebs.com/ Name: HstPt1890596
Value: 1
www.hawtcelebs.com/ Name: HstCnv1890596
Value: 1
www.hawtcelebs.com/ Name: HstCns1890596
Value: 1
.hawtcelebs.com/ Name: _ga_2CJZ9YTX9G
Value: GS1.1.1702872163.1.0.1702872164.59.0.0
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1702872164
.dtscout.com/ Name: l
Value: 6D001702872164961943D5DB294AB097
.revcontent.com/ Name: rcuuid
Value: 18d3c598-0e3f-4777-92ed-70ca398228d8
.hawtcelebs.com/ Name: cf_clearance
Value: uftfgglZUMm1wrUSqhkQdVB0Y3o6na09GONjSimN280-1702872164-0-1-95c90ef.2bb26c72.2a0805d5-0.2.1702872164
www.hawtcelebs.com/ Name: logglytrackingsession
Value: e1fb4ba8-7dc5-4f18-a18d-e84bacf1bf2e
.send.microad.jp/ Name: TR
Value: 64e6d9af0fa24d85c6c8353eae4712f32361d22bf2f68fba
.a-mo.net/ Name: amuid2
Value: 1f38f475-74a1-4382-b911-c4fb51df07fb
.prebid.a-mo.net/ Name: sd_amuid2
Value: 1f38f475-74a1-4382-b911-c4fb51df07fb
.3lift.com/ Name: tluid
Value: 2237294431585906453658
.quantumdex.io/ Name: uid
Value: ae3a5a15-451e-4796-9c64-61e771895600
.infolinks.com/ Name: cuid
Value: 7994afcd-7b70-49d4-8970-1e076a54cf0d
.bidswitch.net/ Name: tuuid
Value: a18511a8-4739-4f63-9f2a-764feaa38b34
.bidswitch.net/ Name: c
Value: 1702872164
.bidswitch.net/ Name: tuuid_lu
Value: 1702872164
.adingo.jp/ Name: ID
Value: 006016572373698c0fc139aa7613f90a
.casalemedia.com/ Name: CMID
Value: ZX-EZaWFGjsPKn42Fi5GIwAA
.casalemedia.com/ Name: CMPS
Value: 5489
.casalemedia.com/ Name: CMPRO
Value: 5489
.adnxs.com/ Name: uuid2
Value: 3456854436429190532
.adsrvr.org/ Name: TDID
Value: 45d05fd7-b774-43df-ba7c-91fe06509f64
ads.us.e-planning.net/ Name: CT
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: aJntuJp26Ua8e4OCaQoUuA56WBcNQyZdKxlZceMA4d7mXT3HcU6GyEa7UdO6fGdNjZdOhvwxbR9EEYa00ZbsySv1Ynsn
.e-planning.net/ Name: E
Value: AIhrPcY1-OUrujN8
.infolinks.com/ Name: IXUSERCOOKIE
Value: ZX-EZaWFGjsPKn42Fi5GIwAA&5489
.sportradarserving.com/ Name: zuuid
Value: d24265c2-e898-4326-98a1-799f75027517
.sportradarserving.com/ Name: c
Value: 1702872165
.sportradarserving.com/ Name: zuuid_lu
Value: 1702872165
.infolinks.com/ Name: ANUSERCOOKIE
Value: 3456854436429190532
.pangle-ads.com/ Name: _pangle
Value: 2ZhR8aPLxlsJnpvsteyiMpn14UZ
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1702872165
www.hawtcelebs.com/ Name: pmtimesig
Value: [[1702872165295,0],[1702872165391,96]]
.tynt.com/ Name: uid
Value: v/8YZmV/xGVI1XAuIYep/w==
.sharethrough.com/ Name: stx_user_id
Value: 6ac368a7-0a41-45c6-a666-84d78d8f6519
.turn.com/ Name: uid
Value: 7380707807691766283
.advertising.com/ Name: A3
Value: d=AQABBGXEf2UCEPA0HFBnzQFWoZYaAFHt7xkFEgEBAQEVgWWJZWB-yyMA_eMAAA&S=AQAAAhKhyn88qLamxfvdmOZVywk
.pxl.iqm.com/ Name: infolink
Value: MTcwNDA4MTc2NTQzNg==
.pxl.iqm.com/ Name: iqm.retarget.uid
Value: 41b134c3-1be0-4824-96d5-d0c1b439f979
.360yield.com/ Name: tuuid
Value: f1cf3e85-4efb-4ec6-8e10-d05aa12c5786
.360yield.com/ Name: tuuid_lu
Value: 1702872165
.infolinks.com/ Name: TPLSERCOOKIE
Value: 2237294431585906453658
.yahoo.com/ Name: A3
Value: d=AQABBGXEf2UCEPKFgHTKQhvypJTIR7-LF78FEgEBAQEVgWWJZQAAAAAA_eMAAA&S=AQAAAoSvHrnEeWp1Zm5YcRWR9IQ
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1702872165501%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1702872165501%7D%2C%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1702872165501%7D%2C%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1702872165329%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1702872165501%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1702872165501%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1702872165501%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1702872165501%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A2%2C%22ts%22%3A1702872165329%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1702872165501%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1702872165501%7D%5D
.infolinks.com/ Name: SHTUSERCOOKIE
Value: 6ac368a7-0a41-45c6-a666-84d78d8f6519
.zemanta.com/ Name: zuid
Value: hzidrib9tQE7W3yXPLN4
.mediago.io/ Name: __mguid_
Value: f5ef61cac56027ed2e3c9r00lqae4c7c
.infolinks.com/ Name: IQMUS
Value: 41b134c3-1be0-4824-96d5-d0c1b439f979
.smartadserver.com/ Name: pid
Value: 3831266057273496277
.hawtcelebs.com/ Name: __dtsu
Value: 6D001702872164961943D5DB294AB097
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: y-9y9MlklE2uFEhyvU_beNUO19Cd8TL4c3~A
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004%22%7D
.quantserve.com/ Name: mc
Value: 657fc465-ae9f0-fe93a-009d8
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546.mQTE7dR9YjrZChUAq%2FadBbMeHE2ZUkYDsvpTgvHPLY8
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b5b97dac-d0a0-5a1e-7cb5-001a864f9546.mQTE7dR9YjrZChUAq%2FadBbMeHE2ZUkYDsvpTgvHPLY8
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Atbl9rNCgWh58tQAahk-VRpJGyeg.FkPXKVkl80EFeh6H0zBsa%2B5TI4uph%2FIsk8ujxKD6v4A
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Atbl9rNCgWh58tQAahk-VRpJGyeg.FkPXKVkl80EFeh6H0zBsa%2B5TI4uph%2FIsk8ujxKD6v4A
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAQTaKDi-O8JX1JqcZW3rnmtjdhmFUhAdfvR9aCFixEpEHwYBCDliP-rBjABOgQ8w7t9QgSetoAa.WHxkWZMCnLxplmE%2BCrKtd9Jg2K1VqpZ2KY1rDXeGUug
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAQTaKDi-O8JX1JqcZW3rnmtjdhmFUhAdfvR9aCFixEpEHwYBCDliP-rBjABOgQ8w7t9QgSetoAa.WHxkWZMCnLxplmE%2BCrKtd9Jg2K1VqpZ2KY1rDXeGUug
.tapad.com/ Name: TapAd_TS
Value: 1702872165775
.tapad.com/ Name: TapAd_DID
Value: 00f7adb4-7718-4b77-b3bc-531c16088d62
.adkernel.com/ Name: ADKUID
Value: A1171917415455838230
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-iApnw.xE2uI7uNomz9yv1oBAK13yd62C~A
.infolinks.com/ Name: IMDUSERCOOKIE
Value: f1cf3e85-4efb-4ec6-8e10-d05aa12c5786
.creativecdn.com/ Name: u
Value: yN7MUtXLvHHB3doipMX0
.creativecdn.com/ Name: g
Value: yN7MUtXLvHHB3doipMX0_1702872165734
.creativecdn.com/ Name: ts
Value: 1702872165
.amazon-adsystem.com/ Name: ad-id
Value: AxbGr-ZI102pvk4vGAZX9Rk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.demdex.net/ Name: demdex
Value: 72174198492171007252808969393739432874
.infolinks.com/ Name: EQVSERCOOKIE
Value: 3831266057273496277
.dpm.demdex.net/ Name: dpm
Value: 72174198492171007252808969393739432874
.liadm.com/ Name: lidid
Value: c0f7a6de-1c26-443c-9875-056c5dd4738b
.infolinks.com/ Name: R1USERCOOKIE
Value: RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
.dtscdn.com/ Name: uid
Value: 6D001702872164961943D5DB294AB097
.ads.stickyadstv.com/ Name: UID
Value: 6edb453fa93a7dd28144c35b8353bad
.go.affec.tv/ Name: ck
Value: 657fc4655d4b1a0001b44aac
.go.affec.tv/ Name: oo
Value: 1
.hawtcelebs.com/ Name: __qca
Value: P0-71408118-1702872164933
.admixer.net/ Name: am-uid
