www.hawtcelebs.com Open in urlscan Pro
2606:4700:3036::ac43:b893 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Effective URL:
https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Submission: On November 22 via manual (November 22nd 2021, 12:56:30 pm UTC) from US — Scanned from DE

Summary HTTP 226 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 55 IPs in 10 countries across 48 domains to perform 226 HTTP transactions. The main IP is 2606:4700:3036::ac43:b893, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hawtcelebs.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2021. Valid for: a year.

This is the only time www.hawtcelebs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	2606:4700:303... 2606:4700:3036::ac43:b893	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
22	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	68.71.249.118 68.71.249.118	20093 (ZEROLAG) (ZEROLAG)
1	2606:4700:20:... 2606:4700:20::681a:507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	184.30.21.80 184.30.21.80	16625 (AKAMAI-AS) (AKAMAI-AS)
3	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
22	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2600:9000:215... 2600:9000:2156:7400:5:c4ab:c3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
5 25	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	129.159.70.95 129.159.70.95	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1	88.214.206.142 88.214.206.142	46636 (NATCOWEB) (NATCOWEB)
3	2600:9000:215... 2600:9000:2156:ba00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2 7	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2 4	184.30.24.241 184.30.24.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
1	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.135.164 138.201.135.164	24940 (HETZNER-AS) (HETZNER-AS)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	85.114.131.233 85.114.131.233	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
1 1	54.89.121.91 54.89.121.91	14618 (AMAZON-AES) (AMAZON-AES)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	72.251.244.140 72.251.244.140	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	3.230.12.180 3.230.12.180	14618 (AMAZON-AES) (AMAZON-AES)
1 1	80.64.106.148 80.64.106.148	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	2600:9000:215... 2600:9000:2156:9800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:215... 2600:9000:2156:2400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
4	184.30.25.193 184.30.25.193	16625 (AKAMAI-AS) (AKAMAI-AS)
2	51.89.24.69 51.89.24.69	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	67.202.114.212 67.202.114.212	32748 (STEADFAST) (STEADFAST)
1	158.69.251.190 158.69.251.190	16276 (OVH) (OVH)
1	143.204.98.38 143.204.98.38	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:f000:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:e8a... 2600:1f18:e8a:cd08:3437:aff5:50c:d298	14618 (AMAZON-AES) (AMAZON-AES)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1	143.204.98.4 143.204.98.4	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
1	143.204.98.17 143.204.98.17	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.65 143.204.98.65	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	104.18.29.199 104.18.29.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
7	70.42.32.63 70.42.32.63	13789 (INTERNAP-...) (INTERNAP-BLK3)
2	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
1	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
1	2600:9000:215... 2600:9000:2156:6400:0:1651:6140:21	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	() ()
226	55

8 2606:4700:3036::ac43:b893 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.hawtcelebs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.71.249.118 (United States)

ASN20093 (ZEROLAG, US)

udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:507 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 184.30.21.80 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-80.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

hb.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

api.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:7400:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

bid.underdog.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.27 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.18 (United States) 3 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.185.194 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (United States) 1 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.109 (Ascension Island) 1 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:ba00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.24.241 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-241.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.45 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.149.243 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.135.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de

hal900015.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.131.233 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21037.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.122.14.34 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.89.121.91 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-121-91.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.140 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.230.12.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-12-180.compute-1.amazonaws.com

sync.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.148 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru

google-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9800:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2156:2400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.25.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-193.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.24.69 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip69.ip-51-89-24.eu

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.114.212 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.251.190 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns546644.ip-158-69-251.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-38.fra50.r.cloudfront.net

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:f000:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd08:3437:aff5:50c:d298 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-4.fra50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-17.fra50.r.cloudfront.net

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-65.fra50.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.29.199 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:6400:0:1651:6140:21 (United States)

ASN16509 (AMAZON-02, US)

d1oykxszdrgjgl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (None, )

ASN- ()

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	doubleclick.net 6 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net 5994599.fls.doubleclick.net stats.g.doubleclick.net	229 KB
31	googlesyndication.com pagead2.googlesyndication.com 83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com tpc.googlesyndication.com	244 KB
26	demand.supply live.demand.supply api.demand.supply	38 KB
16	ampproject.org cdn.ampproject.org	322 KB
13	google.com 2 redirects adservice.google.com www.google.com	2 KB
11	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-nydc1.outbrain.com mv.outbrain.com	180 KB
9	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	8 KB
9	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	89 KB
8	hawtcelebs.com 1 redirects www.hawtcelebs.com	64 KB
7	consensu.org quantcast.mgr.consensu.org test.quantcast.mgr.consensu.org audit-tcfv2.quantcast.mgr.consensu.org	178 KB
6	google.de adservice.google.de www.google.de	2 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net hal900015.redintelligence.net	10 KB
5	pubmatic.com 5 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com	2 KB
5	adnxs.com 3 redirects secure.adnxs.com ib.adnxs.com	4 KB
5	quantserve.com secure.quantserve.com pixel.quantserve.com	21 KB
5	gstatic.com fonts.gstatic.com	125 KB
5	udmserve.net udmserve.net	7 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
3	cheqzone.com ob.cheqzone.com obs.cheqzone.com	21 KB
3	quantcount.com rules.quantcount.com	1 KB
3	underdog.media bid.underdog.media	149 KB
3	vntsm.com hb.vntsm.com	256 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	clean.gg i.clean.gg	15 B
2	yandex.ru 1 redirects mc.yandex.ru	65 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	dtscout.com t.dtscout.com	3 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
1	cloudfront.net d1oykxszdrgjgl.cloudfront.net	38 KB
1	privacymanager.io geo.privacymanager.io	595 B
1	rlcdn.com ats.rlcdn.com	61 KB
1	amung.us whos.amung.us	146 B
1	smaato.net 1 redirects s.ad.smaato.net	439 B
1	rutarget.ru 1 redirects google-sync.rutarget.ru	578 B
1	advertising.com sync.adaptv.advertising.com	14 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	583 B
1	fksnk.com 1 redirects fksnk.com	619 B
1	simpli.fi 1 redirects um.simpli.fi	706 B
1	contentspread.net cdn.contentspread.net	25 KB
1	googletagservices.com www.googletagservices.com	37 KB
1	admanmedia.com cs.admanmedia.com	469 B
1	admixer.net 1 redirects inv-nets.admixer.net	500 B
1	technoratimedia.com sync.technoratimedia.com	297 B
1	googleadservices.com partner.googleadservices.com
1	googletagmanager.com www.googletagmanager.com	36 KB
1	waust.at waust.at	6 KB
226	48

	Domain	Requested by
22	live.demand.supply	www.hawtcelebs.com live.demand.supply
16	tpc.googlesyndication.com	www.hawtcelebs.com securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com
16	cdn.ampproject.org	securepubads.g.doubleclick.net
16	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net www.hawtcelebs.com
13	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net 83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com
13	pagead2.googlesyndication.com	live.demand.supply www.hawtcelebs.com googleads.g.doubleclick.net tpc.googlesyndication.com 83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
8	www.hawtcelebs.com	1 redirects www.hawtcelebs.com
7	ic.tynt.com
7	www.google.com	2 redirects www.hawtcelebs.com tpc.googlesyndication.com
6	adservice.google.com	securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
6	widgets.outbrain.com	www.hawtcelebs.com widgets.outbrain.com
5	log.outbrainimg.com	widgets.outbrain.com
5	mc.yandex.com	2 redirects
5	quantcast.mgr.consensu.org	www.hawtcelebs.com quantcast.mgr.consensu.org
5	adservice.google.de	securepubads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.hawtcelebs.com
5	fonts.gstatic.com	fonts.googleapis.com
5	udmserve.net	www.hawtcelebs.com bid.underdog.media
4	hal900015.redintelligence.net	1 redirects 83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com hal900015.redintelligence.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	api.demand.supply	live.demand.supply
3	images.outbrainimg.com
3	ib.adnxs.com	1 redirects googleads.g.doubleclick.net hb.vntsm.com
3	pixel.quantserve.com	www.hawtcelebs.com
3	rules.quantcount.com	secure.quantserve.com
3	image8.pubmatic.com	3 redirects
3	bid.underdog.media	udmserve.net bid.underdog.media
3	hb.vntsm.com	www.hawtcelebs.com hb.vntsm.com
3	fonts.googleapis.com	www.hawtcelebs.com securepubads.g.doubleclick.net
2	i.clean.gg	d1oykxszdrgjgl.cloudfront.net
2	mcdp-nydc1.outbrain.com	widgets.outbrain.com
2	mc.yandex.ru	1 redirects hb.vntsm.com
2	obs.cheqzone.com	ob.cheqzone.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	t.dtscout.com	waust.at t.dtscout.com
2	tracking.m6r.eu	2 redirects
2	5994599.fls.doubleclick.net	1 redirects www.hawtcelebs.com
2	secure.adnxs.com	2 redirects
2	secure.quantserve.com	udmserve.net quantcast.mgr.consensu.org
2	83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	d1oykxszdrgjgl.cloudfront.net	hb.vntsm.com
1	de.tynt.com	cdn.tynt.com
1	mv.outbrain.com	widgets.outbrain.com
1	odb.outbrain.com	widgets.outbrain.com
1	cdn.tynt.com	waust.at
1	www.google.de
1	geo.privacymanager.io	ats.rlcdn.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	ats.rlcdn.com	www.hawtcelebs.com
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	ob.cheqzone.com	widgets.outbrain.com
1	s4.histats.com	s10.histats.com
1	whos.amung.us	waust.at
1	widget-pixels.outbrain.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	s10.histats.com	www.hawtcelebs.com
1	s.ad.smaato.net	1 redirects
1	google-sync.rutarget.ru	1 redirects
1	sync.adaptv.advertising.com	83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	fksnk.com	1 redirects
1	um.simpli.fi	1 redirects
1	cdn.contentspread.net	hal900015.redintelligence.net
1	hal9000.redintelligence.net	83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com
1	www.googletagservices.com	www.hawtcelebs.com
1	cs.admanmedia.com	www.hawtcelebs.com
1	inv-nets.admixer.net	1 redirects
1	sync.technoratimedia.com	www.hawtcelebs.com
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	partner.googleadservices.com	securepubads.g.doubleclick.net
1	www.googletagmanager.com	www.hawtcelebs.com
1	waust.at	www.hawtcelebs.com
226	74

This site contains links to these domains. Also see Links.

Domain
www.outbrain.com
travelcatchers.de
click.onatrack.in
www.gamezop.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2021-04-21` - `2022-04-20`	a year	crt.sh
udmserve.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-08-21`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.vntsm.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-18` - `2022-04-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
underdog.media DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-08-21`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-17` - `2022-10-05`	a year	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2021-04-20` - `2022-05-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
contentspread.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
histats.com R3	`2021-10-27` - `2022-01-25`	3 months	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.cheqzone.com Amazon	`2021-02-21` - `2022-03-22`	a year	crt.sh
obs.cheqzone.com R3	`2021-10-06` - `2022-01-04`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2021-10-22` - `2022-01-20`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Frame ID: 1BEC175AF6CBEB9501398F11D96114DA
Requests: 143 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: C992A66853F69E267ED4291C70DDAA63
Requests: 1 HTTP requests in this frame

Frame: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 14CDE01BA442701D963D4FB74E3F0E2E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 9A06950A5676F8250F1343BAE932EA3A
Requests: 14 HTTP requests in this frame