Value: 00cefed71db242f482ccb75a903e683c
.linkedin.com/ Name: li_sugr
Value: 668042dc-cb71-49c1-bcb2-30d41b867733
.linkedin.com/ Name: bcookie
Value: "v=2&2107adbd-7404-4bd1-8cf1-e1b1360e9e69"
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3095:u=1:x=1:i=1702872165:t=1702958565:v=2:sig=AQHRU7juHovC2YjovW8Vcs1d2V2X5KZY"
adtrack.adleadevent.com/ Name: AWSELBCORS
Value: 9FC54D150466C174912E5199B1F8E822A79961F4596BFB1311DF4AD552FFCAECC412B5A4F8D63A2A90D1DB19587375008B81DF393E974B37DE71BA6F26DE79F63E8F5DED51
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 44c1b75a-56b1-4558-b9e2-c596f366b997
.eyeota.net/ Name: mako_uid
Value: 18c7b172e78-36e40000010e54c8
.infolinks.com/ Name: ZMNUSERCOOKIE
Value: hzidrib9tQE7W3yXPLN4
.eyeota.net/ Name: SERVERID
Value: 21704~DM
.lijit.com/ Name: ljt_reader
Value: H1vSCLZH1GFpiRLqQlWJzlOb
.infolinks.com/ Name: FRWHUSERCOOKIE
Value: 6edb453fa93a7dd28144c35b8353bad
.infolinks.com/ Name: QCUSERCOOKIE
Value: qsq40f_LuYKxnuqO-s-i0fnGvNaxz7-O-Mc7oh4L
.media.net/ Name: visitor-id
Value: 3458737661274461000V10
.media.net/ Name: data-inf
Value: setstatuscode~~41
.33across.com/ Name: 33x_ps
Value: u%3D212384919919253%3As1%3D1702872166095%3Ats%3D1702872166095
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTcwMjg3MjE2NiwiaWQiOiIzNDU2ODU0NDM2NDI5MTkwNTMyIiwibHMiOjE3MDI4NzIxNjZ9LCJ0dCI6eyJkdCI6MTcwMjg3MjE2NSwiaWQiOiJ2LzhZWm1WL3hHVkkxWEF1SVllcC93PT0iLCJscyI6MTcwMjg3MjE2NX0sInRkIjp7ImR0IjoxNzAyODcyMTY2LCJpZCI6IjQ1ZDA1ZmQ3LWI3NzQtNDNkZi1iYTdjLTkxZmUwNjUwOWY2NCIsImxzIjoxNzAyODcyMTY2fSwidiI6MH0=|1702872166|6290434e553b3404f2bd1976c856338ea8efeb90
.infolinks.com/ Name: URUSERCOOKIE
Value: RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004
.hawtcelebs.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_2JCbcmOHeoP6L4w9gmZPFphUaf2yG9drRGYSoiiGMWxZbUt3z-UkhR3MvFwinS5zDqd28TQDGK0nA0waojXfl5XXKJIXjJKjhtozTqZU89wnUFCRgiOSHvIBMOytTbMZaB5pRkOsKj8OJKsqDOeg8p77BNw%3D%3D%22%5D%5D
.infolinks.com/ Name: MNETUSERCOOKIE
Value: 3458737661274461000V10
.infolinks.com/ Name: QORAUSERCOOKIE
Value: A1171917415455838230
.infolinks.com/ Name: 33AUSERCOOKIE
Value: 212384924788945
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: H1vSCLZH1GFpiRLqQlWJzlOb
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 16F99F77-E4BA-46B4-9EC8-E5D1E5E6E10C
.pubmatic.com/ Name: DPSync3
Value: 1704067200%3A226_201_245%7C1702944000%3A248
.pubmatic.com/ Name: SyncRTB3
Value: 1703462400%3A15_223_2%7C1704153600%3A35%7C1708041600%3A69%7C1703721600%3A63%7C1704067200%3A56_233_21_217_46_220_76_54_3_8_202_254_7_179_234_107_22_96_71_209_214_264_5_13
.mgid.com/ Name: lmg_usr
Value: ba1d4517-9389-470b-9a31-71dd8ce58dd9
.mgid.com/ Name: lmg_r
Value: 13
.rezync.com/ Name: zync-uuid
Value: b74a27db-7cf5-49a6-9d57-3e21a9d3d050:1702872166.4255822
.onaudience.com/ Name: cookie
Value: 94efaed68a8c349c
.onaudience.com/ Name: done_redirects219
Value: 1
.hawtcelebs.com/ Name: panoramaId_expiry
Value: 1703476966390
.uncn.jp/ Name: t
Value: v_76fd0c8d-0f30-4e38-a2b3-06788d125e14
.prebid.a-mo.net/ Name: __amc
Value: 2_1702872164_1702872166
.ctnsnet.com/ Name: cid_c9de430341d54886993980ca71a93804
Value: 1
.quantserve.com/ Name: d
Value: ELIBEgHYKvijDM_qMA
.ladsp.com/ Name: cr
Value: 1
.ctnsnet.com/ Name: cid_2572d8ac3aab42c0b6b58517cc2b6113
Value: 1
.ladsp.com/ Name: smn_uid
Value: SPHuLLWzQVbFHl76hPWqHBA-NbiQfzM
.ladsp.com/ Name: lum
Value: CObh3NjHMRIFCAoQ4BI
.infolinks.com/ Name: MGIDUSERCOOKIE
Value: ba1d4517-9389-470b-9a31-71dd8ce58dd9
.socdm.com/ Name: SOSYNC
Value: anNvbjp7InB1Ym1hdGljIjoxNzAyODcyMTY2fQ
.adform.net/ Name: C
Value: 1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8452-2!8452
.semasio.net/ Name: SEUNCY
Value: 67BDCDBB5245B3FE
.agkn.com/ Name: ab
Value: 0001%3AMpKX5Feg0cxR6XNr0bLg%2FCFF%2FlJzDdCy
.adform.net/ Name: uid
Value: 7965596858226237483
.c.appier.net/ Name: _auid
Value: srNVz1scDwOPrHojZsR_ZQ
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-e781848b-10d2-3c7f-ba2b-4d98c447d3ac
.w55c.net/ Name: wfivefivec
Value: y2LtAdkx1Rf4Q65
.simpli.fi/ Name: suid
Value: 77E8C90F12574DEC950120C50FB7BA09
.mgid.com/ Name: muidn
Value: nbhKwl0v382k
.mgid.com/ Name: __cf_bm
Value: RXrWghwl9By90LVLot_ls7mnruqwfLvKYjBoBZinf_g-1702872166-1-AUQJFPlhQPgJBRhqQrvkGM0SG+qodci0gWcrCKwTH3RzKDMfc51Y6hzAq/NtfdbgCdoNm6VoD82VJpzx+RY5cVY=
.cpx.to/ Name: cpSess
Value: 796f005004e22574
.cpx.to/ Name: dsp_TTD
Value: 45d05fd7-b774-43df-ba7c-91fe06509f64#1702872166753
.cpx.to/ Name: dsp_app_nexus
Value: 3456854436429190532#1702872166753
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZX-EZgAHv4QGbABd
.w55c.net/ Name: matchpubmatic
Value: 5
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.infolinks.com/ Name: DISUSERCOOKIE
Value: ua-e781848b-10d2-3c7f-ba2b-4d98c447d3ac
cm.mgid.com/ Name: mg_sync
Value: {}
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzM2MDO0NDU0NjI2NbC0MBPiM9R1M_QrcHP3DE8xCksFAE1oqSwlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13IsRGAIAwF0AmsmCNe-BA-cRswOpClpZNaemf53pU4WQcYU7ifJtVHEw-jlAN5eJRQ0y1T0Ync2lph1oE7LV869fn5BRnZFw1aAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4MAFuGA3iWghVu7ud3DTF9hbeL8hXiulOijjga3q0Rp6GRWTsMzTETGBH0HfVTU6AAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzM2MDO0NDU0NjI2NbC0MBPiM9R1M_QrcHP3DE8xCksFAE1oqSwlAAAA
pool.admedo.com/ Name: tuuid
Value: 4bc9ef92-7b2b-42dd-b9a9-137bf8a73482
pool.admedo.com/ Name: c
Value: 1702872167
pool.admedo.com/ Name: tuuid_lu
Value: 1702872167
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-cbc9ef06-f412-4a65-a669-479c1b0eafed-004%22%7D
.bidr.io/ Name: bito
Value: AAEHdE7K_4kAABSTifkKEw
.bidr.io/ Name: bitoIsSecure
Value: ok
.cpx.to/ Name: dsp_dbm
Value: CAESEP93Rn6rbmAwFoR6SmB-hcw#1702872167034
live.rezync.com/ Name: sd-session-id
Value: .eJwNylEOgyAMANC79FsWWiylXMagsIRsskX0Z8a7z8-XvBOmb9nW1ErbIe7bUQZY3vVWh3hCr7-1vCACqnhnPSqjI8dWg4drgF56r5821XyfWcZEkmcjy5PNqMkbzSzGFcKk2WXLNqJYCkLo_WMk5kAE1x-4DiWf.ZX_EZw.36EDms4yV_SXHMbIqmMg0m8ZPMU
.bluekai.com/ Name: bku
Value: Whz99s4W4tVIHqLT
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDExSjRMMTZLNTY0tDAxSrFMNEgzt0yzTDRLtTBJS0lhAILU%2BiPpf%2F7%2F%2F88P4oAB75RJL1QZ28oZ%2FjMyMkxEYnchsa8fbjVi%2FRMEUgNR%2BYERxP4oCyK314P1%2Ftw4hYWQmkunHrERUrN732UBQmoOL55D0K6P759yEzLn3RLC5lw9qU7ImCtfLAkp%2BdBwXwAaXgwAB%2BuTIg%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIrT%2BSDqQggIWBgWsGmLmoFURyNX0GUYwP64EkAJCKBr0%3D"
.omnitagjs.com/ Name: ayl_visitor
Value: 8b928a1f03e7d2281861d05d497e50b5
.infolinks.com/ Name: ZTUSERCOOKIE
Value: 1978557985234180977
.csync.loopme.me/ Name: viewer_token
Value: 95316415-6455-41aa-b917-892edbaccb8c
.ml314.com/ Name: pi
Value: 3640711107418521621
.ipredictive.com/ Name: cu
Value: 1289afad-d6a6-43c5-9bcf-ef2defef2b7a|1702872167350
.rlcdn.com/ Name: pxrc
Value: COeI/6sGEgUI6AcQABIGCLrqARAA
.agkn.com/ Name: u
Value: C|0AAAAAAAALRKA5wAAAAAA
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.rubiconproject.com/ Name: khaos
Value: LQAE4DBJ-U-JCL5
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.adx.opera.com/ Name: UID
Value: OPUbed9a68fd8424706a7283bd61e9a4f84
.hawtcelebs.com/ Name: sharedid_cst
Value: zix7LPQsHA%3D%3D
.thrtle.com/ Name: mc
Value: eyJpZCI6ImVjN2E0M2JmLWFlNzAtNDU3Yy1iMWU5LThkMmY0NThjNjE4YyIsImwiOjE3MDI4NzIxNjc4NjEsInQiOjF9
.w55c.net/ Name: matcheyeota
Value: 5
.hb.yahoo.net/ Name: visitor-id
Value: 3458737671274432000V10
.hb.yahoo.net/ Name: data-mag
Value: LQAE4DEK-K-50YH~~63
.hawtcelebs.com/ Name: cto_bundle
Value: e6-XwV8xRWNOd1dNJTJGemR4YXJEYmRkdHElMkJsZmV0MnlUYmFzZVhtS2lIR0FuZm9ZR0JBM2ZxbkJ3Zlpyc2dzR0JLYThKOFBUWno1aTY1eVZxJTJCcld5S0tZMVZla25tM2RpSFQwJTJGZW5HaDBabHBiSThNanRKdkc2Tk8lMkZwcmlpUCUyRlAwUUFzeHRSZ2pHVmhhU1F6RmFBQkg4ZDYyR2clM0QlM0Q
.hawtcelebs.com/ Name: cto_bidid
Value: xsQNhl8xU2NXUW9RelhmQVBpZ1UlMkZHVlV6V05BbiUyQjFrWGo5OEMlMkZEQ1JTUDE3JTJGQWNhRlhZVGxhV1lnUUFSTmFrWFF3bzVYdlhZZFRSJTJCJTJGWUZmZjJ5SkNkRldiSnFrOElQcSUyRkdjeSUyQmJWWEVBbWc5QzNKTDR5SUpnOVRUSGZ0QkRRVnlGdU8
.primis.tech/ Name: csuuid
Value: 657fc4681d983
.aralego.com/ Name: gdpr
Value: 1
.aralego.com/ Name: sspid
Value: 656bd495-7fa5-3b33-90af-9cdfd6c9142d
.smaato.net/ Name: SCM
Value: 84e8bd6444
.smaato.net/ Name: SCMp
Value: 84e8bd6444
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZX_EZaWFGjsPKn42Fi5GIwAAFXEAAAIB
.bing.com/ Name: MUID
Value: 21B1DD49D3B96BE22A77CEA2D2536A6E
.c.bing.com/ Name: MR
Value: 0
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiMWYzOGY0NzUtNzRhMS00MzgyLWI5MTEtYzRmYjUxZGYwN2ZiIiwiZXhwaXJlcyI6IjIwMjQtMDEtMDFUMDQ6MDI6NDguMzc0OTA3Njk3WiJ9fX0=
.adkernel.com/ Name: DSP2F_3
Value: 645839
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: Q3vhs37FEP
.adkernel.com/ Name: SSPZ
Value: 149271
.adkernel.com/ Name: DSP2F_76
Value: 614719
.betweendigital.com/ Name: dc
Value: sin1
.betweendigital.com/ Name: tuuid
Value: 5a45b45b-3759-5460-9a2f-075cff50c334
.betweendigital.com/ Name: ss
Value: 1
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIyMjM3Mjk0NDMxNTg1OTA2NDUzNjU4IiwiZXhwaXJlcyI6IjIwMjQtMDMtMTdUMDQ6MDI6NDhaIn0sImFteCI6eyJ1aWQiOiIxZjM4ZjQ3NS03NGExLTQzODItYjkxMS1jNGZiNTFkZjA3ZmIiLCJleHBpcmVzIjoiMjAyNC0wMy0xN1QwNDowMjo0OFoifX0sImJpcnRoZGF5IjoiMjAyMy0xMi0xOFQwNDowMjo0OFoifQ==
.prebid.a-mo.net/ Name: _sv3_12
Value: 1
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.dotomi.com/ Name: DotomiTest
Value: 4bb72650258d1fc0
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.betweendigital.com/ Name: ut
Value: ZX_EaAAHuJBPcxPtGsJH57lUK55jPwK50dF7TQ==
.prebid.a-mo.net/ Name: _sv3_13
Value: 1
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1702893768584
.pubmatic.com/ Name: SPugT
Value: 1702853804
.yellowblue.io/ Name: wrvUserID
Value: c4AKnoZ-CH_s
.intentiq.com/ Name: intentIQCDate
Value: 1702872168621
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUeWxDNHg3
.intentiq.com/ Name: IQPData
Value: 2454112744#1702872168618#0#1702872168618
.intentiq.com/ Name: ASDT
Value: 0
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYW14Ijp7InVpZCI6IjFmMzhmNDc1LTc0YTEtNDM4Mi1iOTExLWM0ZmI1MWRmMDdmYiIsImV4cGlyZXMiOiIyMDI0LTAxLTAxVDA0OjAyOjQ4LjcxODc5MDE4MloifSwicnViaWNvbiI6eyJ1aWQiOiJMUUFFNERCSi1VLUpDTDUiLCJleHBpcmVzIjoiMjAyNC0wMS0wMVQwNDowMjo0OC43MTg1MDY1OVoifX19
.id5-sync.com/ Name: id5
Value: 8eaaa04b-4ef8-7e82-85e6-9477fcc66e61#1702872165487#7
.fwmrm.net/ Name: _uid
Value: umw9bb2_7313789620212811627
.id5-sync.com/ Name: 3pi
Value: 224#1702872168415#757254703#7380707807691766283|2#1702872168057#1395219493#3456854436429190532|19#1702872167422#652228398#442a1d36e311842d9a0f79f9a6e84fdd|102#1702872166334#-1511504468|264#1702872167695#536738136#45d05fd7-b774-43df-ba7c-91fe06509f64|136#1702872168898#-1287911297|108#1702872167032#1148202080
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umw9bb2_7313789620212811627
.ads.stickyadstv.com/ Name: MRM_UID
Value: umw9bb2_7313789620212811627
.ads.stickyadstv.com/ Name: uid-bp-892
Value: 45d05fd7-b774-43df-ba7c-91fe06509f64
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-4Ghi9edE2oN8D.GfhPTzqdHHsaAjpEIeNFLnwMUe~A
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAEHdE7K_4kAABSTifkKEw
pixel-apac.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEMck04K3ZF1XCSYk0TN1x28
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyJlcGxhbm5pbmciOiIyMDIzLTEyLTE4VDA0OjAyOjQ0LjQxMzYxMDY0M1oiLCJvbmV0YWciOiIyMDIzLTEyLTE4VDA0OjAyOjQ0LjQxMzU5MDk3MVoiLCJydWJpY29uIjoiMjAyMy0xMi0xOFQwNDowMjo0NC40MTM2MTEyOTFaIiwidW5ydWx5IjoiMjAyMy0xMi0xOFQwNDowMjo0NC40MTM1ODk3NzlaIn0sInVpZHMiOnsiYWRhZ2lvIjp7InVpZCI6IjYzZDE0NDE0LTljODgtNDQ5Yy1iZDg5LTA2MTY4MTI0YmEzNiIsImV4cGlyZXMiOiIyMDI0LTAyLTE2VDA0OjAyOjQ0LjQxMjY0MDkyNFoifSwiZXBsYW5uaW5nIjp7InVpZCI6IkFJaHJQY1kxLU9VcnVqTjgiLCJleHBpcmVzIjoiMjAyNC0wMi0xNlQwNDowMjo0Ny4wMjQ5NzkyOTdaIn0sInB1Ym1hdGljIjp7InVpZCI6IjE2Rjk5Rjc3LUU0QkEtNDZCNC05RUM4LUU1RDFFNUU2RTEwQyIsImV4cGlyZXMiOiIyMDI0LTAyLTE2VDA0OjAyOjQ5LjUzNjM1NTAxNloifSwicnViaWNvbiI6eyJ1aWQiOiJMUUFFNERCSi1VLUpDTDUiLCJleHBpcmVzIjoiMjAyNC0wMi0xNlQwNDowMjo0OS40Mjk0NzAzODJaIn0sInVucnVseSI6eyJ1aWQiOiJSWC1jYmM5ZWYwNi1mNDEyLTRhNjUtYTY2OS00NzljMWIwZWFmZWQtMDA0IiwiZXhwaXJlcyI6IjIwMjQtMDItMTZUMDQ6MDI6NDcuMTQyNzgyNzQ4WiJ9fSwiYmRheSI6IjIwMjMtMTItMThUMDQ6MDI6NDQuNDEyNTc5ODgxWiJ9
.ads.stickyadstv.com/ Name: uid-bp-951
Value: 3456854436429190532
.smilewanted.com/ Name: sw_user_params_infos
Value: J9l5Ki9R2TWlH%2F8lh9rEHhXARvqt%2F%2BaUJ6MjggdHMVyH1%2BqN4JhBDRgaADxcFNboBB856mXqLhjjSnPzEf%2F8xKsc0lcF4DGgvzqBha%2BlJrmOvztCmfyHE3XTNDZf924YHX3ZDN7aMCh0o2WNRV0WCwIPyuMgIpTVM8TF%2FOumCDBzQhp4HhIUsaCUOis83XwFs%2FfNirht4kv4aBjPBWsGc0R9vWgI9fiPU%2BA17x8BMCU%3D
.w55c.net/ Name: matchfreewheel
Value: 5
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: y2LtAdkx1Rf4Q65
.ads.stickyadstv.com/ Name: uid-bp-25746
Value: 1289afad-d6a6-43c5-9bcf-ef2defef2b7a
.ads.stickyadstv.com/ Name: uid-bp-20721
Value: bd335a7c-dc62-4bbb-be35-86a65c6f184e
.ads.stickyadstv.com/ Name: uid-bp-45
Value: ZX-EZgAHv4QGbABd
.go.sonobi.com/ Name: __uis
Value: 643a2bf9-4a90-4828-b0f4-6d74658c8e3b
.infolinks.com/ Name: SONOBIUSERCOOKIE
Value: 643a2bf9-4a90-4828-b0f4-6d74658c8e3b
.smartadserver.com/ Name: vs
Value: 521929=5764562
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D36_0_0t%3B%24dma%3D0&c=1&l=-669273157&lo=1739943965&lt=638384689712596690&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D36_0_0t%3B%24dma%3D0
.adtdp.com/ Name: uid
Value: a32f81a5-206f-4e41-b59c-8baf39af49b6