Frame: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3ADD8F0C84E5BCF63115FAD8A075A970
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYuKK9lQEwAQ&v=APEucNVxDCCDDMio-w1iOZgmFUbXjwwND5xq1ylC8lY4q6MGV1GwoxNDxM9JNb02AjQu5trbQvUU-BtXkgXvQMXI7SQ8uR3qShQBGBGxDuIK3yCYnGSa1r_Q-eLkFW5FqZg2JI9565nd5QSKuOTR7u_z_bsiKIOTy9TM90KbzDF3m3m_JOhj6TN_JlJBFrOsyuU9VdmCnVReDwc9r14DPDWGVsHRSJuMDg
Frame ID: 432A9763AEFE0481CADD56E5BFF0F602
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CC2j95985XOCzIOI7RmbVMLvqxV5lLUn2AXM1PhVBTz8uadt43M7NEeWQQy2JWCLTkkNz4edE8-2iEz4AIsN6Xm5JTXByrZqeYTsLtVr-dLhJKHWBbMqHhUeg8AeKwUFG59n3gg1rRSxAHjYh4KZ36cadFig&cry=1&dbm_d=AKAmf-Ahu4bpRjG_fR9rMWQjQQEUj4HzYFGAYpr0nGz6Dzw-_7-jENdWRRwvPhwHoYTzVG7M9tK_8EvE8jnikIhyEardq2CDC6VbtpxqM4nsPRLpiUlo8M_eF7qZu901fqYuyNouIxicfnfhZtQXlBnza23J5scckd6fgnxr-g1dp5XM_gAb7bQL0jdNEJcZCbDipzq2f177u-j_4WgrwhtiF-mo5b1jQu2nomP-xkQ4L3U13mODrP8XhIooWu1wXQGTteeJjqzPNKI-Z-sjDa4QmsKDgW6H1_ntvStmf6XJ5dJ8L0ypZIbZD60e8-SRdbjbltCHKJBlO5HC4Gi5fj92rYwaaJkZcUnbOxb16O3SYvXbRTaTt2oD4FMjFh0ArEZAdB2Qz7In632-7oDbN-y1-Cv3g76HqjuvBw7axpMcdcazLLFmHxjZsA8vMbdABwXzYGqqyPKW63skFso8eRoP1yBlFSaRwDd82hkT-JSd_-kzVN8rdr3sJHVPGwbXcbKJGGfzwDu2dC4Vm_1BOycKKmKh9Y84AVLrIIIzJWXNf8ozKmUa7M-bqIApWOr8sTZgY3RNAFuZQGdrRz-JYSAq5s2r72BMDtAgoCGrQYpX8DyPR6tmo8PGacYwrfFvbR3UTiN2HOn-ez-YHyRX2n2k1kRkY6oh2u_wscntutRjZXzUWPHAXEUCYiOFo7EFM4lRsFSEfBu2DzkJfsCXpP-f0Hq2F0oB1XSNd3Xqcf09co3nSwCdALTvlXkUFPG8mar7VAvsTOhGvBXfgHGkq0X3nqEYpO8ZvHTn-SAS3YZCx__mv-7lG0iTkIaTEN8ARNqjc1PkIswNsG_NNwmIcplTMqr6DXrnfHaqeoXhDWMAO292JGjb2xmbmTdLDkK5wYEENQP8LKLSmnzxGs0mpUryMM8agYkg332m7ojRrh7dgCyR7petuW0pUSnZw71DVTl772gU58JqpWnxrO5Nys9EdLSzACsvs52a2-tVYk7vDFUmURbD0_VcFHcUUZPQUTEQvXsWpFYDS74ScBQ8Die0NKp4T3OiCz1DP9oyz_oNYk43kJZIcDelx5C-cUONwjXzy9AL-cC7Lzq7kv2P-qg2ghXWMdrdKEwI5dM7sGDanJasL15VJV1nk0qhPLE27B9pGJF1vj8QY3tebzz8PfEs2PycA4Gk7KRR2QzvTN0qylbMGDxKlU-eOrGUbuzpzZtXCvJoAp5s54CzM8zD9aFHL1iZVr_gpuFhPdu_-kqYxaH_DJbWRJdGi9n6T52TBv1v7gb43Ny1EQsZRACTZe7Kx37LA5PsH8L_9d56yWbGYi4oN3AKxasEur6FjzDJc1VOfTkNXgQieS0DyY7NK-DMR2bvs2GXV37jTecwJWk2tqpoQYcCRn_DP99grrSQcGSf4nU7rZtVeo2j5AlcFOkp9f2ruvXizFZq0fiRw04tD-TZ-z312hE1E5Pkg2FFkUgSQLa30XC9tLI3T0viuslarRIqhgTn5GGaTz9zm_iALYfZLdm4XzsMwLVCTcgqJW0dcUydWcZ1PUo-yoUtvp7cyIncIhuldyTMcc-_zbfaGXx2pcJt5Sx7_YF5A2fYHW-pDeQ3DU9KLAZ5NbJiwuDmD1M4HHYWLY-mHigMT3eEgSy8ttDFFEcDLaVWhvcBtO3TYpia-4HLnes-D1tt5EE1rzRXaIDxZfNO4sDtpf6Bb7IaxpkcQVPec1s7CRtk2d55Nh6kK2X9hURQ9i73BnD_O2NfRlSdk2E3I6B7HLmhRoq0TxD0XVGw4ejo2FqVRVFG6dJD8Dmr9iWHIPuSydAw_TR04cgOhfkSE-25AEEJm6YSi5Ir2-7UWNVShac29Esq-e3gSPfDd9ntmV_Q4yVUcOM7w_XXkj5WDVzxKvhDNqmh7Chc39pXY0o1ns1iDWWZTf8YVDk8UyxIMSMQ_59eFJ-qwsvOToCczmf6kJyQNaBOvmBA4URMtfU4LcjBkoJ1oZaDc7TBMrSvIQn7BwDnfRU9VONwfEqIgkP5VIZng4H5hiVg-KrrCZ8ueRjHzKaZxGwv9DAcWrdl-gA53G-bvDYvrTAyRxtIew9wqnsu327_ChVij7T4i7lnzjjTwliNk1UW1MFL_ha6BTjpTcN8lvgMoXEjlAu_4gPyC5Gtay7V-YVW2zi062_zH-D_DyhtQAW6L4XBybxHjywS89n-rvlM0FmxeL_DcRxuOamlbVX1p6b6HaTYuJZ_5L5vMFnko7beEw3pIjKTHeGrF_L-2KonqNEegrKihI8yZVdk6wk56najyRIEg5DsLTJ97tkVZQf_fhhNazWLZ4YmzVBoMfBzSoalw42OyYLU9f6JQ-ixnwFig_k9CCQEf55UxddObmOzxne9jGw0FC5qZy-UWBU9TbjevuoIsaRdqfPEiqPiFMfnbbxu4NRSbIDHuDJ_jLSP_iXI6No8T6-uGlaMjDQoKkiQsjI8cJqmhA8b6e11cddligPsSuuRtuM-ZxKKtaOaXs83BpMazbIr4fx9f-dL2paKI15f_4yNsxeNGOMT2otkwlTLCMCtYYJuolh1q21OI4LTXi9gROp5E0dKsLTAfWtZZt51E5jFF_Li6z7NekulRh4084NYdqBgy7iY8z21dHSoxNnN4NjMrKIBeUTo9EsBrtfDi9fNg9EsxxiQEdR0gnbsyqTzNT3tCASwYpjyws24ffKbox0VNhCwouMf4xIgD-5yLZ0rKqcjEWVKcWMxlQrEzfg6buje5gBbHy3pxjT_203PKRMT4xv9v6EVVEf8zsefQsrtfTEexEXrwlFowv3kxla0_CTZZvalBTbYEdmPa2ZxFZqvu94C82ud5E-3oPJ9U-mnAYePzUvWdIigcyRA3MMy08pjV6NyiCHVWUbww4A_AylAhEJqjbL4zbjK2HPSIrPuzPfRY0qwutIwJi8wQTN3obgUICPj1JVqC79N4gwQA1jwovMg0Zys3gHhSDtvr6oQi-HNhtiLytiPUfREwbIRzdD2JwxIJF9F7SKRQFRjuN1xKoaY7cvo6ohBWb9B5cS0i_8ezfGwCZgA07s76OsoGRzFJQwDuaRSl4Z5ffeQ6sCvlvkXfXlr8XO9ICYB2KtvI-l_N1fsuUEqC-wj3NxV8cMRvtEev6-y73Y9nR_rwcWCyPinmP4twg_9uqVKNH5qgCKVxiGWVLcsjfQUy6d9thk-JWTWfpnKTJ9mU2m56MXGCJ8_WpealC3wI5Ec_qHg0qMmFXlcWAx-DaGANXYmq6AQxYep8_cyKKlLVSxvIx-xoPDuRh3ObBmxgzSPoDs_YJXpKqSUOQDgvcMoFHfQoezJhf4e028uUB_PhxFV7i2MUDb7TZJDeSSXz4-6awwUx1iPHEldxGqsRFQ&cid=CAASEuRoi08K_tV3iRrHlVrLVbKhpw&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Frame ID: 94A3D03A29404510D070116875CB35FD
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 23B9277A40DFE34557A00C9A7AE91B97
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 2CDE4E1D300FC8E8F9621E0A3BD6D5F7
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5CA0320FCB39D615C510CA7654924477
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPuymriCrPQCFYSEhQodTsEJsw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7760067956100.017
Frame ID: 42BD7CDE47748E9D5D49348A7960CEB6
Requests: 2 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=27625900089095001084714011786015&a=c113f24d
Frame ID: 1BC433C9BDCFC28D35C663A9E79E09E1
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 62B415CD4D828BFE310F40F28A9A6B50
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BA1B4BE0FAF30BE6CE52897E9A951455
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FDCA412B2B0141B9C9CE4E3566AE008C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found – HawtCelebs

Page URL History Show full URLs

http://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017 HTTP 301
https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017 Page URL

Page Statistics

226
Requests

92 %
HTTPS

40 %
IPv6

48
Domains

74
Subdomains

55
IPs

10
Countries

2244 kB
Transfer

6351 kB
Size

63
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://travelcatchers.de/index.php/2021/03/22/das-tiefste-loch-der-erde-wurde-versiegelt-nachdem-experten-geheimnisvolle-fossilien-entdeckt-hatten-2/?utm_source=ob-00a0ca2b993aae0efb129653a5e38e9a77&obOrigUrl=true
Title: [Bilder] Tiefstes Loch der Erde nach… Trendscatchers

Search URL Search Domain Scan URL

URL: https://click.onatrack.in/c?o=15060657&m=3376&a=91755&mo=ON1&obOrigUrl=true
Title: An Insightful Webinar for… Tortuga

Search URL Search Domain Scan URL

URL: https://www.gamezop.com/g/rkWfy2pXq0r?id=3025&obOrigUrl=true
Title: Fruit Ninja (2021) Best free games | Play and earn | Play and win | Gamezop

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017 HTTP 301
https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.9572078 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.9572078 HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;apnid=3261607854599123216;cb=0.9572078

Request Chain 42

https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.9572078 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.9572078&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDhBNjY0QTUtQjlFRi00MzgxLTk0M0QtM0RDNzk3MTdCNjE0&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDhBNjY0QTUtQjlFRi00MzgxLTk0M0QtM0RDNzk3MTdCNjE0&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D08A664A5-B9EF-4381-943D-3DC79717B614;cb=0.9572078 HTTP 302
https://udmserve.net/udm/fetch.pix?pmid=08A664A5-B9EF-4381-943D-3DC79717B614;cb=0.9572078

Request Chain 44

https://inv-nets.admixer.net/adxcm.aspx?ssp=F74A1705-8854-4390-959E-C24FA4349F88&rurl=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Badmix%3D%24%24visitor_cookie%24%24%3Bcb%3D0.9572078 HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;admix=deacbd6cf19b4c55abc7493d7e363d64;cb=0.9572078

Request Chain 83

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDocjWNXODi5UDzUIyCCuWA&google_cver=1

Request Chain 118

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZuTeW-jjcaUJ19h34OjUwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDocjWNXODi5UDzUIyCCuWA&google_cver=1

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHuKBeQL5yRa05j0mGsIZcA&google_cver=1

Request Chain 120

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI2MTYwNzg1NDU5OTEyMzIxNg%3D%3D

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 132

https://hal900015.redintelligence.net/request.php?zone=xhwrmj44o767&nw=20&renderingType=javascript&namespace=8847f9a957&subid=&uid=3b0074a57ad10dcb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3tZQeJObYYv5I4Ll3wPGgJqwA7XN-YNXvNu5q-UM8C4QASCVm8ohYJXaooKwB8gBCakCbeMVdQnmsj6oAwGqBPcBT9AzW8L-sDYE4n1V-NMjK_SYAgOEayU2Os4Dv3Cb_6xytTE4Cf72ytOEBNBTf9K1ADu87JW-QXQ3V7sXaU1FgIP6yGw6SjzsVITiV797-znznmKFb0d2ykB5QHrMHfDqnHtoJuO4Jfp08-iaRscjUQ5-F63ys6O7StZzbNxYSQ0sy9fS1HFqa96VLAgZG2um8n3US1-nzEQyMG-Au6Yr287tD1Abj-McIbKBNEgKNjjVE8O2Vdp9NBsmFnarU-BefNxfGRip70BUhJyMaPgs99MqduXflQq-HhjkzGZcytHFJ4TNTKBH0s59sdKG0xp8iU2To-fjfcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0NjgwgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoi08K_tV3iRrHlVrLVbKhpw%26sig%3DAOD64_3inC0ojv7-5Q_V5faFBAKmr4Cdeg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-A5Tsg-4Lct3KCErubOyohlgcTLl3gJbJ40ciAYfvwTWNaqgSwfGqMac8EFaB0nJKum8zYO0kamTrNLk7TItD0fI3xYEvJfxLx9rpLslbbPd2LFGDWGN-zoZSc3VGrXn4iNhPHR-K5nVdoBwK4G20CPl5M_Pw%26cry%3D1%26dbm_d%3DAKAmf-CYhfeulILK23DvWDzVoHlHY44l0Ka6dbMa0LCATLom48c7tPT6ZRlz8HEDCwNV4vRY_eH1GriqWsjXTPQA4wLNX9tu4ISDzA4XMa7CNu-pqM9RBWpjdlkKdml-KqYy6-mEwb4DIStMHxTPFSMagEnhj5SKUp-tg_y9xBlEeJuMM9s5BUy9myjIIHH9qpfdwKMU-Z5yA5pBUYGqtHb87rgqRLyAVBQQuNbJN3blGN7AwnaDgxJiuv5ormhTfvr59WJFPVS2gYdcJDEMb7suuit0syhT0H9mvqwwqCyKr_8DKAR1MXbrwHb3PLcZZlQB25acNxjOdYOUm-SzCHkrBs_QtPOh4gKdur-NtnkNbBapUSsdSxGVyXHTs2x6yloExYGMnZ9fO1p-oKKBbzbgvfllJlGdIWRE5gmhTp7mBrpEsqzGx-1W6YqTIo5nPSn3HtfT7fzVHezQ7Uwm6qnpKHg27CDZ0sK6_4f6JiLkn2DFETGvfPQjDYvmxQ4KyPfxHRJBaAdI%26adurl%3D&documentReferer=https%3A%2F%2F83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.hawtcelebs.com&random=2752114816211&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900015.redintelligence.net/request.php?zone=xhwrmj44o767&nw=20&renderingType=javascript&namespace=8847f9a957&subid=&uid=3b0074a57ad10dcb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3tZQeJObYYv5I4Ll3wPGgJqwA7XN-YNXvNu5q-UM8C4QASCVm8ohYJXaooKwB8gBCakCbeMVdQnmsj6oAwGqBPcBT9AzW8L-sDYE4n1V-NMjK_SYAgOEayU2Os4Dv3Cb_6xytTE4Cf72ytOEBNBTf9K1ADu87JW-QXQ3V7sXaU1FgIP6yGw6SjzsVITiV797-znznmKFb0d2ykB5QHrMHfDqnHtoJuO4Jfp08-iaRscjUQ5-F63ys6O7StZzbNxYSQ0sy9fS1HFqa96VLAgZG2um8n3US1-nzEQyMG-Au6Yr287tD1Abj-McIbKBNEgKNjjVE8O2Vdp9NBsmFnarU-BefNxfGRip70BUhJyMaPgs99MqduXflQq-HhjkzGZcytHFJ4TNTKBH0s59sdKG0xp8iU2To-fjfcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0NjgwgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoi08K_tV3iRrHlVrLVbKhpw%26sig%3DAOD64_3inC0ojv7-5Q_V5faFBAKmr4Cdeg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-A5Tsg-4Lct3KCErubOyohlgcTLl3gJbJ40ciAYfvwTWNaqgSwfGqMac8EFaB0nJKum8zYO0kamTrNLk7TItD0fI3xYEvJfxLx9rpLslbbPd2LFGDWGN-zoZSc3VGrXn4iNhPHR-K5nVdoBwK4G20CPl5M_Pw%26cry%3D1%26dbm_d%3DAKAmf-CYhfeulILK23DvWDzVoHlHY44l0Ka6dbMa0LCATLom48c7tPT6ZRlz8HEDCwNV4vRY_eH1GriqWsjXTPQA4wLNX9tu4ISDzA4XMa7CNu-pqM9RBWpjdlkKdml-KqYy6-mEwb4DIStMHxTPFSMagEnhj5SKUp-tg_y9xBlEeJuMM9s5BUy9myjIIHH9qpfdwKMU-Z5yA5pBUYGqtHb87rgqRLyAVBQQuNbJN3blGN7AwnaDgxJiuv5ormhTfvr59WJFPVS2gYdcJDEMb7suuit0syhT0H9mvqwwqCyKr_8DKAR1MXbrwHb3PLcZZlQB25acNxjOdYOUm-SzCHkrBs_QtPOh4gKdur-NtnkNbBapUSsdSxGVyXHTs2x6yloExYGMnZ9fO1p-oKKBbzbgvfllJlGdIWRE5gmhTp7mBrpEsqzGx-1W6YqTIo5nPSn3HtfT7fzVHezQ7Uwm6qnpKHg27CDZ0sK6_4f6JiLkn2DFETGvfPQjDYvmxQ4KyPfxHRJBaAdI%26adurl%3D&documentReferer=https%3A%2F%2F83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.hawtcelebs.com&random=2752114816211&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 136

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7760067956100.017 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPuymriCrPQCFYSEhQodTsEJsw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7760067956100.017

Request Chain 143

https://um.simpli.fi/gp_match?google_gid=CAESECZWYzJFHtvhUyTqABvIo2U&google_cver=1&google_push=AYg5qPJxXd8HdZnD5-gR8-07j3_1G55NdIlyH3nvgFV12wOpt84GMJqDTV0mMVcH5m2p616T9fnlXor1_oQ50FXKDGSVspeLNQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C1321A95A3E04867B9F37507EB889175&google_push=AYg5qPJxXd8HdZnD5-gR8-07j3_1G55NdIlyH3nvgFV12wOpt84GMJqDTV0mMVcH5m2p616T9fnlXor1_oQ50FXKDGSVspeLNQ

Request Chain 144

https://fksnk.com/cs/google?google_gid=CAESEN10B8DDIJs_LxKUevtmwTM&google_cver=1&google_push=AYg5qPJxj4UFL07EK6ahgfQIh8X7uODNObnaRnL4aOr3oczSZYKRCnKChCYRWBnkqMsvMKCKVXRHx5zcVGCy655Pz4JuJdyqGxM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzIwQ0E0QUM0QzdENzJFQQ==

Request Chain 145

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC3Yks169Rtdl9kLmaMZxiY&google_cver=1&google_push=AYg5qPIRKt3M9DnOj_7tNiBHgcx6eHfKs518ZLuaYjDv8RpPX7tUmfiS4FZhOjklUcfrDVOCsIMGaZAmehaC0R78mMbmH1nKH34 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMzM3NzM5MDk4MTAxOTc5Ng%3D%3D&google_push=AYg5qPIRKt3M9DnOj_7tNiBHgcx6eHfKs518ZLuaYjDv8RpPX7tUmfiS4FZhOjklUcfrDVOCsIMGaZAmehaC0R78mMbmH1nKH34

Request Chain 146

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEM_8nfgXTCfH1I9esKt4rj4&google_cver=1&google_push=AYg5qPLukCsb83d-KtzZgrmJQKL7aT0Or3wkAv6fRXhq-5aCegNNvIW_z6Xle8UJ29YAg3lu9FplMQanXhaEajQTb23ZlfZzvbo HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEM_8nfgXTCfH1I9esKt4rj4&google_cver=1&google_push=AYg5qPLukCsb83d-KtzZgrmJQKL7aT0Or3wkAv6fRXhq-5aCegNNvIW_z6Xle8UJ29YAg3lu9FplMQanXhaEajQTb23ZlfZzvbo&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=AUtk3B6HUQOTiIT8s8pkhA&google_push=AYg5qPLukCsb83d-KtzZgrmJQKL7aT0Or3wkAv6fRXhq-5aCegNNvIW_z6Xle8UJ29YAg3lu9FplMQanXhaEajQTb23ZlfZzvbo

Request Chain 148

https://google-sync.rutarget.ru/sync?google_gid=CAESED2I9rC7mt9O7cTZDNoPFz4&google_cver=1&google_push=AYg5qPI7snLx9c3Z4uNZcdCpNLS9R-RBx9SxGrt0WSMg8i7tjBBfZfud7dkXYfELndaxjNFWfrjxb7k3nEmPxHREsVKj6jxaYaA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=WE9uN3owTFdJcjEx&google_ula=2046794&google_push=AYg5qPI7snLx9c3Z4uNZcdCpNLS9R-RBx9SxGrt0WSMg8i7tjBBfZfud7dkXYfELndaxjNFWfrjxb7k3nEmPxHREsVKj6jxaYaA

Request Chain 149

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKLUeywmazytI0_DfkCMGjE&google_cver=1&google_push=AYg5qPKlPoTPo2rNiNecmxtIl-yDE981P4-keOLkC-0jvi9L4b8RBXOazjqCr3BB9IA96s9OHUusyFEKHbsaGvN0nqWC67_8HxQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKlPoTPo2rNiNecmxtIl-yDE981P4-keOLkC-0jvi9L4b8RBXOazjqCr3BB9IA96s9OHUusyFEKHbsaGvN0nqWC67_8HxQ

Request Chain 195

https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9465.k5m8GSPcwWeNTSwRAVoS-gfa2eYRh-qm-c0mxqO7I1MdUvwjKAWJPTjeEpLOO-dl.b06VoeMZe9nxmI8-Uzn_IqDPqtE%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9465.YqqPLPLBg01nAJ21stk_GhS6_EYAN0nTs8DXadj2fMdsRLFxxv3HZvFiwmlvStV3fa8cwxLAbA3h6KSCd_4EAw%2C%2C.SU4rTeSPHbS5oa50OImX5hsXNUw%2C

Request Chain 206

https://mc.yandex.com/watch/86335730?wmode=7&page-url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A419%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A655695352709%3Ahid%3A698371612%3Az%3A0%3Ai%3A20211122125626%3Aet%3A1637585786%3Ac%3A1%3Arn%3A284610242%3Arqn%3A1%3Au%3A16375857863684979%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637585783344%3Ads%3A0%2C45%2C185%2C3%2C77%2C0%2C%2C20%2C0%2C2140%2C2140%2C0%2C366%3Adsn%3A0%2C45%2C186%2C2%2C78%2C0%2C%2C20%2C0%2C2140%2C2140%2C1%2C366%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637585786%3At%3APage%20not%20found%20%E2%80%93%20HawtCelebs&t=gdpr(14)ti(2) HTTP 302
https://mc.yandex.com/watch/86335730/1?wmode=7&page-url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A419%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A655695352709%3Ahid%3A698371612%3Az%3A0%3Ai%3A20211122125626%3Aet%3A1637585786%3Ac%3A1%3Arn%3A284610242%3Arqn%3A1%3Au%3A16375857863684979%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637585783344%3Ads%3A0%2C45%2C185%2C3%2C77%2C0%2C%2C20%2C0%2C2140%2C2140%2C0%2C366%3Adsn%3A0%2C45%2C186%2C2%2C78%2C0%2C%2C20%2C0%2C2140%2C2140%2C1%2C366%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637585786%3At%3APage%20not%20found%20%E2%80%93%20HawtCelebs&t=gdpr%2814%29ti%282%29

226 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request maitland-ward-beverly-hills-%2007132017 Show response
www.hawtcelebs.com/
Redirect Chain

http://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

15 KB
5 KB

231ms
186ms

Document
text/html

2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da01a6397c71b4499e3c842879b1312d6e4dd6b775044d3b87c82a83663fba35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 22 Nov 2021 12:56:23 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.hawtcelebs.com/wp-json/>; rel="https://api.w.org/"
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydF%2Fn1mHXn1KomS7akLGCu%2B6fBBhe04ki2QlMz%2BC%2FFlZ8E8ViMuVQ0JNBmTgsj49%2BaHefFkyv0NwUY79j6Wj3c7HtW0cBrnqVRf%2Fpp74XQhMmA%2BEqTasMslDGwvAUiEVoNMKg9aE%2Bcl76FF%2BnR9D%2Bp8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b22514abe715a1f-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Mon, 22 Nov 2021 12:56:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 22 Nov 2021 13:56:23 GMT
Location: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7%2B1zCq7TyVxORnjOxwrXGWbV7%2FS0pmmCHfcCIHHPlci%2FyzF%2BQRvbnHcfn%2BmNoOjAbfV9ZS6doe9MipNRc%2BOSZIzOzHZHEO0HcEVSnm2oS00d2q90%2FNtSxkJ7nSkXw9nqDjuroLly56y%2B8tkrv90YAU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b22514a1ca359d7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 main.css
www.hawtcelebs.com/wp-content/plugins/spotim-comments/assets/stylesheets/ 72 B
492 B 30ms
28ms Stylesheet
text/css 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hawtcelebs.com/wp-content/plugins/spotim-comments/assets/stylesheets/main.css?ver=5.8.2
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ce5b1f55889bf23d3cfe3f0497d38eb8facf496ffa63e59f7f8848b79d72a1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 976736
cf-polished: origSize=98
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 25 Jul 2019 19:28:55 GMT
server: cloudflare
etag: W/"5d3a02f7-62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqNvIGrWwcExmVfHi91ZduXnwKrea9v1AGFw70GK0YiBOd2MzxPD2CCrrj7tqsgWZVlM87rRRbjJ644GsVy18OxZcvNBj3PvEY2sLUFX5uI3LcbX2oko95LpSvI6QgV6%2Bf%2FoNrVqZ2ipJz2e3rL7hi0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 6b22514c0ab25a1f-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.hawtcelebs.com/wp-content/themes/hawtceleb/ 15 KB
4 KB 31ms
29ms Stylesheet
text/css 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=5.8.2
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af0d6570462dee3c3937e8694b2ee98ea78313219976105080e94680c29769ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 976736
cf-polished: status=cannot_optimize
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 26 Aug 2019 09:10:58 GMT
server: cloudflare
etag: W/"5d63a222-3db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMqNIoaTuGW6zxlcBktgPtGMG8Aq43YbVB%2B6vi4xIXHG%2F5e75zuDCyYEoNQhiSTP907qjqWPqFOjL9tfsfzvOmJSBbgXzxSXx2bGo8sThhRCmpOHFQTqLlURlu3OOprw0M%2FEgxo67NDg%2FA3z3BpsAno%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 6b22514c0ab55a1f-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%2C700i&ver=5.8.2

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0882fe11baf5c777266a9ab3f14aa451432c7099158b2d69b3515ee5c8e66d4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 12:01:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 12:56:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 12:56:23 GMT

GET
H2 200 dd-multi-col-cats.css
www.hawtcelebs.com/wp-content/themes/hawtceleb/ 238 B
490 B 29ms
28ms Stylesheet
text/css 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hawtcelebs.com/wp-content/themes/hawtceleb/dd-multi-col-cats.css
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40dcd59c23d9ed6f0fbaeefeb57c78543b487ad93c49f5f74b89dd85b0ea278

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4988379
cf-polished: origSize=313
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 10 Jun 2019 10:27:20 GMT
server: cloudflare
etag: W/"5cfe3088-139"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0RsPwDJ3nD0C61AESbZIRPYczSSK%2BomfxDOKua7nWxtQipWRqqC3Zs32dyO0D6X%2FC8TByrmMmWTW7E%2BA2Vc8fYkgRVhCOiZbG%2FgsvCN%2FBB85kNfv5fgmudPEw1Ig1rU9qHdR8siX9ZVDU0XcAfFf7s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 6b22514c0abe5a1f-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 4 KB
3 KB 283ms
235ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa5d43c5b6285e57558482c60da61f12434bc7a1f18694c33a410fbd340aa78b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FMWDZHWEPPMWGNQNZKESSP67
date: Mon, 22 Nov 2021 12:56:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 365
cf-polished: origSize=3935
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
etag: W/"59de6717fa079a1bdca61971e7fc88e1-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 6b22514c5c8d3759-MXP
link: <https://live.demand.supply/impl.v14.0.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-0-0/d3d3Lmhhd3RjZWxlYnMuY29tLw==>; rel=preload; as=script

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 28 KB
5 KB 590ms
153ms Script
application/x-javascript 68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: 0d45ac4e51dbe7532f569df196c3699fed1452e20a9c1ab1eb505a319ade7216

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 12:56:24 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: application/x-javascript
Expires: 0

GET
H2 200 rocket-loader.min.js Show response
www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 30ms
29ms Script
application/javascript 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Nov 2021 01:22:51 GMT
server: cloudflare
etag: W/"6196fc6b-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FT3GnRWSujFXKEEm56vkxHnkDIp5RHL4TISmFxOyaKPjRUEEtOiUNl6BHdBrdjh%2F1LvCW5c%2Bp8LW%2ByjFxCkyj7k0s5e9cp%2F%2B4v2Tt03XCykmN1lAV9xUyco8DAiNnyDvss7%2BARHA6FDXsuPCEuJ%2Frw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b22514c0abf5a1f-MXP
vary: Accept-Encoding
expires: Wed, 24 Nov 2021 12:56:23 GMT

GET
H2 200 c.js Show response
waust.at/ 12 KB
6 KB 90ms
38ms Script
application/x-javascript 2606:4700:20::681a:507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/c.js
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3398
last-modified: Mon, 03 May 2021 17:48:39 GMT
server: cloudflare
etag: W/"60903777-2f8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BG2A71oN1gGLUpNoRadJ%2BHcZMJcWmVoWITX0On5q7r1B8FCVaSVphODP8UD0SfnAXTG34iO1lnLw%2BoG%2FaoiXKbWkW04mylH6%2FrRZFxfRE1WZQ49BmslbTQePGEcjv%2B7VXbJlcx0H"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6b22514c8b8d3742-MXP
expires: Tue, 23 Nov 2021 11:59:45 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 187 KB
65 KB 42ms
8ms Script
application/x-javascript 184.30.21.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0ca7ac572e91f48a9f91fed11122240caad074164d0fd0c33125f8b72637fc66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:23 GMT
content-encoding: gzip
last-modified: Sun, 21 Nov 2021 09:09:23 GMT
etag: W/"2ece6-HPm/3NuZ3l1vMem8JrwVbR4ruTM"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 5674a3ccf8b79db3669aa9be56c8f227
timing-allow-origin: *, *
content-length: 66465
expires: Mon, 22 Nov 2021 16:56:23 GMT

GET
H/1.1 200
OK ad-manager.min.js Show response
hb.vntsm.com/v3/live/ 840 KB
249 KB 45ms
12ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 0149d432d10370d1df76494be44f3c6e123003506f9efda701496cb36e4e31b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 12:56:23 GMT
Content-Encoding: gzip
Venatus-CDN-HB-Rule-Version: 1.1
X-IP: 193.27.14.26
Content-Length: 254565
Last-Modified: Thu, 11 Nov 2021 14:44:29 GMT
Cache-Control: max-age=271
ETag: "fb1b133fcb1663e51e5ae468546fa472"
X-HW: 1637585783.cds124.fr8.hn,1637585783.cds131.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Geo, Content-Type,x-bl,x-geo-subdivision
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Geo,Content-Type,x-bl,x-geo-subdivision
X-Geo: DE

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 41ms
19ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-10995097-8

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d928a04b7eb464006b49ca87495cfc57723be2d6d4e9460abbc9336d79fb588

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36151
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Nov 2021 12:56:23 GMT

GET
H3 200 jquery.js Show response
www.hawtcelebs.com/wp-content/themes/hawtceleb/js/ 95 KB
35 KB 58ms
57ms Script
application/javascript 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hawtcelebs.com/wp-content/themes/hawtceleb/js/jquery.js?ver=1.0.0
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4987951
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 10 Jun 2019 11:28:48 GMT
server: cloudflare
etag: W/"5cfe3ef0-17a62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbFSLlZun%2Bu86%2BVJrWZ0%2BJNCx1ndaoDRDSyMzJnO1QSO1%2BPaOjg15yhlUlaxmmJ4%2FjMpD0yN3mWGpeRhQ27oJcZNs3bhNPPIHrQexRk%2B2nuaM2cukV4QjxYfUzg8lJMcpYFJyXDByXxK7Y1adiqZbBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6b22514c4e12374c-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon.ttf
www.hawtcelebs.com/wp-content/themes/hawtceleb/fonts/ 14 KB
15 KB 31ms
30ms Font
application/octet-stream 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hawtcelebs.com/wp-content/themes/hawtceleb/fonts/icon.ttf?zf3xc5
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=5.8.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bee4c3ddceefb6558b86e3d6bbe40326f6d67e1b0b535eb6949d570e7630d82d