.adtdp.com/ Name: pr
Value: aja
.teads.tv/ Name: tt_viewer
Value: 24a87c0b-f4d9-4d70-832a-62185c2ef6c4
.adingo.jp/ Name: criteo_dsp
Value: k-hsdWOzviUu-uPmYpVHXLQwwlnVCpyKwtaWsujA
.smaato.net/ Name: SCM1001851
Value: 84e8bd6444
.smartadserver.com/ Name: csync
Value: 79:k-w_R2vjviUu-uPmYpVHXLQwwlnVBUbBOiCIKyLA|111:ID5-b861SU3Ht00OttBbAOxpBbIMo22BEMnhabQaCevDEg
.analytics.yahoo.com/ Name: IDSYNC
Value: "18xp~2fo4:19cy~2fo4:18z8~2fo4:19bk~2fo4:18vk~2fo4:19e0~2fo4:175w~2fo4:196y~2fo4:18zh~2fo4"
.socdm.com/ Name: SOC
Value: ZX-Ea8Co8HAAAHg0fUEAAAAA
.ads.stickyadstv.com/ Name: uid-bp-11554
Value: k-9RTE2TviUu-uPmYpVHXLQwwlnVCz5kyAPuLMsg
.rubiconproject.com/ Name: audit
Value: 1|o5dgMtzC+btPyqfhDEIRb3c6OagNP8tZ/PzNk/luwFoRdwtRav1lhpvXXyk+3stUA2WS19YfIbwiZ07GJqnMnujPGTiJ9gcmpmvllXEtYN4=
.rlcdn.com/ Name: rlas3
Value: zqE9EAA8l8L/dodKjoV8M/1zk/sAT6dbOy7AR4/xSWc=
.bluekai.com/ Name: bkdc
Value: phx
.taboola.com/ Name: t_gid
Value: 26a9c62b-b1c3-47e0-934d-63811fc3bc1b-tuctc7949eb
.taboola.com/ Name: t_pt_gid
Value: 26a9c62b-b1c3-47e0-934d-63811fc3bc1b-tuctc7949eb
.dable.io/ Name: uid
Value: 70025079.1702872171753
.adnxs.com/ Name: anj
Value: dTM7k!M40mgjZ%3ghqdmU(7TJe10Ff#?nHjNW9TnR]VCb2wf`Ux:l!1w2j81hw2bNNHE7y3XUP6d#1(ibN*dViVrjut==SD8^%G[-[O6M<QG=%9skrhI.FB-I2BKQ+7QVNV`Au5VXh*c+SUv`+Sr0z$j^ai=N^enf]Iy-Z1/l*GqwAAHU:NnT'cj3DZkNOVv08L[41YiUASeyT'N-sU6B_=e+.<Q!8frXZ$YNv
.yieldmo.com/ Name: yieldmo_id
Value: 3z7mvDHbbPHtcC_91O8f%7C1702857600000%7C0
.ads.yieldmo.com/ Name: ptrcriteo
Value: k-Jc1FpDviUu-uPmYpVHXLQwwlnVBeqrsANhdj5A
.ads.stickyadstv.com/ Name: uid-bp-171
Value: 7380707807691766283
.hb.yahoo.net/ Name: data-crt
Value: k-X7UlPDviUu-uPmYpVHXLQwwlnVDOl5jLFDfPCw~~63
.media.net/ Name: data-c
Value: k-clANZTviUu-uPmYpVHXLQwwlnVAXsd_eArjjRA~~3
.media.net/ Name: data-c-ts
Value: 1702872171
.krxd.net/ Name: _kuid_
Value: P-0EnUsd
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsImv74j4fivzwQBRIUCgV0YXBhZBILCO6Tq5eH4r88EAUSFwoIcHVibWF0aWMSCwiI5-idh-K_PBAFEhYKB3J1Ymljb24SCwiE29ejh-K_PBAFEhYKB3N2eDl0NTASCwiKmOmrh-K_PBAFEhsKDHNoYXJldGhyb3VnaBILCOjqztaH4r88EAUYASABKAIyCwjA4dGDnuK_PBAFOAFaDHNoYXJldGhyb3VnaGAC

172 Console Messages

Source Level URL
Text
javascript error URL: https://www.hawtcelebs.com/
Message:
Access to fetch at 'https://prebid.smilewanted.com/' from origin 'https://www.hawtcelebs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.adkernel.com/user-sync?zone=208910&t=image&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fqorm-usync%3Fuid%3D%7BUID%7D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1)
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1)
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1)
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1)
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1)
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1)
Message:
Failed to create WebGPU Context Provider
javascript error URL: https://www.hawtcelebs.com/
Message:
Access to fetch at 'https://prebid.smilewanted.com/' from origin 'https://www.hawtcelebs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.hawtcelebs.com/
Message:
Access to fetch at 'https://prebid.smilewanted.com/' from origin 'https://www.hawtcelebs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.hawtcelebs.com/
Message:
Access to fetch at 'https://prebid.smilewanted.com/' from origin 'https://www.hawtcelebs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.hawtcelebs.com/
Message:
Access to fetch at 'https://prebid.smilewanted.com/' from origin 'https://www.hawtcelebs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.hawtcelebs.com/
Message:
Access to fetch at 'https://prebid.smilewanted.com/' from origin 'https://www.hawtcelebs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.hawtcelebs.com/
Message:
Access to fetch at 'https://prebid.smilewanted.com/' from origin 'https://www.hawtcelebs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.hawtcelebs.com/
Message:
Access to fetch at 'https://prebid.smilewanted.com/' from origin 'https://www.hawtcelebs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.search.spotxchange.com/audience_sync/7?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16299%26tp%3DSPXC%26tpid%3D%24SPOTX_AUDIENCE_ID%26gdpr%3D0
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://id5-sync.com/c/102/112/3/6.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.a-mx.com/sync/?tagId=&ref=null&u=https://www.hawtcelebs.com/&tl=https://www.hawtcelebs.com/&nf=0&rt=true&v=8.21.0&av=2.0&vg=vlipb&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://id5-sync.com/c/12/112/5/5.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://google-bidout-d.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.adxadserv.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://t.dtscout.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://router.infolinks.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.us.e-planning.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://jnxm2.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js.ad-score.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js.ad-score.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cdn-tc.33across.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://jnxm2.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tags.crwdcntrl.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.us.e-planning.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cdn.aralego.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://csync.smilewanted.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.quantumdex.io').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://google-bidout-d.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.adxadserv.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://t.dtscout.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://router.infolinks.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.us.e-planning.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://jnxm2.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js.ad-score.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js.ad-score.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cdn-tc.33across.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://jnxm2.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tags.crwdcntrl.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.us.e-planning.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cdn.aralego.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://csync.smilewanted.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.quantumdex.io').
network error URL: https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Damx_com%26uid%3D
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=ZX-EZgAHv4QGbABd&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
other warning URL: https://ads.themoneytizer.com/moneybid8_24/build/dist/prebid.js(Line 10)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://google-bidout-d.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.adxadserv.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://t.dtscout.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://router.infolinks.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.us.e-planning.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://jnxm2.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js.ad-score.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js.ad-score.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cdn-tc.33across.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://jnxm2.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tags.crwdcntrl.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.us.e-planning.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cdn.aralego.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://csync.smilewanted.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.quantumdex.io').
network error URL: https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Damx_com%26uid%3D
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.hawtcelebs.com').
network error URL: https://match.prod.bidr.io/cookie-sync/aul
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://id.a-mx.com/u?&gdpr=0&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F33507%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D1YN-%26A%3D1f38f475-74a1-4382-b911-c4fb51df07fb%26bidder%3Damx_com%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

861d82c996bc0bdc8b519bf54cbae226.safeframe.googlesyndication.com
a.dtssrv.com
a.sportradarserving.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.as.amanad.adtdp.com
ad.turn.com
ade.clmbtech.com
ade.googlesyndication.com
adgen.socdm.com
ads.adxadserv.com
ads.as.criteo.com
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.themoneytizer.com
ads.us.e-planning.net
adtrack.adleadevent.com
adx.dable.io
adxadserv.com
analytics.google.com
analytics.pangle-ads.com
aorta.clickagy.com
ap.lijit.com
api-2-0.spot.im
api.demand.supply
assets.a-mo.net
assets.revcontent.com
audex.userreport.com
b1h.zemanta.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
btlr.sharethrough.com
bttrack.com
c.bing.com
c.cintnetworks.com
c.tmyzer.com
c1.adform.net
cat.jp2.as.criteo.com
cc.adingo.jp
cdn-ima.33across.com
cdn-tc.33across.com
cdn.aralego.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.tynt.com
cdnjs.cloudflare.com
ce.lijit.com
ced.sascdn.com
cm-supply-web.gammaplatform.com
cm-x.mgid.com
cm.adform.net
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
cms.quantserve.com
connectid.analytics.yahoo.com
contextual.media.net
cr-p10.ladsp.com
creativecdn.com
criteo-sync.teads.tv
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.adingo.jp
cs.media.net
csi.gstatic.com
csm.as.criteo.net
csync.loopme.me
csync.smilewanted.com
d.agkn.com
d.turn.com
data.ad-score.com
de.tynt.com
dis.criteo.com
dmp.truoptik.com
dp1.33across.com
dpm.demdex.net
dps.jp.cinarra.com
ds.uncn.jp
dsum-sec.casalemedia.com
dsum.casalemedia.com
dynalyst-sync.adtdp.com
eb2.3lift.com
elasticbeanstalk-us-east-2-734424706109.s3.us-east-2.amazonaws.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
events-ssc.33across.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g2.gumgum.com
gcdn.2mdn.net
global.ib-ibi.com
go.affec.tv
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb.aralego.com
hb.yahoo.net
hbx.media.net
hde.tynt.com
i.liadm.com
i.w55c.net
i6.liadm.com
ib.adnxs.com
ic.tynt.com
ice.360yield.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imageproxy.as.criteo.net
images.revcontent.com
imasdk.googleapis.com
img.revcontent.com
inv-nets.admixer.net
invstatic101.creativecdn.com
ipac.ctnsnet.com
jadserve.postrelease.com
jnxm2.com
js.ad-score.com
kvt.sddan.com
lb.eu-1-id5-sync.com
live.demand.supply
live.primis.tech
live.rezync.com
loadus.exelator.com
map.go.affec.tv
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
ml314.com
mp.4dex.io
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-cdn.com
onetag-sys.com
ow.pubmatic.com
p.cpx.to
p.rfihub.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel-apac.rubiconproject.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.shareaholic.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid-server.rubiconproject.com
prebid-us.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
ps.eyeota.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.vliplatform.com
pxl.iqm.com
r.casalemedia.com
r2---sn-ogul7ne6.c.2mdn.net
r3---sn-v2u0n-ntqr.googlevideo.com
redirector.googlevideo.com
resources.infolinks.com
router.infolinks.com
rt3008.infolinks.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
rtd-tm.everesttech.net
rules.quantcount.com
s-cs.send.microad.jp
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.cpx.to
s.e-planning.net
s.tribalfusion.com
s10.histats.com
s3.vlitag.com
s4.histats.com
sc.cx732.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
servg1.net
services.vlitag.com
simage2.pubmatic.com
simage4.pubmatic.com
smart1adserver.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adxadserv.com
static.criteo.net
static.smilewanted.com
static.sunmedia.tv
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-dsp.ad-m.asia
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.quantumdex.io
sync.search.spotxchange.com
sync.sharethis.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
t.adx.opera.com
t.dtscdn.com
t.dtscout.com
tag.leadplace.fr
tags.bluekai.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
trends.revcontent.com
triplelift-match.dotomi.com
u-sin01.e-planning.net
u.4dex.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
usersync.gumgum.com
vastserved.com
visitor-usa02.omnitagjs.com
visitor.omnitagjs.com
waust.at
whos.amung.us
widget.jp2.as.criteo.com
ww1097.smartadserver.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.hawtcelebs.com
x.bidswitch.net
yeet.revcontent.com
ads.stickyadstv.com
api-2-0.spot.im
cm-supply-web.gammaplatform.com
id.a-mx.com
prebid.smilewanted.com
securepubads.g.doubleclick.net
ssc.33across.com
sync.mathtag.com
sync.search.spotxchange.com
trends.revcontent.com
www.googletagservices.com
103.132.192.30
103.43.90.21
104.17.216.204
104.18.34.83
104.18.35.167
104.18.36.155
104.22.68.131
119.9.108.211
122.248.253.6
124.146.153.151
124.146.153.167
13.115.66.78
13.225.183.10
13.228.126.19
13.231.25.160
13.249.160.110
13.251.173.5
13.251.232.112
13.33.88.124
13.35.49.117
13.78.59.237
130.211.115.4
131.153.206.103
139.162.84.221
139.99.123.110
141.226.231.48
141.95.98.64
141.95.98.65
142.250.198.2
145.239.192.166
151.101.2.49
151.101.65.108
172.217.161.66
172.217.175.66
172.66.41.9
172.66.42.247
173.194.174.155
18.140.225.254
18.141.75.199
18.141.88.119
18.143.106.89
18.164.154.83
18.176.179.11
18.177.116.10
18.238.192.21
18.65.207.58
18.65.216.109
18.65.216.96
182.161.74.11
182.161.74.13
182.161.74.16
184.27.185.21
185.184.10.30
185.184.8.90
185.84.60.20
185.86.139.85
185.98.53.29
195.244.31.10
198.206.157.242
198.8.71.130
2001:4860:4802:36::181
2001:df2:a300:bbbb::135
2001:df2:a300:bbbb::136
202.233.84.8
203.195.121.141
207.65.34.74
207.65.34.77
207.65.34.80
207.65.34.81