Request headers

Referer: https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=5.8.2
Origin: https://www.hawtcelebs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4656
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14224
last-modified: Mon, 10 Jun 2019 08:38:45 GMT
server: cloudflare
etag: "5cfe1715-3790"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGhqEGM%2FRGwIEZBIttKdxa2h6wbEtHXf7nvVAmpXSyQtV%2F6ce9im1z%2FAoMqcXlXpaQbfjXIhLDbe6WByeAe0Kr4F65ir0IuhqwSdPjvM%2FpKdG%2BwTQ9WdkkYGToiSx3mO9AlIyQbIu56Y%2BzAZZF50VnI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b22514c4e30374c-MXP

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%2C700i&ver=5.8.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hawtcelebs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:18:02 GMT
x-content-type-options: nosniff
age: 257901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:18:02 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 40ms
15ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%2C700i&ver=5.8.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hawtcelebs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 07:59:11 GMT
x-content-type-options: nosniff
age: 536232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 07:59:11 GMT

GET
H3 200 impl.v14.0.0.js Show response
live.demand.supply/ 78 KB
25 KB 53ms
32ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v14.0.0.js
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FKEFKNZGD9ZVC0KK5CB35266
date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 1790849
cf-polished: origSize=79681
cf-ray: 6b22514deb823743-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"ce85a984a9876904f1c4ef475c2ab350-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *

GET
H3 200 d3d3Lmhhd3RjZWxlYnMuY29tLw== Show response
live.demand.supply/p4/v14-0-0/ 3 KB
1 KB 194ms
173ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v14-0-0/d3d3Lmhhd3RjZWxlYnMuY29tLw==
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad77d6c61a7c179c6c6ceaa287a2cd89a84cad7128de4551327a6f21d5ea8af0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6b22514deb7e3743-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
402 B 57ms
35ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=284&cs=c&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FJMBTCK8RRA83NE5357DKAN4
date: Mon, 22 Nov 2021 12:56:24 GMT
cf-cache-status: HIT
age: 282636
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6b22514dfdc6375e-MXP

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 59ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92ab75a629de5bddb8f5be900ddf3324c364720f5f52192a78de55817d7de9d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51230
x-xss-protection: 0
server: cafe
etag: 8397450968211422190
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 12:56:23 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 52ms
28ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

532acb79d63d12ceaa81e4e954f201661789ac6303a578a43903f9e734e3a116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1051 / 22 of 1000 / last-modified: 1637582729"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26877
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Nov 2021 12:56:24 GMT

GET
H3 200 d3d3Lmhhd3RjZWxlYnMuY29tL21haXRsYW5kLXdhcmQtYmV2ZXJseS1oaWxscy0lMjAwNzEzMjAxNw== Show response
live.demand.supply/p4/v14-0-0/ 544 B
634 B 164ms
145ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v14-0-0/d3d3Lmhhd3RjZWxlYnMuY29tL21haXRsYW5kLXdhcmQtYmV2ZXJseS1oaWxscy0lMjAwNzEzMjAxNw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ebf9646795446b469e54afd6e5242ea0f6f9dbbf0e1b001da8f79e277af0446

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6b22514deb7b3743-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
544 B 56ms
34ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FJH7Y4WMZ13AS54ZD0PBGJA5
date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 280723
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 6b22514dfdc3375e-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 38ms
23ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Nov 2021 12:56:24 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 373 B
194 B 31ms
16ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

081107d7eeb69e79efee74b771b64bda578e8fc5f5b11cd0df6d9757de32ff22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 169
x-xss-protection: 0
expires: Mon, 22 Nov 2021 12:56:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame C992 11 KB
5 KB 7ms
6ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Nov 2021 09:43:00 GMT
expires: Mon, 06 Dec 2021 09:43:00 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 11604
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 hawtcelebs.com_300x250_desno300x250 Show response
api.demand.supply/v14-0-0/a/ 311 B
313 B 84ms
36ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v14-0-0/a/hawtcelebs.com_300x250_desno300x250?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad359abf0da259594e4cfbb6f92868c0a1ed9e7806a7f35d5d0f1d1443fac49d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 484
etag: W/"137-9NjY3Kpwq/Dnm7J5pNJZ2DsVUkg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6b22514efafb5995-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 hawtcelebs.com_300x600_hawt600 Show response
api.demand.supply/v14-0-0/a/ 318 B
309 B 83ms
36ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v14-0-0/a/hawtcelebs.com_300x600_hawt600?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07c2eac652ab509c7f9b6ec28d2835b43ddda445efb42213344933ae811d5775

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 484
etag: W/"13e-JpgOndfSQmNVdXjnPXCmYPQ0QUM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6b22514efb065995-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 hawtcelebs.com_160x600_hawt160 Show response
api.demand.supply/v14-0-0/a/ 310 B
607 B 78ms
31ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v14-0-0/a/hawtcelebs.com_160x600_hawt160?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03d33ff0e445ca94b108f891fe14b1a37b0892a529e9b93294d38ce63868c1f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 6736
etag: W/"136-3fBV6rkCvKV272Ib9Ku6rKB23AI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6b22514efb045995-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 hawtcelebs.com_responsive_h_hawtfuterreshor Show response
api.demand.supply/v14-0-0/a/ 305 B
293 B 83ms
36ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v14-0-0/a/hawtcelebs.com_responsive_h_hawtfuterreshor?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd79060fc23487667adfe40d39d76df55b091d5ce93be744c521b03aa2d56dd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 484
etag: W/"131-Mb2lt8/qU74ZYeWGKN56E50J1Hw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6b22514efb025995-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 400 cookie.js
partner.googleadservices.com/gampad/ 0
0 17ms
14ms Script
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.googleadservices.com/gampad/cookie.js?domain=www.hawtcelebs.com&callback=_gfp_s_&client=44890869%2C3968751&gpid_exp=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 40ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
608 B 280ms
280ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=553049833568933&correlator=1173344992434312&output=ldjh&impl=fif&eid=31063138%2C44752586&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C05d68e4b-c539-4fe7-b7a0-36adfe74d624&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&didk=3119848368&prev_scp=ti%3D8c9fb8fb-df96-4983-bc46-d8c3f11a713b%26interstitials-bid%3D10%26bid-p%3Dgoogle%26bsc%3D70&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1637585784&dt=1637585784150&dlt=1637585783655&idt=465&frm=20&biw=1600&bih=1200&oid=2&adks=3396334874&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1025101189.1637585784&ga_sid=1637585784&ga_hid=2051351694&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

15f24ed2fb108bfb369cf2ad3d58dd262c51bbdb66b0f5e9e0c07b1e756b1528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 578
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 14CD 6 KB
4 KB 69ms
16ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 12:56:24 GMT
expires: Tue, 22 Nov 2022 12:56:24 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 25ms
24ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

5130eb2b26589edc79df541561e0c40469fdb05a7a75566a61e580e1d473254e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13503
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Nov 2021 12:56:24 GMT

GET
H3 200 hawtcelebs.com_160x600_hawt160 Show response
live.demand.supply/cp/ 27 B
293 B 234ms
234ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/hawtcelebs.com_160x600_hawt160?mlos=wi&mlbr=ch&mlla=en&mlbs=70&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 466000461b5773e9a90b9e510d3a07e5c65561eea6b43677b78fde287f33ccd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 6b22514f28da375e-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27

GET
H3 200 hawtcelebs.com_300x600_hawt600 Show response
live.demand.supply/cp/ 27 B
293 B 310ms
309ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/hawtcelebs.com_300x600_hawt600?mlos=wi&mlbr=ch&mlla=en&mlbs=70&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 466000461b5773e9a90b9e510d3a07e5c65561eea6b43677b78fde287f33ccd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 6b22514f3904375e-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27

GET
H3 200 hawtcelebs.com_300x250_desno300x250 Show response
live.demand.supply/cp/ 27 B
293 B 307ms
307ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/hawtcelebs.com_300x250_desno300x250?mlos=wi&mlbr=ch&mlla=en&mlbs=70&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 466000461b5773e9a90b9e510d3a07e5c65561eea6b43677b78fde287f33ccd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 6b22514f390e375e-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27

GET
H3 200 hawtcelebs.com_responsive_h_hawtfuterreshor Show response
live.demand.supply/cp/ 27 B
293 B 350ms
350ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/hawtcelebs.com_responsive_h_hawtfuterreshor?mlos=wi&mlbr=ch&mlla=en&mlbs=70&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d6e61cb3c4ae724badcc9c884eeade6281c998f5da1e3eef7cdcacd25219309

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 6b22514f3912375e-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27

GET
H2 200 udm-r3_Tue_11_16_13_56_35_2021.js Show response
bid.underdog.media/ 469 KB
144 KB 48ms
9ms Script
application/javascript 2600:9000:2156:7400:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/udm-r3_Tue_11_16_13_56_35_2021.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7400:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c92dc5ed84c544eb24deefdc45cfa80f6e8e1b79af6143e981356fb3f0c022d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 21:58:12 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 21:56:39 GMT
server: AmazonS3
age: 485893
etag: "4ba8ba319a0c7895cc9a8ff37e8df982"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 146704
x-amz-cf-id: hPp7lcdkH5b24hWG7ogkqxu0-Qyf68gOa60bhBNG0yr9OuY89fuGrA==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 63ms
8ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 29 Nov 2021 12:56:24 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.9572078
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.9572078
https://udmserve.net/udm/fetch.pix?dt=1;apnid=3261607854599123216;cb=0.9572078

43 B
612 B

281ms
143ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;apnid=3261607854599123216;cb=0.9572078
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: HTTP/1.1
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 12:56:24 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 12:56:24 GMT
X-Proxy-Origin: 193.27.14.26; 193.27.14.26; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 96ed54f8-68bc-4deb-937d-65a2fb6d4d37
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://udmserve.net/udm/fetch.pix?dt=1;apnid=3261607854599123216;cb=0.9572078
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDhBNjY0QTUtQjlFRi00MzgxLTk0M0QtM0RDNzk3MTdCNjE0&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDhBNjY0QTUtQjlFRi00MzgxLTk0M0QtM0RDNzk3MTdCNjE0&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D08A664A5-B9EF-4381-943D-3DC79717B614;cb=0.9572078
https://udmserve.net/udm/fetch.pix?pmid=08A664A5-B9EF-4381-943D-3DC79717B614;cb=0.9572078

43 B
628 B

148ms
148ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?pmid=08A664A5-B9EF-4381-943D-3DC79717B614;cb=0.9572078
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: HTTP/1.1
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 12:56:24 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://udmserve.net/udm/fetch.pix?pmid=08A664A5-B9EF-4381-943D-3DC79717B614;cb=0.9572078
date: Mon, 22 Nov 2021 12:56:23 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 services
sync.technoratimedia.com/ 0
297 B 279ms
93ms Image
text/plain 129.159.70.95
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]%3Bcb%3D0.9572078
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 919145628
access-control-allow-origin: https://www.hawtcelebs.com/
access-control-allow-credentials: true

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://inv-nets.admixer.net/adxcm.aspx?ssp=F74A1705-8854-4390-959E-C24FA4349F88&rurl=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Badmix%3D%24%24visitor_cookie%24%24%3Bcb%3D0.9572078
https://udmserve.net/udm/fetch.pix?dt=1;admix=deacbd6cf19b4c55abc7493d7e363d64;cb=0.9572078

43 B
625 B

143ms
143ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;admix=deacbd6cf19b4c55abc7493d7e363d64;cb=0.9572078
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: HTTP/1.1
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 12:56:24 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Mon, 22 Nov 2021 12:56:24 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://udmserve.net/udm/fetch.pix?dt=1;admix=deacbd6cf19b4c55abc7493d7e363d64;cb=0.9572078
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1 200
OK underdog
cs.admanmedia.com/sync/ 42 B
469 B 287ms
94ms Image
image/gif 88.214.206.142
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cs.admanmedia.com/sync/underdog?redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bacu%3D%7B%24UID%7D%3Bcb%3D0.9572078

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.214.206.142 , United Kingdom, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 12:56:24 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Type: image/gif

GET
H2 200 rules-p-effSsmMYCbAck.js Show response
rules.quantcount.com/ 3 B
429 B 38ms
7ms Script
application/javascript 2600:9000:2156:ba00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:45:24 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
age: 11461
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 21:04:20 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: tXdLxNxzZWXve1Y63gL5Qjqas61ehh9wXaGSjj_JDM0BPm2Tw91pgg==

GET
H2 200 rules-p-Pz67dCqdsHfxh.js Show response
rules.quantcount.com/ 147 B
601 B 38ms
8ms Script
application/javascript 2600:9000:2156:ba00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:08:12 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
age: 2893
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 147
last-modified: Tue, 27 Apr 2021 19:10:31 GMT
server: AmazonS3
etag: "f7c84b69d3abe411fbfc06992543fbe2"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: LleObrp9fuNa_BULRFriaG6wCQajxbTiVSxvF0p2qaSUa1lJaSwP-A==

GET
H2 200 bcv1.js Show response
bid.underdog.media/ 5 KB
2 KB 7ms
7ms Script
application/x-javascript 2600:9000:2156:7400:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/bcv1.js
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_11_16_13_56_35_2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7400:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59d27cf9c69877482c94985f6d0d7c55aa68a3e52abf2c13c5f7cc7688cbd163

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:33:54 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 12:30:03 GMT
server: AmazonS3
age: 1351
etag: "5b2a74a742d76db6adafe5cc3f1dcec6"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=1800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1623
x-amz-cf-id: vgdgZWS2vZxVrvx5lhqlBW155eqo203BZ_ax6bsL_HuEFy0Y7Ctotw==

GET
H2 200 pixel;r=1103009299;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017;uht=2;fpan=1;fpa=P0-543045710-1637585784379;pbc=;ns=0;ce=1;qjs=1;qv=92a367...
pixel.quantserve.com/ 35 B
371 B 20ms
11ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1103009299;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017;uht=2;fpan=1;fpa=P0-543045710-1637585784379;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=hawtcelebs.com;je=0;sr=1600x1200x24;dst=0;et=1637585784379;tzo=0;ogl=

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=160064465;labels=edge.1%2Csid.14863;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017;uht=2;fpan=0;fpa=P0-543045710-1637585784379;pbc=;...
pixel.quantserve.com/ 35 B
371 B 21ms
12ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=160064465;labels=edge.1%2Csid.14863;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017;uht=2;fpan=0;fpa=P0-543045710-1637585784379;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=hawtcelebs.com;je=0;sr=1600x1200x24;dst=0;et=1637585784381;tzo=0;ogl=

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
402 B 28ms
27ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_160x600_hawt160&pdc=-0.8712913513183594&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FJMBTCK8RRA83NE5357DKAN4
date: Mon, 22 Nov 2021 12:56:24 GMT
cf-cache-status: HIT
age: 282636
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6b225150acae375e-MXP

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 32ms
17ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
11 KB 315ms
315ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=553049833568933&correlator=2736244627087599&output=ldjh&impl=fif&eid=31063138%2C44752586&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2Cf9c1d796-ef8b-48c5-a212-9c5e01c1d981&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&didk=4281532348&prev_scp=ti%3D8c9fb8fb-df96-4983-bc46-d8c3f11a713b%26bid-p%3Dgoogle%26bsc%3D70&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1637585784&dt=1637585784422&dlt=1637585783655&idt=465&frm=20&biw=1600&bih=1200&oid=2&adxs=272&adys=164&adks=2129913826&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&ga_vid=1025101189.1637585784&ga_sid=1637585784&ga_hid=2051351694&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

62f872bccd34d2a96223b20fb97b21b1fee29cdc127b1b1468e0098755b0ef86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10914
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hawtcelebs.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
402 B 38ms
38ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_auto_interstitial_desktop&e=nai&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FJMBTCK8RRA83NE5357DKAN4
date: Mon, 22 Nov 2021 12:56:24 GMT
cf-cache-status: HIT
age: 282636
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6b225150dcf0375e-MXP

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1023 B
596 B 306ms
306ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=553049833568933&correlator=3460072291811426&output=ldjh&impl=fif&eid=31063138%2C44752586&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C542ffbc7-3cd8-4f42-9269-0fd2787d1ee3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&didk=567249318&prev_scp=ti%3D8c9fb8fb-df96-4983-bc46-d8c3f11a713b%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D70&eri=1&cookie=ID%3Dcc52b1ba5c745fdd-223a5f35f2cb003d%3AT%3D1637585784%3AS%3DALNI_MZPYmnaT-Z6FKC5ATv_HrX2wpf_zQ&bc=31&abxe=1&lmt=1637585784&dt=1637585784446&dlt=1637585783655&idt=465&frm=20&biw=1600&bih=1200&oid=2&adks=4148235607&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1025101189.1637585784&ga_sid=1637585784&ga_hid=2051351694&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9f667d43bb69fdd776b27f9fd4e6aecb53297bbaaba3899e6ad1a38b69a8c6d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 565
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
402 B 30ms
30ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_300x250_desno300x250&pdc=-0.8712913513183594&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FJMBTCK8RRA83NE5357DKAN4
date: Mon, 22 Nov 2021 12:56:24 GMT
cf-cache-status: HIT
age: 282636
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6b2251512dda375e-MXP

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
12 KB 494ms
494ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=553049833568933&correlator=3022860125981855&output=ldjh&impl=fif&eid=31063138%2C44752586&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C126ee8cb-be4a-44dd-bbca-61a2ab6e88e3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&didk=265117548&prev_scp=ti%3D8c9fb8fb-df96-4983-bc46-d8c3f11a713b%26bid-p%3Dgoogle%26bsc%3D70&eri=1&cookie=ID%3Dcc52b1ba5c745fdd-223a5f35f2cb003d%3AT%3D1637585784%3AS%3DALNI_MZPYmnaT-Z6FKC5ATv_HrX2wpf_zQ&bc=31&abxe=1&lmt=1637585784&dt=1637585784502&dlt=1637585783655&idt=465&frm=20&biw=1600&bih=1200&oid=2&adxs=1029&adys=144&adks=2208769285&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1025101189.1637585784&ga_sid=1637585784&ga_hid=2051351694&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

2be192196744c6d920eaf53a59f1b3cbf4cf297a8b992a279a44ffb8d905268c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11932
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hawtcelebs.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
402 B 31ms
30ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_300x600_hawt600&pdc=-0.8712913513183594&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FJMBTCK8RRA83NE5357DKAN4
date: Mon, 22 Nov 2021 12:56:24 GMT
cf-cache-status: HIT
age: 282636
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6b2251513df5375e-MXP

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 85 KB
15 KB 481ms
481ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=553049833568933&correlator=1001695084621642&output=ldjh&impl=fif&eid=31063138%2C44752586&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C120e6fb9-b7ae-46f4-9a5a-75588a0f4977&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&didk=1645651819&prev_scp=ti%3D8c9fb8fb-df96-4983-bc46-d8c3f11a713b%26bid-p%3Dgoogle%26bsc%3D70&eri=1&cookie=ID%3Dcc52b1ba5c745fdd-223a5f35f2cb003d%3AT%3D1637585784%3AS%3DALNI_MZPYmnaT-Z6FKC5ATv_HrX2wpf_zQ&bc=31&abxe=1&lmt=1637585784&dt=1637585784511&dlt=1637585783655&idt=465&frm=20&biw=1600&bih=1200&oid=2&adxs=1029&adys=524&adks=2276988214&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1025101189.1637585784&ga_sid=1637585784&ga_hid=2051351694&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

8a09203164e37a342dbee354566f20fe232d1ae70d0c78013b9a086941908e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15418
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hawtcelebs.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
402 B 33ms
33ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_responsive_h_hawtfuterreshor&pdc=-0.4356456756591797&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FJMBTCK8RRA83NE5357DKAN4
date: Mon, 22 Nov 2021 12:56:24 GMT
cf-cache-status: HIT
age: 282636
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6b2251517e83375e-MXP

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 378ms
378ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=553049833568933&correlator=1541098846128250&output=ldjh&impl=fif&eid=31063138%2C44752586&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2Ccf81cb99-3273-478f-ad79-a5404a44db5c&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x100&didk=1130503755&prev_scp=ti%3D8c9fb8fb-df96-4983-bc46-d8c3f11a713b%26bid-p%3Dgoogle%26bsc%3D70&eri=1&cookie=ID%3Dcc52b1ba5c745fdd-223a5f35f2cb003d%3AT%3D1637585784%3AS%3DALNI_MZPYmnaT-Z6FKC5ATv_HrX2wpf_zQ&bc=31&abxe=1&lmt=1637585784&dt=1637585784547&dlt=1637585783655&idt=465&frm=20&biw=1600&bih=1200&oid=2&adxs=252&adys=1305&adks=1151133312&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1097x0&msz=1097x0&ga_vid=1025101189.1637585784&ga_sid=1637585784&ga_hid=2051351694&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

4832ec1d24edd6198f1a9ca7905e43c6a1042b81f8fc00317e32c3734b169240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10682
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame 9A06 189 KB
55 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 480350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:30:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:30:34 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 9A06 13 KB
5 KB 46ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 578648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 15 Nov 2021 20:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Nov 2022 20:12:16 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 9A06 89 KB
28 KB 47ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 458197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Wed, 17 Nov 2021 05:39:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Nov 2022 05:39:47 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 9A06 5 KB
2 KB 45ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 481794
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:06:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:06:30 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 9A06 40 KB
13 KB 46ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 482180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:00:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:00:04 GMT

GET
DATA 200
OK truncated
/ Frame 9A06 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c700ab058a6192d2ef5d42b62a7ae961c5eaaa16650208261aa0c207b4794625

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 7940992601134203264
tpc.googlesyndication.com/simgad/ Frame 9A06 14 KB
14 KB 37ms
9ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7940992601134203264?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkFHmB7aYd85A3oto5KbsiYtUOhKw

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04b6f812be412d9dec5268790c2a0d8935c7cd3de76fc014079720285b153d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 22:00:43 GMT
x-content-type-options: nosniff
age: 572141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14181
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 12:31:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Nov 2022 22:00:43 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9A06 2 KB
3 KB 35ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 09:41:39 GMT
x-content-type-options: nosniff
server: cafe
age: 11685
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 23 Nov 2021 09:41:39 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9A06 295 B
399 B 36ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 10999
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Nov 2021 09:53:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9A06 0
0 46ms
15ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTy5ubkX_iQ6HLIQbb__mYymtFKLvn0avW6qGEi1_AfpDmvw34kBp_uH1H_8w74JAPuBYg_jRCV79SIJipl1fzPRmi2tQ
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9A06 0
0 47ms
46ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFN08eJObYeyXHNCVrASZ-4u4Coegv7Zm3s24nOwOzN6bz7wqEAEglZvKIWCV2qKCsAegAfTFzfwDyAECqQJt4xV1CeayPuACAKgDAcgDCKoEowJP0NavhDaEYA2CL52H7dTQ0kPOWOSXp7mbPYhBj_Wf6RYQuR9IRYE9GjZrVhD-JvkjrA19FRQihws4PxvitGFoi_UgYBmkvmiuAcSlATmNJlVjSskIMaAkCrpa24GbcEVSWox4Q24Mjq6EkXwcKb_lR47g1eyiRhsl-h-lv1WVN_gHhf5KDtYyOiQ4inBwhu0Sxh_w6kaWZTeEixzNFA2otyVIimOnnRyaPpzEnDh68zTQRtAAw4-sEU2YBIqsdPMfMeabu0kdQ4ke-FCEbE_gs4LDKF8slYv1ZqQisfSCfuXYayRLldhPVQ59XKJAayFJPtNk-bJQqhEbSMeajHhM0Nb92IlJDjtSPoJEnXvT3bQ4l5o7aj9xI8tbXlg7d9Q6MB3ABK3npNrgA-AEAaAGAoAH9LmyA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKqVDNIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=TZVkAiEFtMk&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
402 B 37ms
37ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0&b=3&r=hawtcelebs.com_160x600_hawt160&sy=cd982dd5-46de-4d5d-bc46-066edb01dcdb&ts=70&cd=2&pud=284&pus=c&pue=614&pid=72&pis=c&pie=687&ppd=195&pps=a&ppe=810&pad=73&pas=c&pae=689&pcl=366&ttc=830&tti=1414&ttif=0&lca=810&lcak=ppe&lct=810&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=160x600&mlbw=4g&mlcs=NaN&mltp=8c9fb8fb-df96-4983-bc46-d8c3f11a713b&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FJMBTCK8RRA83NE5357DKAN4
date: Mon, 22 Nov 2021 12:56:24 GMT
cf-cache-status: HIT
age: 282636
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6b225152d97c375e-MXP

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
402 B 31ms
31ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_auto_interstitial_desktop&e=nai&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FJMBTCK8RRA83NE5357DKAN4
date: Mon, 22 Nov 2021 12:56:24 GMT
cf-cache-status: HIT
age: 282636
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6b225152d986375e-MXP

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 21ms
21ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 22ms
22ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 12:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 920 B
502 B 491ms
491ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=553049833568933&correlator=2196312591876866&output=ldjh&impl=fif&eid=31063138%2C44752586&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C42d64542-ad30-45c9-9859-6b93dc8b1e0c&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&didk=3065928106&prev_scp=ti%3D8c9fb8fb-df96-4983-bc46-d8c3f11a713b%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D70&eri=1&cookie=ID%3Dcc52b1ba5c745fdd%3AT%3D1637585784%3AS%3DALNI_MZoEcUEbT0-IQQSouhKrpP8C4kRCQ&bc=31&abxe=1&lmt=1637585784&dt=1637585784767&dlt=1637585783655&idt=465&frm=20&biw=1600&bih=1200&oid=2&adks=1978351858&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1025101189.1637585784&ga_sid=1637585784&ga_hid=2051351694&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d58b8fc714ce78819cc24dfa7c938e1472f6a269a8f80c9b59b64e23355b76f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 473
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 9A06
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

85ms
85ms

Image
text/html

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H3
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

date: Mon, 22 Nov 2021 12:56:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3ADD 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 12:56:24 GMT
expires: Tue, 22 Nov 2022 12:56:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
402 B 28ms
28ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0&b=3&r=hawtcelebs.com_responsive_h_hawtfuterreshor&sy=cd982dd5-46de-4d5d-bc46-066edb01dcdb&ts=70&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=1024x100&mlbw=4g&mlcs=NaN&mltp=8c9fb8fb-df96-4983-bc46-d8c3f11a713b&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FJMBTCK8RRA83NE5357DKAN4
date: Mon, 22 Nov 2021 12:56:24 GMT
cf-cache-status: HIT
age: 282636
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6b225153fc39375e-MXP

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 432A 624 B
297 B 22ms
22ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYuKK9lQEwAQ&v=APEucNVxDCCDDMio-w1iOZgmFUbXjwwND5xq1ylC8lY4q6MGV1GwoxNDxM9JNb02AjQu5trbQvUU-BtXkgXvQMXI7SQ8uR3qShQBGBGxDuIK3yCYnGSa1r_Q-eLkFW5FqZg2JI9565nd5QSKuOTR7u_z_bsiKIOTy9TM90KbzDF3m3m_JOhj6TN_JlJBFrOsyuU9VdmCnVReDwc9r14DPDWGVsHRSJuMDg