207.65.34.87
209.191.163.208
212.129.3.112
213.19.162.90
216.130.169.24
216.169.156.30
220.150.223.50
23.106.127.169
23.106.127.38
23.106.127.56
23.108.103.8
23.108.98.2
23.208.233.60
23.216.153.76
23.219.68.21
23.220.70.96
23.36.17.70
23.40.148.27
23.40.149.101
23.40.149.60
23.40.192.188
2404:6800:4004:1f::7
2404:6800:4004:80a::2004
2404:6800:4004:80f::200e
2404:6800:4004:810::200e
2404:6800:4004:820::2002
2404:6800:4004:820::2003
2404:6800:4004:822::2002
2404:6800:4004:822::2003
2404:6800:4004:823::200a
2404:6800:4004:824::2008
2404:6800:4004:824::200a
2404:6800:4004:825::2001
2404:6800:4004:825::200e
2404:6800:4004:826::2002
2404:6800:4004:827::2002
2404:6800:4004:828::2001
2404:6800:4008:c13::9c
2405:dc00:ef02:3::e
2406:2600:4::1
2406:2600:4::12
2406:2600:4::1f
2406:2600:4::22
2406:2600:4::7
2406:2600:4::b
2406:da18:929:5a00:f441:9efb:57a2:8f1e
2600:140b:5000::1738:ab7d
2600:1f18:765:4800:7681:18d0:4c60:ba77
2600:1f18:ed:550a:7962:6079:5403:3158
2600:9000:2066:8600:6:44e3:f8c0:93a1
2600:9000:208e:de00:19:fc2c:a140:93a1
2600:9000:20c4:9400:1f:4c18:bd40:93a1
2600:9000:21b7:a800:1b:5138:8a40:93a1
2600:9000:21ee:6e00:a:e047:753:a221
2600:9000:221a:5a00:a:deb0:3380:93a1
2600:9000:221b:8000:1a:5235:f980:93a1
2600:9000:26a6:fa00:10:dd8:5e40:93a1
2602:803:c006:158::65
2606:4700:10::6814:4f63
2606:4700:10::6816:2460
2606:4700:10::6816:3456
2606:4700:10::6816:3ac7
2606:4700:10::6816:3ce3
2606:4700:10::ac43:15e3
2606:4700:10::ac43:88d
2606:4700:10::ac43:db6
2606:4700:1::6813:824c
2606:4700:20::681a:467
2606:4700:20::681a:8a9
2606:4700:20::681a:c3c
2606:4700:20::ac43:4739
2606:4700:21::8d65:780a
2606:4700:3035::6815:b1c
2606:4700:3036::ac43:a392
2606:4700:3036::ac43:b893
2606:4700:3037::ac43:9e3b
2606:4700:4400::ac40:994e
2606:4700::6810:8516
2606:4700::6811:190e
2606:4700::6812:19ad
2606:4700::6813:9f13
2607:f8b0:4001:c12::5e
2620:116:800e:21:a878:7c6e:cf7b:3362
2620:1ec:21::14
2620:1ec:c11::200
2a02:6ea0:d300::19
2a02:6ea0:d300::22
2a02:fa8:c411:13::1400
2a04:4e42:600::300
2a04:4e42:600::485
3.128.138.194
3.130.244.5
3.136.237.229
3.18.237.172
3.214.250.236
3.223.88.167
3.37.95.197
3.5.133.140
34.102.146.192
34.111.113.62
34.117.239.71
34.117.77.79
34.120.135.53
34.124.209.251
34.149.40.38
34.202.71.208
34.226.252.48
34.229.3.43
34.95.81.168
34.96.70.87
34.96.71.22
35.160.8.191
35.186.193.173
35.208.249.213
35.213.12.39
35.213.93.179
35.214.218.94
35.227.252.103
35.244.154.8
35.244.159.8
35.72.102.184
37.157.3.26
45.137.176.88
45.156.19.151
51.222.80.231
51.79.154.9
51.89.67.82
52.18.155.110
52.192.253.158
52.193.13.224
52.199.118.63
52.220.199.193
52.223.2.229
52.223.40.198
52.25.192.112
52.25.95.187
52.46.143.56
52.50.140.7
52.53.103.154
52.69.237.108
52.76.7.220
54.157.57.36
54.158.15.169
54.169.41.251
54.174.240.211
54.183.254.196
54.198.64.103
54.199.74.241
54.217.177.23
54.238.120.71
54.239.38.253
54.38.64.100
54.39.128.117
54.65.75.62
54.70.250.75
59.151.138.103
63.251.14.14
64.120.110.136
64.120.110.137
64.120.110.138
64.202.112.223
64.202.112.31
64.38.119.44
65.9.42.20
66.225.223.159
67.202.105.21
67.202.105.23
67.202.105.32
69.169.86.38
69.173.158.64
69.173.158.92
72.34.250.75
74.118.186.106
74.118.186.107
74.214.196.131
8.18.47.7
8.2.110.161
8.39.36.141
8.43.72.97
82.145.213.8
98.98.134.241
99.84.133.60
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
022100f0bdd0406b22dae05ebc61277bd84147f6c3a8eab417b6341e0b54dec3
03b5aad2841a58bcc2eaa22eb449cb229d5cd9c82b6e90d3b4f2ce26b229bc0a
0425f61f1d0e80d96feea1dff3dfa0b335792d0ead434e762b15f5751f96926a
045d2118123dd438309aec9df012404bb89c0448a4ab9a38915bddbaec060cc0
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05a6ad78cd19749e6a8624e994157e872cef56dc1b8c5911f655070ecd5f966b
0700e6b976915d04750a99f83e6bdfbb6fae0758366b0672b7e7fa56c71c5fae
075070b8780160c942e5a3d4797de3311be40804be368029d7a412c62377ccbc
07d098da1a0e729a2b58231fbac02af9cd33b26a01c3459873faa8ebae59ed08
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b087c15951461b7d3999962d8a7f7b12014926b21ded97d37442def4881ba2b
0b640db060bd6c45e02eb82c75a7f0f087e7b0b30f47bcfa6aa892c310778fc4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d84a8c1a73a3eaea2d0ffb16006c3b624a5fce03e877009c304fa553d86598a
0e46f68a54b00f6335439af56b55f837522a09ccc0d03c2aef90d399f7c1bd60
0e6bca11ff84ace8c1d7e306cf6c242debe74e69c54ce067ac04a56cc85c7255
0e76f2c0eeb74891005e12aab2c883fc7ff2c3e025157df67656d72106a7a3f5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
114d045bf4453dddba6c0efc653bf66cfa301aefe2fe1dd0f20f8ffcdb8860fa
1394fd4f40f201be35b405b99a8f9cab5ebeba344bf4d486bd50e0c5da59eedf
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
142e0e35182562dff6c293341b06cca4e55856713e43179a6499326d94a3c33c
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
17d8f1bf6fb3da8c65192bea71d4560c8f81c1f798dc7ac2d41e07abd896fd42
17f97d5959c6d53bed9380600d2fc4d0ff71ee31fda6c0882db77b3e597ee0f7
182399b99b5eefd3fb2f4d907d4a8da82956120395559d090de5775db88ea8b6
18274ce6cec57da446e19277c05fbed1c2acb8edecbe3df56a64f7c6c0e39baa
185fe367a715579a0af8bfc7c991bab9a1f044afe77dd32416bc3a5cce445092
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1a6d9d3d70149e8625f86bab35c21395b69a79e6104cc27ac6035a0deae55325
1ac63c399f7e365f9463e19d2b12f553f67bd7d0edbb510ef2229a45ff8bf233
1b78f81310f0a2ef27646c37f50e8d44239992aedb5a5cee2a685262dde78cc1
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1c10a643b48bbb3b275ea80867bccc8d39f5486e82aba544a7507991d45bea63
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
20e56955bc8799b3dfa70a9926ff11a4029afc5e1d1b8a7839f68cdd3b51ed7a
2110735c6befcb8b0aa2385848b1a65bf7b1b2081c006f0bcac34e00094f0d8e
2167dfbf43e1793ff7927e153de4314cbf03f82c7b654af874c56ccfd1aaeedd
219c6674bbaa72932da2e07715cb8403d5fa3f6f52799ed912e1bf75e9621bc5
21ae007a8bed180e7f8a715a35272af6fd69f36010d80fce03b85d5913a84188
21b94bd9b58330fa42dedc329873a15eed8ea727c0482531798752e30664bcbd
21cfed7eb47b3b9d993cf5a71b4feb6e45c17a34e5355f197deb015ff7d877f2
23e28a741e1816e42e43b9041b4cc25cbdcc24d12f3d6a4db0bda2a26cf160dc
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86
250de4ccf84f1d5398d8ab9002568c639137449d0490e466595cfbed04745c37
25251688aa78d1df85a5b4ae14f122388536ba35f8acc23550e1af0b5303c57d
25af976f5236686ea5706ac9c99655d269f0e620f8494ca2bcf9ea88230aeead
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
26b4bcf9d48dd182afef58c674c98e357adc8b96518fe69ccd39a24c8b7dd339
2838f851826ce9808416e0cd933946406bc5581dedad0581c406d4f67f45a473
28aa48f7657819424716d48e35fe1fbf19ba377463098dc669d737b47dc205c1
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29a502916243e920a058ea11e8b99657099031bff39ad601290b111064099242
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b02268d59f15c37bf4c8d701a814fb8518ed3ad3735a34ac2eabdc9318da7b3
2b25464aeb93f5063223cc3240e65a6b2fd2776cb5f39fd9de88d43647ac1aee
2b553f424485a9da85b33613677534de714910c6037e4976fa359a95b771cbb4
2bed3578da4cbbe68d2b5ad0c8bf01f9d1e3ebd16e4e03f5a704edabf4507edb
2d21ec205f8755c7885a41ba1004257bf8070d700534f280188fced508e7dec2
2de157baa4cc175feab9925d76470e2b8f03d8918beed5f63f168bd3d2872073
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2df806965da339b5f39ebf2c501d85bc2b89a803d3216628e1129e6ababc5b1d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e40f7075c6cae2fbc414e7001b6522d1e59d68c429906dcc3ad6bf3eac6d712
2ee520f8609020eb0bc838cf7a2242b979217c7655a8abd495c283ab784b94f1
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30e66854a124a8bdfc8340b9ce72792094096223e4fce513e34c1e9e467f0cbc