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 22 Nov 2021 12:56:25 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 94A3 25 KB
14 KB 39ms
38ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CC2j95985XOCzIOI7RmbVMLvqxV5lLUn2AXM1PhVBTz8uadt43M7NEeWQQy2JWCLTkkNz4edE8-2iEz4AIsN6Xm5JTXByrZqeYTsLtVr-dLhJKHWBbMqHhUeg8AeKwUFG59n3gg1rRSxAHjYh4KZ36cadFig&cry=1&dbm_d=AKAmf-Ahu4bpRjG_fR9rMWQjQQEUj4HzYFGAYpr0nGz6Dzw-_7-jENdWRRwvPhwHoYTzVG7M9tK_8EvE8jnikIhyEardq2CDC6VbtpxqM4nsPRLpiUlo8M_eF7qZu901fqYuyNouIxicfnfhZtQXlBnza23J5scckd6fgnxr-g1dp5XM_gAb7bQL0jdNEJcZCbDipzq2f177u-j_4WgrwhtiF-mo5b1jQu2nomP-xkQ4L3U13mODrP8XhIooWu1wXQGTteeJjqzPNKI-Z-sjDa4QmsKDgW6H1_ntvStmf6XJ5dJ8L0ypZIbZD60e8-SRdbjbltCHKJBlO5HC4Gi5fj92rYwaaJkZcUnbOxb16O3SYvXbRTaTt2oD4FMjFh0ArEZAdB2Qz7In632-7oDbN-y1-Cv3g76HqjuvBw7axpMcdcazLLFmHxjZsA8vMbdABwXzYGqqyPKW63skFso8eRoP1yBlFSaRwDd82hkT-JSd_-kzVN8rdr3sJHVPGwbXcbKJGGfzwDu2dC4Vm_1BOycKKmKh9Y84AVLrIIIzJWXNf8ozKmUa7M-bqIApWOr8sTZgY3RNAFuZQGdrRz-JYSAq5s2r72BMDtAgoCGrQYpX8DyPR6tmo8PGacYwrfFvbR3UTiN2HOn-ez-YHyRX2n2k1kRkY6oh2u_wscntutRjZXzUWPHAXEUCYiOFo7EFM4lRsFSEfBu2DzkJfsCXpP-f0Hq2F0oB1XSNd3Xqcf09co3nSwCdALTvlXkUFPG8mar7VAvsTOhGvBXfgHGkq0X3nqEYpO8ZvHTn-SAS3YZCx__mv-7lG0iTkIaTEN8ARNqjc1PkIswNsG_NNwmIcplTMqr6DXrnfHaqeoXhDWMAO292JGjb2xmbmTdLDkK5wYEENQP8LKLSmnzxGs0mpUryMM8agYkg332m7ojRrh7dgCyR7petuW0pUSnZw71DVTl772gU58JqpWnxrO5Nys9EdLSzACsvs52a2-tVYk7vDFUmURbD0_VcFHcUUZPQUTEQvXsWpFYDS74ScBQ8Die0NKp4T3OiCz1DP9oyz_oNYk43kJZIcDelx5C-cUONwjXzy9AL-cC7Lzq7kv2P-qg2ghXWMdrdKEwI5dM7sGDanJasL15VJV1nk0qhPLE27B9pGJF1vj8QY3tebzz8PfEs2PycA4Gk7KRR2QzvTN0qylbMGDxKlU-eOrGUbuzpzZtXCvJoAp5s54CzM8zD9aFHL1iZVr_gpuFhPdu_-kqYxaH_DJbWRJdGi9n6T52TBv1v7gb43Ny1EQsZRACTZe7Kx37LA5PsH8L_9d56yWbGYi4oN3AKxasEur6FjzDJc1VOfTkNXgQieS0DyY7NK-DMR2bvs2GXV37jTecwJWk2tqpoQYcCRn_DP99grrSQcGSf4nU7rZtVeo2j5AlcFOkp9f2ruvXizFZq0fiRw04tD-TZ-z312hE1E5Pkg2FFkUgSQLa30XC9tLI3T0viuslarRIqhgTn5GGaTz9zm_iALYfZLdm4XzsMwLVCTcgqJW0dcUydWcZ1PUo-yoUtvp7cyIncIhuldyTMcc-_zbfaGXx2pcJt5Sx7_YF5A2fYHW-pDeQ3DU9KLAZ5NbJiwuDmD1M4HHYWLY-mHigMT3eEgSy8ttDFFEcDLaVWhvcBtO3TYpia-4HLnes-D1tt5EE1rzRXaIDxZfNO4sDtpf6Bb7IaxpkcQVPec1s7CRtk2d55Nh6kK2X9hURQ9i73BnD_O2NfRlSdk2E3I6B7HLmhRoq0TxD0XVGw4ejo2FqVRVFG6dJD8Dmr9iWHIPuSydAw_TR04cgOhfkSE-25AEEJm6YSi5Ir2-7UWNVShac29Esq-e3gSPfDd9ntmV_Q4yVUcOM7w_XXkj5WDVzxKvhDNqmh7Chc39pXY0o1ns1iDWWZTf8YVDk8UyxIMSMQ_59eFJ-qwsvOToCczmf6kJyQNaBOvmBA4URMtfU4LcjBkoJ1oZaDc7TBMrSvIQn7BwDnfRU9VONwfEqIgkP5VIZng4H5hiVg-KrrCZ8ueRjHzKaZxGwv9DAcWrdl-gA53G-bvDYvrTAyRxtIew9wqnsu327_ChVij7T4i7lnzjjTwliNk1UW1MFL_ha6BTjpTcN8lvgMoXEjlAu_4gPyC5Gtay7V-YVW2zi062_zH-D_DyhtQAW6L4XBybxHjywS89n-rvlM0FmxeL_DcRxuOamlbVX1p6b6HaTYuJZ_5L5vMFnko7beEw3pIjKTHeGrF_L-2KonqNEegrKihI8yZVdk6wk56najyRIEg5DsLTJ97tkVZQf_fhhNazWLZ4YmzVBoMfBzSoalw42OyYLU9f6JQ-ixnwFig_k9CCQEf55UxddObmOzxne9jGw0FC5qZy-UWBU9TbjevuoIsaRdqfPEiqPiFMfnbbxu4NRSbIDHuDJ_jLSP_iXI6No8T6-uGlaMjDQoKkiQsjI8cJqmhA8b6e11cddligPsSuuRtuM-ZxKKtaOaXs83BpMazbIr4fx9f-dL2paKI15f_4yNsxeNGOMT2otkwlTLCMCtYYJuolh1q21OI4LTXi9gROp5E0dKsLTAfWtZZt51E5jFF_Li6z7NekulRh4084NYdqBgy7iY8z21dHSoxNnN4NjMrKIBeUTo9EsBrtfDi9fNg9EsxxiQEdR0gnbsyqTzNT3tCASwYpjyws24ffKbox0VNhCwouMf4xIgD-5yLZ0rKqcjEWVKcWMxlQrEzfg6buje5gBbHy3pxjT_203PKRMT4xv9v6EVVEf8zsefQsrtfTEexEXrwlFowv3kxla0_CTZZvalBTbYEdmPa2ZxFZqvu94C82ud5E-3oPJ9U-mnAYePzUvWdIigcyRA3MMy08pjV6NyiCHVWUbww4A_AylAhEJqjbL4zbjK2HPSIrPuzPfRY0qwutIwJi8wQTN3obgUICPj1JVqC79N4gwQA1jwovMg0Zys3gHhSDtvr6oQi-HNhtiLytiPUfREwbIRzdD2JwxIJF9F7SKRQFRjuN1xKoaY7cvo6ohBWb9B5cS0i_8ezfGwCZgA07s76OsoGRzFJQwDuaRSl4Z5ffeQ6sCvlvkXfXlr8XO9ICYB2KtvI-l_N1fsuUEqC-wj3NxV8cMRvtEev6-y73Y9nR_rwcWCyPinmP4twg_9uqVKNH5qgCKVxiGWVLcsjfQUy6d9thk-JWTWfpnKTJ9mU2m56MXGCJ8_WpealC3wI5Ec_qHg0qMmFXlcWAx-DaGANXYmq6AQxYep8_cyKKlLVSxvIx-xoPDuRh3ObBmxgzSPoDs_YJXpKqSUOQDgvcMoFHfQoezJhf4e028uUB_PhxFV7i2MUDb7TZJDeSSXz4-6awwUx1iPHEldxGqsRFQ&cid=CAASEuRoi08K_tV3iRrHlVrLVbKhpw&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

5133635d4553362466f6c8cabd4d5beada085eb9bc867f040f3017244ca0a7d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14765
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 94A3 2 KB
1 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 12:54:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 94A3 119 KB
37 KB 54ms
52ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 12:56:25 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 94A3 15 KB
6 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:53:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 12:53:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 94A3 42 B
63 B 48ms
47ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-APug-6dbdKwGdNoQg58qVWMYO-5nCFA0KZ7B8TSFNIPT-UX6SZxNoeM57Y0vG--sB3sP_a16Mk8yVH-HpCy9ko0yeFxemLk8pDb43h5wHy_o2E62A

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame 23B9 189 KB
54 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 480351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:30:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:30:34 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 23B9 13 KB
5 KB 31ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 578649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 15 Nov 2021 20:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Nov 2022 20:12:16 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 23B9 89 KB
28 KB 31ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 458198
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Wed, 17 Nov 2021 05:39:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Nov 2022 05:39:47 GMT

GET
H3 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 23B9 71 KB
16 KB 42ms
26ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce7047f1978917a3b97a424026182cf9eebcc488c8019f0fc85bc2acf78ecd70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 479884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16759
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:38:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6f5521ec42d8a94a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:38:21 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 23B9 5 KB
2 KB 41ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 481795
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:06:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:06:30 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 23B9 40 KB
13 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 482181
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:00:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:00:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 23B9 8 KB
705 B 36ms
19ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:regular,300,700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c21346e0102cb0ae60afdb16611a27cc5699b4d39e6fbbd2db156d1985070de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 12:56:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 12:56:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 12:56:25 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 23B9 2 KB
2 KB 17ms
10ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 09:41:39 GMT
x-content-type-options: nosniff
server: cafe
age: 11686
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 23 Nov 2021 09:41:39 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 23B9 295 B
319 B 16ms
9ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 11000
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Nov 2021 09:53:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 23B9 0
0 15ms
15ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRY613WGGz1Pt83EsTriTYnZIvQlXwmhm0q4cHb3EqFjLUxSLl9igrCbEI4TOBEb5RF5H6WNVVheXmDzaEaPPB6wBDEYw
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 23B9 0
0 52ms
51ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJOIHeJObYcfaIeSirATJ0bCwDre2vcBmq-DVwrYOgO2rtt8jEAEglZvKIWCV2qKCsAegAdWH2_ECyAEJqQJt4xV1CeayPuACAKgDAcgDCKoEngJP0GyuE8379qReotGNvE6s5iEP2F3NC1_q2SwZMqd5FjmftpLAKEBcl33ACIXeAJXQOG3kVP4lHniu_r8zappPRzCwUMZC6W4483-fAwll0TRKmBjkIxlaySuW6rFdBGfbB1Y1gyuoPKAHE3lJw-CTpogeIZEs24sK4BpOds80pRmQkgRBHesUyOqBw7VDE_zc83jV94seJTk1hkU4RNnpyOx-VOpMK0ZWKNYFpowZT2Y84ASyqLR34ztzF5LzXzu73hGp8IEbXBb7U-aqNkHC_SrJQ-EM5esw0MHDemdvM56tHSz9T0lkByS-Q4li4EQpZT4ovhF67_0ZIRAdvqhHE81HWqojrrDqvk9YFpS1R6uvd8EijsYePx0ga905wAT4lOqsqQPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHk_ikjgGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDRmBnSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTk5Mzg1NjU4MjIwMzQ2ODCACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=xpvUK3XRNYI&uach_m=[UACH]&template_id=419&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
402 B 33ms
33ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0&b=3&r=hawtcelebs.com_300x600_hawt600&sy=cd982dd5-46de-4d5d-bc46-066edb01dcdb&ts=70&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=300x600&mlbw=4g&mlcs=NaN&mltp=8c9fb8fb-df96-4983-bc46-d8c3f11a713b&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FJMBTCK8RRA83NE5357DKAN4
date: Mon, 22 Nov 2021 12:56:25 GMT
cf-cache-status: HIT
age: 282637
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6b2251545d3e375e-MXP

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame 2CDE 189 KB
54 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 480351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:30:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:30:34 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 2CDE 13 KB
5 KB 22ms
17ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 578649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 15 Nov 2021 20:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Nov 2022 20:12:16 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 2CDE 89 KB
28 KB 23ms
18ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 458198
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Wed, 17 Nov 2021 05:39:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Nov 2022 05:39:47 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 2CDE 5 KB
2 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 481795
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:06:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:06:30 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 2CDE 40 KB
13 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 482181
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:00:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:00:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2CDE 3 KB
579 B 25ms
21ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 12:08:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 12:56:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 12:56:25 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2CDE 2 KB
2 KB 10ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 09:41:39 GMT
x-content-type-options: nosniff
server: cafe
age: 11686
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 23 Nov 2021 09:41:39 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2CDE 295 B
319 B 11ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 11000
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Nov 2021 09:53:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2CDE 0
0 23ms
20ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8xSMwP6L7-iE0nCbubjYbGClUzKUfkf85_9Z_626INdFmVF8DGHY6Tz9uplqMv6RCa3NlAr3iBcwRDvApFiirZT2tWg
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2CDE 0
0 52ms
50ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFdEGeJObYdeFIZW63wOFl7-wBoegv7Zmnpvg74EPzN6bz7wqEAEglZvKIWCV2qKCsAegAfTFzfwDyAEBqQJt4xV1CeayPuACAKgDAcgDCqoEoQJP0Jew-kEEr8eDiHhaBds97Cx4vsPzRAdzTpb08fRWZ7jqkzR0nkoxUsUmAtPAQSpVqq0sfgzJT_DB6H5ALaXkWLZ5kLEML9wshB3wTN7YZVZv8rFl7U4T5dbgVxEiPM07zRj7PvffjFUxl0BX8jcuGlYGGeNZDtit3AUw4-eXba8BTAJOY6d9bpZeIVxMiaQvGcAlt9Yrr93rAVvySHEo9kBTuoDiTmoAgQ2-w5JdUYO0I6PbjqFGfte1YKEDWxA-79qj3k0PdX_93Eys4xFMR0anBCwdqtO_gvWZ4hBYDxGNLTkNBCHm9AI_nwpPveWJA-fowQj7AqdVVoXT72W9lBauXuNnYORXOFrOhRhkOiCqWPQRnGG8NuWzU1PKKnu5wASt56Ta4APgBAGAB_S5sgOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCO5gvSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTk5Mzg1NjU4MjIwMzQ2ODCACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=cGGNHO5RgnE&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
402 B 40ms
38ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0&b=3&r=hawtcelebs.com_300x250_desno300x250&sy=cd982dd5-46de-4d5d-bc46-066edb01dcdb&ts=70&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=300x250&mlbw=4g&mlcs=NaN&mltp=8c9fb8fb-df96-4983-bc46-d8c3f11a713b&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FJMBTCK8RRA83NE5357DKAN4
date: Mon, 22 Nov 2021 12:56:25 GMT
cf-cache-status: HIT
age: 282637
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6b2251548db5375e-MXP

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 94A3 24 KB
9 KB 15ms
6ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CC2j95985XOCzIOI7RmbVMLvqxV5lLUn2AXM1PhVBTz8uadt43M7NEeWQQy2JWCLTkkNz4edE8-2iEz4AIsN6Xm5JTXByrZqeYTsLtVr-dLhJKHWBbMqHhUeg8AeKwUFG59n3gg1rRSxAHjYh4KZ36cadFig&cry=1&dbm_d=AKAmf-Ahu4bpRjG_fR9rMWQjQQEUj4HzYFGAYpr0nGz6Dzw-_7-jENdWRRwvPhwHoYTzVG7M9tK_8EvE8jnikIhyEardq2CDC6VbtpxqM4nsPRLpiUlo8M_eF7qZu901fqYuyNouIxicfnfhZtQXlBnza23J5scckd6fgnxr-g1dp5XM_gAb7bQL0jdNEJcZCbDipzq2f177u-j_4WgrwhtiF-mo5b1jQu2nomP-xkQ4L3U13mODrP8XhIooWu1wXQGTteeJjqzPNKI-Z-sjDa4QmsKDgW6H1_ntvStmf6XJ5dJ8L0ypZIbZD60e8-SRdbjbltCHKJBlO5HC4Gi5fj92rYwaaJkZcUnbOxb16O3SYvXbRTaTt2oD4FMjFh0ArEZAdB2Qz7In632-7oDbN-y1-Cv3g76HqjuvBw7axpMcdcazLLFmHxjZsA8vMbdABwXzYGqqyPKW63skFso8eRoP1yBlFSaRwDd82hkT-JSd_-kzVN8rdr3sJHVPGwbXcbKJGGfzwDu2dC4Vm_1BOycKKmKh9Y84AVLrIIIzJWXNf8ozKmUa7M-bqIApWOr8sTZgY3RNAFuZQGdrRz-JYSAq5s2r72BMDtAgoCGrQYpX8DyPR6tmo8PGacYwrfFvbR3UTiN2HOn-ez-YHyRX2n2k1kRkY6oh2u_wscntutRjZXzUWPHAXEUCYiOFo7EFM4lRsFSEfBu2DzkJfsCXpP-f0Hq2F0oB1XSNd3Xqcf09co3nSwCdALTvlXkUFPG8mar7VAvsTOhGvBXfgHGkq0X3nqEYpO8ZvHTn-SAS3YZCx__mv-7lG0iTkIaTEN8ARNqjc1PkIswNsG_NNwmIcplTMqr6DXrnfHaqeoXhDWMAO292JGjb2xmbmTdLDkK5wYEENQP8LKLSmnzxGs0mpUryMM8agYkg332m7ojRrh7dgCyR7petuW0pUSnZw71DVTl772gU58JqpWnxrO5Nys9EdLSzACsvs52a2-tVYk7vDFUmURbD0_VcFHcUUZPQUTEQvXsWpFYDS74ScBQ8Die0NKp4T3OiCz1DP9oyz_oNYk43kJZIcDelx5C-cUONwjXzy9AL-cC7Lzq7kv2P-qg2ghXWMdrdKEwI5dM7sGDanJasL15VJV1nk0qhPLE27B9pGJF1vj8QY3tebzz8PfEs2PycA4Gk7KRR2QzvTN0qylbMGDxKlU-eOrGUbuzpzZtXCvJoAp5s54CzM8zD9aFHL1iZVr_gpuFhPdu_-kqYxaH_DJbWRJdGi9n6T52TBv1v7gb43Ny1EQsZRACTZe7Kx37LA5PsH8L_9d56yWbGYi4oN3AKxasEur6FjzDJc1VOfTkNXgQieS0DyY7NK-DMR2bvs2GXV37jTecwJWk2tqpoQYcCRn_DP99grrSQcGSf4nU7rZtVeo2j5AlcFOkp9f2ruvXizFZq0fiRw04tD-TZ-z312hE1E5Pkg2FFkUgSQLa30XC9tLI3T0viuslarRIqhgTn5GGaTz9zm_iALYfZLdm4XzsMwLVCTcgqJW0dcUydWcZ1PUo-yoUtvp7cyIncIhuldyTMcc-_zbfaGXx2pcJt5Sx7_YF5A2fYHW-pDeQ3DU9KLAZ5NbJiwuDmD1M4HHYWLY-mHigMT3eEgSy8ttDFFEcDLaVWhvcBtO3TYpia-4HLnes-D1tt5EE1rzRXaIDxZfNO4sDtpf6Bb7IaxpkcQVPec1s7CRtk2d55Nh6kK2X9hURQ9i73BnD_O2NfRlSdk2E3I6B7HLmhRoq0TxD0XVGw4ejo2FqVRVFG6dJD8Dmr9iWHIPuSydAw_TR04cgOhfkSE-25AEEJm6YSi5Ir2-7UWNVShac29Esq-e3gSPfDd9ntmV_Q4yVUcOM7w_XXkj5WDVzxKvhDNqmh7Chc39pXY0o1ns1iDWWZTf8YVDk8UyxIMSMQ_59eFJ-qwsvOToCczmf6kJyQNaBOvmBA4URMtfU4LcjBkoJ1oZaDc7TBMrSvIQn7BwDnfRU9VONwfEqIgkP5VIZng4H5hiVg-KrrCZ8ueRjHzKaZxGwv9DAcWrdl-gA53G-bvDYvrTAyRxtIew9wqnsu327_ChVij7T4i7lnzjjTwliNk1UW1MFL_ha6BTjpTcN8lvgMoXEjlAu_4gPyC5Gtay7V-YVW2zi062_zH-D_DyhtQAW6L4XBybxHjywS89n-rvlM0FmxeL_DcRxuOamlbVX1p6b6HaTYuJZ_5L5vMFnko7beEw3pIjKTHeGrF_L-2KonqNEegrKihI8yZVdk6wk56najyRIEg5DsLTJ97tkVZQf_fhhNazWLZ4YmzVBoMfBzSoalw42OyYLU9f6JQ-ixnwFig_k9CCQEf55UxddObmOzxne9jGw0FC5qZy-UWBU9TbjevuoIsaRdqfPEiqPiFMfnbbxu4NRSbIDHuDJ_jLSP_iXI6No8T6-uGlaMjDQoKkiQsjI8cJqmhA8b6e11cddligPsSuuRtuM-ZxKKtaOaXs83BpMazbIr4fx9f-dL2paKI15f_4yNsxeNGOMT2otkwlTLCMCtYYJuolh1q21OI4LTXi9gROp5E0dKsLTAfWtZZt51E5jFF_Li6z7NekulRh4084NYdqBgy7iY8z21dHSoxNnN4NjMrKIBeUTo9EsBrtfDi9fNg9EsxxiQEdR0gnbsyqTzNT3tCASwYpjyws24ffKbox0VNhCwouMf4xIgD-5yLZ0rKqcjEWVKcWMxlQrEzfg6buje5gBbHy3pxjT_203PKRMT4xv9v6EVVEf8zsefQsrtfTEexEXrwlFowv3kxla0_CTZZvalBTbYEdmPa2ZxFZqvu94C82ud5E-3oPJ9U-mnAYePzUvWdIigcyRA3MMy08pjV6NyiCHVWUbww4A_AylAhEJqjbL4zbjK2HPSIrPuzPfRY0qwutIwJi8wQTN3obgUICPj1JVqC79N4gwQA1jwovMg0Zys3gHhSDtvr6oQi-HNhtiLytiPUfREwbIRzdD2JwxIJF9F7SKRQFRjuN1xKoaY7cvo6ohBWb9B5cS0i_8ezfGwCZgA07s76OsoGRzFJQwDuaRSl4Z5ffeQ6sCvlvkXfXlr8XO9ICYB2KtvI-l_N1fsuUEqC-wj3NxV8cMRvtEev6-y73Y9nR_rwcWCyPinmP4twg_9uqVKNH5qgCKVxiGWVLcsjfQUy6d9thk-JWTWfpnKTJ9mU2m56MXGCJ8_WpealC3wI5Ec_qHg0qMmFXlcWAx-DaGANXYmq6AQxYep8_cyKKlLVSxvIx-xoPDuRh3ObBmxgzSPoDs_YJXpKqSUOQDgvcMoFHfQoezJhf4e028uUB_PhxFV7i2MUDb7TZJDeSSXz4-6awwUx1iPHEldxGqsRFQ&cid=CAASEuRoi08K_tV3iRrHlVrLVbKhpw&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 12:53:07 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 94A3 41 KB
15 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414390
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 17 Nov 2022 17:49:55 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 432A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDocjWNXODi5UDzUIyCCuWA&google_cver=1

43 B
1014 B

70ms
57ms

Image
image/gif

184.30.24.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDocjWNXODi5UDzUIyCCuWA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYuKK9lQEwAQ&v=APEucNVxDCCDDMio-w1iOZgmFUbXjwwND5xq1ylC8lY4q6MGV1GwoxNDxM9JNb02AjQu5trbQvUU-BtXkgXvQMXI7SQ8uR3qShQBGBGxDuIK3yCYnGSa1r_Q-eLkFW5FqZg2JI9565nd5QSKuOTR7u_z_bsiKIOTy9TM90KbzDF3m3m_JOhj6TN_JlJBFrOsyuU9VdmCnVReDwc9r14DPDWGVsHRSJuMDg
Protocol: HTTP/1.1
Server: 184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 12:56:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 12:56:25 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDocjWNXODi5UDzUIyCCuWA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 432A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZuTeW-jjcaUJ19h34OjUwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDocjWNXODi5UDzUIyCCuWA&google_cver=1

43 B
894 B

21ms
20ms

Image
image/gif

184.30.24.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDocjWNXODi5UDzUIyCCuWA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYuKK9lQEwAQ&v=APEucNVxDCCDDMio-w1iOZgmFUbXjwwND5xq1ylC8lY4q6MGV1GwoxNDxM9JNb02AjQu5trbQvUU-BtXkgXvQMXI7SQ8uR3qShQBGBGxDuIK3yCYnGSa1r_Q-eLkFW5FqZg2JI9565nd5QSKuOTR7u_z_bsiKIOTy9TM90KbzDF3m3m_JOhj6TN_JlJBFrOsyuU9VdmCnVReDwc9r14DPDWGVsHRSJuMDg
Protocol: HTTP/1.1
Server: 184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 12:56:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 12:56:25 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDocjWNXODi5UDzUIyCCuWA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 432A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHuKBeQL5yRa05j0mGsIZcA&google_cver=1

43 B
1002 B

17ms
7ms

Image
image/gif

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHuKBeQL5yRa05j0mGsIZcA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYuKK9lQEwAQ&v=APEucNVxDCCDDMio-w1iOZgmFUbXjwwND5xq1ylC8lY4q6MGV1GwoxNDxM9JNb02AjQu5trbQvUU-BtXkgXvQMXI7SQ8uR3qShQBGBGxDuIK3yCYnGSa1r_Q-eLkFW5FqZg2JI9565nd5QSKuOTR7u_z_bsiKIOTy9TM90KbzDF3m3m_JOhj6TN_JlJBFrOsyuU9VdmCnVReDwc9r14DPDWGVsHRSJuMDg

Protocol

HTTP/1.1

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 12:56:25 GMT
X-Proxy-Origin: 193.27.14.26; 193.27.14.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ca08a8be-e0ca-4b75-b907-8382f6d06a59
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHuKBeQL5yRa05j0mGsIZcA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 432A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI2MTYwNzg1NDU5OTEyMzIxNg%3D%3D

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI2MTYwNzg1NDU5OTEyMzIxNg%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 12:56:25 GMT
X-Proxy-Origin: 193.27.14.26; 193.27.14.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 7315ae38-908a-4af8-87fc-734e0a6d1e44
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI2MTYwNzg1NDU5OTEyMzIxNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 23B9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b614df29623388eccceeb9957146a93d860034652314d13360915e1a38a57a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 visual-300x600px.jpg
tpc.googlesyndication.com/sadbundle/8464455209849333285/ Frame 23B9 69 KB
70 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8464455209849333285/visual-300x600px.jpg

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd98f7212bcbcb4b32fda1b3f0cc8fe24598ddc269ff5b4a2be2246ad052f501

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:09:44 GMT
x-content-type-options: nosniff
age: 2801
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71160
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 12:29:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 22 Nov 2022 12:09:44 GMT

GET
H3 200 logo-300x600px.png
tpc.googlesyndication.com/sadbundle/8464455209849333285/ Frame 23B9 5 KB
5 KB 12ms
11ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8464455209849333285/logo-300x600px.png

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09856371d453de312e47036fefbe16fe858630be315139ec3abc24254ca913c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 10:55:48 GMT
x-content-type-options: nosniff
age: 525637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5021
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 12:29:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Nov 2022 10:55:48 GMT

GET
H3 200 cta_1.png
tpc.googlesyndication.com/sadbundle/8464455209849333285/ Frame 23B9 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8464455209849333285/cta_1.png

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c09ab1db0d9fbdcef20518036f8976f32adf38b37ec215106599e1af9d0875a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 17:46:52 GMT
x-content-type-options: nosniff
age: 500973
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1564
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 12:29:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Nov 2022 17:46:52 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 23B9 44 KB
44 KB 24ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular,300,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hawtcelebs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 255863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:52:02 GMT

GET
DATA 200
OK truncated
/ Frame 2CDE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 661252df2d0e861f9cbfa9138561ac01bd0e14e1c1046126e420ab6503e84201

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 2CDE 21 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hawtcelebs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 16:54:46 GMT
x-content-type-options: nosniff
age: 504099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 16:54:46 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 2CDE 21 KB
21 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hawtcelebs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 585299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 15 Nov 2022 18:21:26 GMT

GET
H/1.1 200
OK xhwrmj44o767 Show response
hal9000.redintelligence.net/zone/ Frame 94A3 11 KB
4 KB 44ms
12ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/xhwrmj44o767?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3tZQeJObYYv5I4Ll3wPGgJqwA7XN-YNXvNu5q-UM8C4QASCVm8ohYJXaooKwB8gBCakCbeMVdQnmsj6oAwGqBPcBT9AzW8L-sDYE4n1V-NMjK_SYAgOEayU2Os4Dv3Cb_6xytTE4Cf72ytOEBNBTf9K1ADu87JW-QXQ3V7sXaU1FgIP6yGw6SjzsVITiV797-znznmKFb0d2ykB5QHrMHfDqnHtoJuO4Jfp08-iaRscjUQ5-F63ys6O7StZzbNxYSQ0sy9fS1HFqa96VLAgZG2um8n3US1-nzEQyMG-Au6Yr287tD1Abj-McIbKBNEgKNjjVE8O2Vdp9NBsmFnarU-BefNxfGRip70BUhJyMaPgs99MqduXflQq-HhjkzGZcytHFJ4TNTKBH0s59sdKG0xp8iU2To-fjfcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0NjgwgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoi08K_tV3iRrHlVrLVbKhpw%26sig%3DAOD64_3inC0ojv7-5Q_V5faFBAKmr4Cdeg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-A5Tsg-4Lct3KCErubOyohlgcTLl3gJbJ40ciAYfvwTWNaqgSwfGqMac8EFaB0nJKum8zYO0kamTrNLk7TItD0fI3xYEvJfxLx9rpLslbbPd2LFGDWGN-zoZSc3VGrXn4iNhPHR-K5nVdoBwK4G20CPl5M_Pw%26cry%3D1%26dbm_d%3DAKAmf-CYhfeulILK23DvWDzVoHlHY44l0Ka6dbMa0LCATLom48c7tPT6ZRlz8HEDCwNV4vRY_eH1GriqWsjXTPQA4wLNX9tu4ISDzA4XMa7CNu-pqM9RBWpjdlkKdml-KqYy6-mEwb4DIStMHxTPFSMagEnhj5SKUp-tg_y9xBlEeJuMM9s5BUy9myjIIHH9qpfdwKMU-Z5yA5pBUYGqtHb87rgqRLyAVBQQuNbJN3blGN7AwnaDgxJiuv5ormhTfvr59WJFPVS2gYdcJDEMb7suuit0syhT0H9mvqwwqCyKr_8DKAR1MXbrwHb3PLcZZlQB25acNxjOdYOUm-SzCHkrBs_QtPOh4gKdur-NtnkNbBapUSsdSxGVyXHTs2x6yloExYGMnZ9fO1p-oKKBbzbgvfllJlGdIWRE5gmhTp7mBrpEsqzGx-1W6YqTIo5nPSn3HtfT7fzVHezQ7Uwm6qnpKHg27CDZ0sK6_4f6JiLkn2DFETGvfPQjDYvmxQ4KyPfxHRJBaAdI%26adurl%3D
Requested by: Host: 83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com
URL: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 8c27da5de07d1b09f6150fff69aebb6508de55d29c6767170cb13f3fb2b9afa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 12:56:25 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3991
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 2CDE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

61ms
61ms

Image
text/html

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H3
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

date: Mon, 22 Nov 2021 12:56:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5CA0 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 21 Nov 2021 14:25:07 GMT
expires: Mon, 21 Nov 2022 14:25:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 81078
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

request.php Show response
hal900015.redintelligence.net/ Frame 94A3
Redirect Chain

https://hal900015.redintelligence.net/request.php?zone=xhwrmj44o767&nw=20&renderingType=javascript&namespace=8847f9a957&subid=&uid=3b0074a57ad10dcb&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900015.redintelligence.net/request.php?zone=xhwrmj44o767&nw=20&renderingType=javascript&namespace=8847f9a957&subid=&uid=3b0074a57ad10dcb&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