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3363b53644a153bc7f22e29963708f849257573b731fda4f94db38368438bb5d
33711d3233efa3e498853a99b6346e52ec4793442d7c5cce3c4f62e84f5eb2eb
350eb3f9565cd1da079179138498c778b1a8b41d0ca0953845a43fbd152a40cf
35fbeb574dfe8381d1a6f28321e1d4141cbef5c666d33225fb94b4ea942f9c9b
3670871d82abc81777452e2aae061317365e31a3fd29671042376efde53bcc1e
36bd7ab0997f9d92bcf2dfe557a0248564bea89054947beb0a22bdda1be9da56
37bd89d0776acdb8565abd79559d140909e68570f7d74a6f0141d21aed4122f4
39109b62bfd99a39e5105acb335eb7b72c1fb63bf6427d7fa8d0b4dea09556ff
3927f47da8a98193a32b93ef3914787c5d4ef5c90776b08a026b30a2d50fbec5
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414
3a23e252e48aedbb307faf81316c26cfd14342ef0789982ae740764eb712837e
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3b4790db39169dba45a44fd79ec37da5557302627546df0adcde836570ace0bc
3b52e599a07065ef3bab6554d37ff5889775a6c0d5cd31bec2af6fba0e9f3e27
3b6811ba12ddf9060360d16f1bb1ed19bae1e8cca1cc9b804abbd0eb4b843b64
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bacaa7d706740cebc4749a9018ba08cfa81cac12e22f474db483ae3b48a8324
3c537da9c8328f588df85a8e2025042881dac69947da093913e723cc55140029
3c78cd18af9119636ec716458669c55bcc03d863c58c0ebaa494b181e326f9e8
3cef1f45ec8b4e8d12863079a7d6f6553222886136c6a7fbe97faf24bd2b61f8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dd52c9d1a20fe02293f8940d3a6688e9ee6ca85442de17a2a8a5368ebf171d8
3e80ccbe6fe88155e3bdff0b3860a79185986ccc01e184b511dbd71d78984650
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42f93c43d0c37a86684b3353354bfdd76934659a6a04606c7a27f4224c488334
43122e41533d4926223f942c44e2ad0460f484c1e17b1a7548b90f75cc18cbfe
43241a3520cacbbc702e51acc70f2a078512ec72e4a5b6f8cf2bbb06b11f0cdd
43ba72b01c71a8f174727370335990c884f93923d7d41a1aebe12a74201dadce
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4414d06a71fb28d1159581490c69153d2154fc2d4ae153f1b53ca6a1d48f449e
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
4680e944f9e2278a7275131973a7f958c374a25154429fcc9166f7305c4e7329
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46dbfb21f5a98e6d1b272c6b0f26c38aeb811c6d8a76bb9e1565bd8cb0c7edb2
47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
498c323d6fe879b5a0e8309e077dc48a643ec21311f1b337eaf35e36e80da109
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c27cc14f780ed75750558f4eef6e093a7270f6a97fe86504fa3f59e6fa8692f
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4d1b618b508d6e2c3ab4c4d98feeddfdb66e6d87d9dcfd88097f1d85480c3af0
4d71e245e039e2ab2210e33f77247ae8b8d1c899010a02a799ab0d5a961910b5
4dfcca0c86c9d87ee72765c61fc2219af9ba4660f465e5378806d47995177a8c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f29d3e23c44e9321522cd27c03a0c840038bd07b6950379d1eaa583e1532a4b
4f47487cd6e354bbc7cb8d6e40cc937c30c8ed776d256bfc51c543e9b1b54809
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4fd17b37a80684f1fada310c8dde6e979db05aeb791efdcd4156e76816def578
50b50b0eae933b618574d234af7905a077977a31469f5f6c31687149add14de9
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54822fb3d0b5197a8aab8b9e59bf814a888fa7fae30c0a34bcc6443b6d762ba4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54eacec863498628814d62c486eca8cd1c580c77a4dda865b5941006e40c6e66
554ee102ac0cbc21d46280e3942ffa21801521807fcf72b9b396c5208abf4906
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5969d34ea0d3f6e0f988b867e406d73a10a96c7792e6258b98da981c3dfc0f6e
59acf0f75019cdf63085091d4e96b1fefadb526eade0f3326ac54a652df2c27f
59ddf97f6e2d2c730808590edffb1c8caf4569dc1f10eb24c374e445911e6841
5a9c48a299f11184f4c8cb9b12b89635bce33a16560a00cdbf3bce24dfa3baca
5cfaa98231c293ed2ec269908bba9b412ed4c5330c887ef70157175b76a6a54c
5d698efa119f85b20fe4d9a694894014e3197b8e4de7e61d18d27c60eecd9b81
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
6130fb6f26578f9629cf6121e7fe00619294302787cae6b3e9b1a3a32e0fbdd8
61647438d42abf0104a3abada8b2c4c869871d83a14ec21107775c1477d42592
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6209e843a2aa0549d02059da3c828c29a03aa00434f0800bed986bc5903b8494
62438b28293ed4798e7bb29f539da4f041b1f2647bbad1e1067bd1f8f7d52fba
624e534cf66cddb89debb5e1ed46b0ac5618fca81036bd08954552ee409d1e02
63e8352da534a05dafb13e5aa106693d66074b5f96aaf7b9b0949d026f578f49
649573deaa079e8166f15bd6b75c0896c253506cf25a9b45cd1399d61200af16
649af545f5efd2a265363ceeb7fdf9dc6dc8c85dfba4d7d3a538930c3d181b39
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224
654251b94ad27560891bcdd044a3b31a7bc5c57849d524d52b15303857cc723e
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6710fa8a65497bc92dbba86d2f1d92808109badea91b803bd38b5592827548cb
678d9bdfb8af0485c319c05611f694e1f87a3289b47faed50c40c6a6b1130540
686c8f3c67a25265556496de9b37358557f5459b33d7b1e98940365e629ded25
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6b75c264b91673bb073fd9627ccd022e0b8f97f7ea6903d4e96f8d879f243b36
6b993d3716ae52eac71875e384579f52fa3aca65f30c085a742029af0ebddc7f
6c2fb26a735ec81c19e5078d61251379be634e324f416ca9e679725b318ff913
6ebd92b08caeeaf05c413f75f8d3aa48ff63abc99a80265cd11caf5ec618e596
6fe93ce9d3d8b0b64e7324728b1bfd72031d46d79763114abd19f2d3d2386c57
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
70a1d5296c9fbf75d86330788eb63f05afb3e3ed495a7f56766217b0169c5548
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
75f3eaaa770eff2dd12e4ad3de6868aa06091c8a8fd1b62f3524f6ad522f0c58
778b82a29ba771d9ddc66a0e5051d73ebe2027c9d09429a36ec6dd79de17a9d8
780a5296906e2857cb4a1de5d18a86976897fe2a07e1643d67620240b8679429
7a8491eef543cf338abda3282b3460df6a8c0efa668223039f34e2e2b3eba99f
7b8c285afac732675bbbfc8b052f4033ff296428769c8333fdef3416d30fd8e1
7bccb036fc4379abc145f8e81bdc9ba147157fb772b97b840bb65013226fed53
7d94221ee6ca574b7b31c13edae17243d8cc947cc2f1c14beb9c965799ccf272
7deb298f3627669f30fbbc9c92ae50b8c9542459488165539a82b34587f06365
7f64367cbf01a066e916b86c8987a7f35b1e4ec23798f37819402f62f03c5e5a
8001b88c5c4170c96cf5446f1fcbafc55a5e5b937f3a77a35659b4e77a83fd27
816e501db51f88ee3d200c8b64500aedd0276f3cc5b6eb81950034e2bfd5ce00
8322c76053c917801fed702192c48c58ffe98d3f3bab828c03dd75b3ba71873f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8390bd7de281c9f9f71e063b6f7ef73b02297c9fa9e971fd7b1bbbdee423048e
8460b0216042419f93aa04cee8a20c1650d59abf9caef6db8a377e32055583e0
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab
8686b06af6c14e26e8f538f55341864f24308723e1d39b8977c1353c4e66859c
8754626f00d422663412eee1b5eacb81bd008682929d0e60fb524568ff611016
87f6ea4e435a7964b4fa6d5c4c12e270b7bd7269895ee0ded734ed0405ef5106
88fbdc214f148ab318ff1bab6825373aaafbe5325b71bf3b1d2c473adf1d7a8c
8996d3b3138f7d5f0aef8a6890172042a84249da0746dedbe79369e1a9cb3b06
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b0df36f2d6227ab9cd31428b79e8a46a92475ce80b05b1528ac4db81c0aa586
8b689a1753dd80419b61e76923e0c6a60c15b74c1c087d54f4af167bee67a19e
8c571d2f63f294937e6b3897f1005dc03cbfc3fa859447a4380feb9342e57346
8c74403945c6fcf22c800cc4a03e4e750025568836bb8f5b51d292d3611dfc9a
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8cefce1f43fc3ac05ed8d2817454b6f4101a009e93105d5fb0e27144efa25498
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d708cdd9835f754376a7c8b713b6a432c389fb300fa3ffecb1efdbb4824eb0e
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ea9aa8bdc602603d8bee3d02ee1c6ff17412d787cc178676506889d70507691
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9129173d5280e244bb3245890e87656d5fa9cc94c4911ef3f95023224a7ace3d
919c98e15e2d018403dcd1bd6c6501a6646518001a15f399c003711fcd808f44
91b209d2aa36b3131a26bed655592d65daee1f43f34f68256871ef9ae318d78d
9212d3a1320fcf45900feade11dcb61012c5170853e5ffc185af083756febedb
92bf73969f54ddc214c635edcbecc43d71a2ce3742330bd6cc680b63c0d78546
9318dba4c68e2315fb2d2a704c8a2c69e4ed87253f7c638703a43a8e94f20617
9345176643ceca75b9134c859f54e7461407ef3302bd7ab6f9e09cf6a5798dbb
94833e8e38b0db568b88586c740e4564192f727967d55c35c6363d32ae263aab
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
95abaca5a5f710cf478b0360960174ac2153a14f8e875794d2dda4df164263ae
95fea5aa0bf38a791f1fc32bd53213a0b675592eba124bdcc76edff639855637
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
97c32278e8275102822dd3f18f9de62b7ff1f796bb43cf04c0845114ec912d16
97ec12ee083f84eabe1a5c486f180e47ffeeb64cd0e0d77530063581dca1d63c
98160e3c9ef7b95a2e2d03c445d3e4cbae21e116fc8abaa82fc9703b66423edb
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
98f3375906083748b6f8eaace7f9713bdf0a9789be1379b8a3700ab880b4a81b
99611b06213a8f3e355d230c682dc7eab306c1b8fe7b42a16bae55eaa6841367
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac1ba0fd033fdc1ac6df78af8d9e9fff9430881024ca2d53430467d1c256a01
9b0b13cf6cbdf5c71524f6d42f7c44ad793053587380f2d0874c7a504009ca70
9c983adf86ebc949957bdf55d524dfa278a79bea8d13f2efa9512c6dd37b86f5
9cb0a684b9aeba9f96328c1711ac63a588fadb2477492fe69f12c2e300dc222d
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4
9e856cdb55d4912d6d9309912c26081cca15f1c685ba79cadb0fb3a614283b25
9f404685ec191c8a093f63909f0e63efd8dd5d617f5b1327ef56ef65c878145d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a24a1cdd313ab6fa435e1a0f9f4f0395f864a11c9a5ff9610beafe91548d1a8d
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90
a367c5599cbd361ff0e18811c470f4f12957e6b0722cc11d9faa268be825f73b
a40dcd59c23d9ed6f0fbaeefeb57c78543b487ad93c49f5f74b89dd85b0ea278
a4116ec6bf9d337665a479eb0bdf5e38d16a9874afad2d145692ed6803034643
a4b944b33ea343a98b1b45d9b07dcf90eac92be9b715c8220d0f7c4067cb80a1
a4df1f5d0c1e98a55ac867822edb1be9512f46668b3cbd8ebc0fac7796d597ed
a4e38ff6433f915c6af2a0e9a1bca4d65a1024b775501fe5875ae25ce440bc69
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6e72aac4aee31c7e498ee2c73eddef16dfe43d7aa614945b9d2602b055070a3
a7196d2de3f91595ff448c8b9c7e3bfce6166c91506d5d9c60270ccc5c05ccce
a71f277a32c3a3a5bfbfdeb8555bf451c7932438e6e5420fbca77e79a038eb51
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a72baa0c1d82bdc8930d5e2698d3ef2173094bd40ef2d157e6b3e49fab07ba44
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275
a86ef4d972ed3d98642adcb265ac6acd0186423eeee3d5123c4bd47cf40e0302
a946d0a0864f753db123a2bb565e63e98e6b522e0d553db9d6d56cce173d4dc1
a9de5682f1719e0e13cc3317332a333a9fd600d22c50cc516b30f0e1c53a4f02
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac1b37894cd72008e8f162eb789874fca5ec6bd76f6229d0c3e770db5165dc41
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adb5759bed7279786ad2568d227ea12f2c4bc5ec3390c49eaf5b73983f5200bf
ae98901c945d6d8f70005c80fce27e4c2707dd3c401783c78ae45a22d2cd3f75
af0d6570462dee3c3937e8694b2ee98ea78313219976105080e94680c29769ad
af33a6f942a27610d4c4bf22966834702f4cfe69f3befa073dbc07021e1bbb89
af4f7e4c1f7dd598660eafe196804ef8a702b26688cdbef1fe0bdaf516428d7c
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b03d9834bb5da50c6a1cf6dd2f3ed2c45d9dbe7bec3124cc9a13dc88a72dc991
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0826c8357928963293263b76e25523251029a18d397ed85cf5a9c09c2be8ad4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f
b98b7de4068ab8776612fb21c7018d3d454f68943c8b9047763499a5abe31d4d
b9d8983f5e5d5bea1db4cb29a31866e37976c5c84afa5335f603b5c6dd8c0cc3
b9da6717175c920a9e33acbb9533f9790c1f1d1aa0498af8f79a8b8bcb20d74e
bb04c4821f4d0e5803fb5e23cf7217059edbfb04d6c109bdb4361c996eea9e44
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
bcb019a9a0db49141264e03cff67f617c59daa92c9dd3158ee7b7d163b5c1bf5
bd5393060269609ff038dca8b2deb23c85695d13dde9225940dffddee9d5b681
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
be08c68671189ff53234fffb8c7e62a03b4d9d8daa7546734e52e52b75916a87
beab0fcc7f6772dc5d19362bb192fbed6c57d3bf69e04305a20bfa3fce18401d
bee4c3ddceefb6558b86e3d6bbe40326f6d67e1b0b535eb6949d570e7630d82d
bef9909bdcd3e7c6632326f1f3f166b340d5411667f36129c145d69ec38a02ea
bf55c907757df4edbe32c2a4bdc51d2177bdc436ea42100773cfdeacbdae3d07
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b6805cadd71458bbf7a43c24c2017bf10ceee556c2858c8c61c43e94d8b991
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c8a4de0535e6ca3a5a62947c800e9732ba04f0e4f172e6b446dd338d51375da5
c8d363f0c57ad5f9f0d20cad9d5203a410c7118401ef737385b366c897a83109
c8f6b29c7ffa226e8adf83305b5957cb3d1c30f99df7724dfa9a48fce8f3b9d4
ca071af098c8212021fff20845935b78be4bba96fa1699ead6d2180902b72419
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb1a2c583424b6de0983c67fb31e71bd88cda242025e1e6057f4332a08819a7f
cb258de819233d19079183f383e36f2535e6d39da0cba5751c7578fd425a6370
cc993ab278a6565a76fbea3c2a2a14f3d3f412e86e5b650dda3536b4f7045ebd
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0a3a3e7028948f84a3a14f7bb2b62b78becf5be750c8a67031d534db0d94de
cd74dbd15f26258bce0d5413457d65724272003e8cfffdc91188f79cd848bc49
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d190d1a3aced3533570452b8280253419201734a0872791848ebdcf0f5573b22
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d247c5ddebd00a562eb595921d8f388596f74a87c0a742a86a682d1627636c5f
d2a5cad8642da06458b2c19709066f9c627a4d351384dc8bd8a7f97ff3e18e83
d588992293e94158c2a2e8bd8608a7293129cc908f68564b0ee29987b302d25a
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9
d5c422010416a4f350756b09ba63d3ef37bc5440791e43536c0fcb56f56767d3
d6d44c7e513be5ab0dd04e157536284480c3ccb205ce50a7063feb8e4b89cab8
d6ee1a2f20825a18abe881a91211b67552bd76af3b12e35c4c84d6df310d9dee
d74ffdb0d8b63bcbc31d2bb17d31b6127569a26a170dd070603fa6fbb1fdda5c
d76c13f41d362895f9834204344595fb81a5717e031e7d605fa573044403d025
d7cc44eaadf9501a48aabca5ed8fc96c219c14fbc3ab4acaa613258ecb2a8170
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3
d9f5b311b51dd07a82760c59cc443a4a6065554e9f3dc8ad0ca68f0979b43a73
da34738e44e21914517127fceb860b738c91f64053c4bc875f49ef870cc97213
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df92371a548b99f90afb3caeb15fdd106cbb37809b0f3f9db3db055e581ac28a
e1984c77f7b28ace226acc20d92385bbc6134e31321509175806ba28c35f6b6d
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b
e51eae5200b5dfba264665a40880e4c2063984f002d00942c77b1b16a718bd3f
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e60890b3a603becea835b71025235429e9bedd1c5696e55941a4c7b32731f0bc
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9594b1b4181ae3c589ab641561a92d68de2bc06980a95e17586ec6bda002fa8
e9c91163fa78badc3ecdcc01a732409c9575abbe1bd870523ca5430a7769bf38
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed59fe5e2bc627f9446d7d9815e97ab3ddd56e0eb3bec5abc09b6ec40e412b88
eef1357dda208536199e3f95954fa2410c5dbcbf46bae21470385b1e0bb2ed97
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f497d5620cd5e9b4656a594cf3486a6a61a47c6b5be55f4d4096c4083680bfb8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f81bde43fa67ee8e66118be314b4b5d71e9a11df401f5372a1f17cbf24eeeadc
f94f6041a02be24de279f885476f75fd2ca4aac6dd1bbe4ddad59d4ef2534ffe
f97e558653de10d9db3cd82e72aaba6389aff7fcb30f32b286a271444478838d
fa6c9d53c905d9bd112be662ee6c97d8cb116d110f897629f25cab498cad8cd0
fae0f231008e535f7c90a6cc4f5326ad7634e78c6134d0214a55889c85f9635a
fb0b25821c54460b733822c2ea86fbfe79aa45dd5b0ead824190e8568fc70449
ff3f7eec0bac04c99a2b82def43c39eb896db7a76b024140d424318c375e1611