92ms
70ms

Script
application/x-javascript

138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request.php?zone=xhwrmj44o767&nw=20&renderingType=javascript&namespace=8847f9a957&subid=&uid=3b0074a57ad10dcb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3tZQeJObYYv5I4Ll3wPGgJqwA7XN-YNXvNu5q-UM8C4QASCVm8ohYJXaooKwB8gBCakCbeMVdQnmsj6oAwGqBPcBT9AzW8L-sDYE4n1V-NMjK_SYAgOEayU2Os4Dv3Cb_6xytTE4Cf72ytOEBNBTf9K1ADu87JW-QXQ3V7sXaU1FgIP6yGw6SjzsVITiV797-znznmKFb0d2ykB5QHrMHfDqnHtoJuO4Jfp08-iaRscjUQ5-F63ys6O7StZzbNxYSQ0sy9fS1HFqa96VLAgZG2um8n3US1-nzEQyMG-Au6Yr287tD1Abj-McIbKBNEgKNjjVE8O2Vdp9NBsmFnarU-BefNxfGRip70BUhJyMaPgs99MqduXflQq-HhjkzGZcytHFJ4TNTKBH0s59sdKG0xp8iU2To-fjfcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0NjgwgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoi08K_tV3iRrHlVrLVbKhpw%26sig%3DAOD64_3inC0ojv7-5Q_V5faFBAKmr4Cdeg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-A5Tsg-4Lct3KCErubOyohlgcTLl3gJbJ40ciAYfvwTWNaqgSwfGqMac8EFaB0nJKum8zYO0kamTrNLk7TItD0fI3xYEvJfxLx9rpLslbbPd2LFGDWGN-zoZSc3VGrXn4iNhPHR-K5nVdoBwK4G20CPl5M_Pw%26cry%3D1%26dbm_d%3DAKAmf-CYhfeulILK23DvWDzVoHlHY44l0Ka6dbMa0LCATLom48c7tPT6ZRlz8HEDCwNV4vRY_eH1GriqWsjXTPQA4wLNX9tu4ISDzA4XMa7CNu-pqM9RBWpjdlkKdml-KqYy6-mEwb4DIStMHxTPFSMagEnhj5SKUp-tg_y9xBlEeJuMM9s5BUy9myjIIHH9qpfdwKMU-Z5yA5pBUYGqtHb87rgqRLyAVBQQuNbJN3blGN7AwnaDgxJiuv5ormhTfvr59WJFPVS2gYdcJDEMb7suuit0syhT0H9mvqwwqCyKr_8DKAR1MXbrwHb3PLcZZlQB25acNxjOdYOUm-SzCHkrBs_QtPOh4gKdur-NtnkNbBapUSsdSxGVyXHTs2x6yloExYGMnZ9fO1p-oKKBbzbgvfllJlGdIWRE5gmhTp7mBrpEsqzGx-1W6YqTIo5nPSn3HtfT7fzVHezQ7Uwm6qnpKHg27CDZ0sK6_4f6JiLkn2DFETGvfPQjDYvmxQ4KyPfxHRJBaAdI%26adurl%3D&documentReferer=https%3A%2F%2F83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.hawtcelebs.com&random=2752114816211&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com
URL: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 49a7329c58737bc59c1ca113696cffc69d5224c72bffaa456a28cf202208ec3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 12:56:25 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 27625900089095001084714011786015
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 891
Expires: Mon, 22 Nov 2021 12:56:25 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 12:56:25 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=xhwrmj44o767&nw=20&renderingType=javascript&namespace=8847f9a957&subid=&uid=3b0074a57ad10dcb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3tZQeJObYYv5I4Ll3wPGgJqwA7XN-YNXvNu5q-UM8C4QASCVm8ohYJXaooKwB8gBCakCbeMVdQnmsj6oAwGqBPcBT9AzW8L-sDYE4n1V-NMjK_SYAgOEayU2Os4Dv3Cb_6xytTE4Cf72ytOEBNBTf9K1ADu87JW-QXQ3V7sXaU1FgIP6yGw6SjzsVITiV797-znznmKFb0d2ykB5QHrMHfDqnHtoJuO4Jfp08-iaRscjUQ5-F63ys6O7StZzbNxYSQ0sy9fS1HFqa96VLAgZG2um8n3US1-nzEQyMG-Au6Yr287tD1Abj-McIbKBNEgKNjjVE8O2Vdp9NBsmFnarU-BefNxfGRip70BUhJyMaPgs99MqduXflQq-HhjkzGZcytHFJ4TNTKBH0s59sdKG0xp8iU2To-fjfcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0NjgwgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoi08K_tV3iRrHlVrLVbKhpw%26sig%3DAOD64_3inC0ojv7-5Q_V5faFBAKmr4Cdeg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-A5Tsg-4Lct3KCErubOyohlgcTLl3gJbJ40ciAYfvwTWNaqgSwfGqMac8EFaB0nJKum8zYO0kamTrNLk7TItD0fI3xYEvJfxLx9rpLslbbPd2LFGDWGN-zoZSc3VGrXn4iNhPHR-K5nVdoBwK4G20CPl5M_Pw%26cry%3D1%26dbm_d%3DAKAmf-CYhfeulILK23DvWDzVoHlHY44l0Ka6dbMa0LCATLom48c7tPT6ZRlz8HEDCwNV4vRY_eH1GriqWsjXTPQA4wLNX9tu4ISDzA4XMa7CNu-pqM9RBWpjdlkKdml-KqYy6-mEwb4DIStMHxTPFSMagEnhj5SKUp-tg_y9xBlEeJuMM9s5BUy9myjIIHH9qpfdwKMU-Z5yA5pBUYGqtHb87rgqRLyAVBQQuNbJN3blGN7AwnaDgxJiuv5ormhTfvr59WJFPVS2gYdcJDEMb7suuit0syhT0H9mvqwwqCyKr_8DKAR1MXbrwHb3PLcZZlQB25acNxjOdYOUm-SzCHkrBs_QtPOh4gKdur-NtnkNbBapUSsdSxGVyXHTs2x6yloExYGMnZ9fO1p-oKKBbzbgvfllJlGdIWRE5gmhTp7mBrpEsqzGx-1W6YqTIo5nPSn3HtfT7fzVHezQ7Uwm6qnpKHg27CDZ0sK6_4f6JiLkn2DFETGvfPQjDYvmxQ4KyPfxHRJBaAdI%26adurl%3D&documentReferer=https%3A%2F%2F83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.hawtcelebs.com&random=2752114816211&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 22 Nov 2021 12:56:25 +0100

GET
H3 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5CA0 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:29:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 12:29:24 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
402 B 41ms
41ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_auto_interstitial_desktop&e=nai&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FJMBTCK8RRA83NE5357DKAN4
date: Mon, 22 Nov 2021 12:56:25 GMT
cf-cache-status: HIT
age: 282637
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6b22515609b6375e-MXP

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CA0 0
20 B 45ms
45ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BevtyeZObYYI4jIz27w_U5rzgDQAAAAA4AeAEAg&bg=!9Pel97PNAAZQLpa_UC47ACkAdvg8WlDFkTv4bu0nNo5gUtXXm1tzdrvrQmwB2PQOkJUl18nm5E583QIAAABXUgAAAAdoAQeZAxCb-ngVdt5ztAMUY64wlFsDupSZGwWZGK2MEx4cq8fUz4ormKUKKmBrz5lW4jJtXslkMIkl6P9wyiwz6EKWeUEJY7kGawvZT1uwfC3IN_TPHV1kMuyQcZbVn5_Otsm9s_y12chWYaraWgbzXF2qJQ9JKnCmYVoliIhD5CumHyVBvuylk833Iw2W21bHi_B7YAM3UxSPPodNAqAT-k4Y1INpo8HuTI024hJms86PJvVKPyRNp9B-wof9JvQ55L7MwuiJGOtRYsc2J1Lslu3YxiSKg4TfQGutruh_CLyItBiSser6fC7jKYZt-IkPR6JZ9cj7LsRYTEb0tlxyGfDYSa0Rj9qM_lD9vGQpW_d5GSQnxm4O4iKqSvadbLYjCYiutZ96G8S-LRt4bYZc_Z5GUmsi57faTAU4k510PvYuaHvhi7PZ-rZ4t1bXU5G7nivVN9-uAnxGxP2qGgDaS5mimWKrpu8E_eYVD_YiRXsHERlP9DMnaZAwxntlmHvG1miku7EJZLpGxgfBJrv62AdZNCXWncAXO0-Vuv0Az9xynHLftBw9h1sQUuo9-UHezn0RZTWW0FOuIYkMBAX3MN7NeLWXypkHS65cxzDwlOmuDzOfu2jyNqIlNNCxiXUIVFObFVw1iXdlLwiI2v3ZXy8FOxk4T33VbT6sxSAN2UGaTW1JG5wsQ0VTXdtF7CfyqUevAuovyx53ssFJIC5_WAPdfcbCdDqfZ2euM_aznAWZiP0Zsc7DS6kpvJ_iLQ5hXI4yyBkQHLnbbMslDhiqUJR3sn16_GCZToRjr8ch841fYr0bo3UzIMNzK3SQIcqndQ6t1ztecr7cszVrKpvXc3BsJ94OARnU7aYzjr8vSXUMGQ4_SmrJ1FJn6FCtsV-dQWUA7dgucxyq59mpkDLoXxgHhBxdtJb_Pteor9L9mQAI_jmLC_2S3AmAQzYeprTwEAySuqZT3tLIqkWZVUTP4fnWqwrct0gnhMzng8hvfPEWVzskiM5KhUsCD6DLeiWocGwFgT7QfQaPwQhPgv-f8_l6FKez

Requested by

Host: 83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com
URL: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CPuymriCrPQCFYSEhQodTsEJsw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7760067956100.017 Show response
5994599.fls.doubleclick.net/ Frame 42BD
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7760067956100.017?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPuymriCrPQCFYSEhQodTsEJsw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7760067956100.017?

391 B
343 B

49ms
32ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CPuymriCrPQCFYSEhQodTsEJsw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7760067956100.017?

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

558cdefa5e7639697b2bf0860fae00320fa6b137184786b896f59af32914eee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 22 Nov 2021 12:56:25 GMT
expires: Mon, 22 Nov 2021 12:56:25 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 320
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 22 Nov 2021 12:56:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPuymriCrPQCFYSEhQodTsEJsw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7760067956100.017?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900015.redintelligence.net/ Frame 1BC4 4 KB
2 KB 34ms
12ms Document
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request_content.php?s=27625900089095001084714011786015&a=c113f24d
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=xhwrmj44o767&nw=20&renderingType=javascript&namespace=8847f9a957&subid=&uid=3b0074a57ad10dcb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3tZQeJObYYv5I4Ll3wPGgJqwA7XN-YNXvNu5q-UM8C4QASCVm8ohYJXaooKwB8gBCakCbeMVdQnmsj6oAwGqBPcBT9AzW8L-sDYE4n1V-NMjK_SYAgOEayU2Os4Dv3Cb_6xytTE4Cf72ytOEBNBTf9K1ADu87JW-QXQ3V7sXaU1FgIP6yGw6SjzsVITiV797-znznmKFb0d2ykB5QHrMHfDqnHtoJuO4Jfp08-iaRscjUQ5-F63ys6O7StZzbNxYSQ0sy9fS1HFqa96VLAgZG2um8n3US1-nzEQyMG-Au6Yr287tD1Abj-McIbKBNEgKNjjVE8O2Vdp9NBsmFnarU-BefNxfGRip70BUhJyMaPgs99MqduXflQq-HhjkzGZcytHFJ4TNTKBH0s59sdKG0xp8iU2To-fjfcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0NjgwgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoi08K_tV3iRrHlVrLVbKhpw%26sig%3DAOD64_3inC0ojv7-5Q_V5faFBAKmr4Cdeg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-A5Tsg-4Lct3KCErubOyohlgcTLl3gJbJ40ciAYfvwTWNaqgSwfGqMac8EFaB0nJKum8zYO0kamTrNLk7TItD0fI3xYEvJfxLx9rpLslbbPd2LFGDWGN-zoZSc3VGrXn4iNhPHR-K5nVdoBwK4G20CPl5M_Pw%26cry%3D1%26dbm_d%3DAKAmf-CYhfeulILK23DvWDzVoHlHY44l0Ka6dbMa0LCATLom48c7tPT6ZRlz8HEDCwNV4vRY_eH1GriqWsjXTPQA4wLNX9tu4ISDzA4XMa7CNu-pqM9RBWpjdlkKdml-KqYy6-mEwb4DIStMHxTPFSMagEnhj5SKUp-tg_y9xBlEeJuMM9s5BUy9myjIIHH9qpfdwKMU-Z5yA5pBUYGqtHb87rgqRLyAVBQQuNbJN3blGN7AwnaDgxJiuv5ormhTfvr59WJFPVS2gYdcJDEMb7suuit0syhT0H9mvqwwqCyKr_8DKAR1MXbrwHb3PLcZZlQB25acNxjOdYOUm-SzCHkrBs_QtPOh4gKdur-NtnkNbBapUSsdSxGVyXHTs2x6yloExYGMnZ9fO1p-oKKBbzbgvfllJlGdIWRE5gmhTp7mBrpEsqzGx-1W6YqTIo5nPSn3HtfT7fzVHezQ7Uwm6qnpKHg27CDZ0sK6_4f6JiLkn2DFETGvfPQjDYvmxQ4KyPfxHRJBaAdI%26adurl%3D&documentReferer=https%3A%2F%2F83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.hawtcelebs.com&random=2752114816211&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 57a29fc9eeea48568bb18d830d9a24b447cee2a97e8b4c36081a0e6b94acd64c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/

Response headers

Date: Mon, 22 Nov 2021 12:56:25 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 22 Nov 2021 12:56:25 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1499
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 62B4 1 KB
749 B 6ms
6ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com
URL: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Nov 2021 05:53:44 GMT
expires: Tue, 23 Nov 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 25361
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 94A3 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 272bbab8078bc84bca9190aaaf9058674297b4a85af04a25d8d5236310390a51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK S-980x90.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 1BC4 24 KB
25 KB 80ms
24ms Image
image/gif 85.114.131.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-980x90.gif
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=27625900089095001084714011786015&a=c113f24d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21037.dus4.fastwebserver.de
Software: nginx /
Resource Hash: e5741effcd117827c8468c0ca8b4312d3331925be9803bbcfa2cc6e7c3584908

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 12:56:25 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-61a4"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 24996

GET
H/1.1 200
OK viewability Show response
hal900015.redintelligence.net/ Frame 1BC4 0
150 B 36ms
14ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/viewability?s=27625900089095001084714011786015&a=87da4265&vb=m
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=27625900089095001084714011786015&a=c113f24d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/request_content.php?s=27625900089095001084714011786015&a=c113f24d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 12:56:25 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 1BC4 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62B4
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECZWYzJFHtvhUyTqABvIo2U&google_cver=1&google_push=AYg5qPJxXd8HdZnD5-gR8-07j3_1G55NdIlyH3nvgFV12wOpt84GMJqDTV0mMVcH5m2p616T9fnlXor1_oQ50FXKDGSVspeLNQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C1321A95A3E04867B9F37507EB889175&google_push=AYg5qPJxXd8HdZnD5-gR8-07j3_1G55NdIlyH3nvgFV12wOpt84GMJqDTV0mMVcH5m2p616T9fnlXor1_oQ50FX...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C1321A95A3E04867B9F37507EB889175&google_push=AYg5qPJxXd8HdZnD5-gR8-07j3_1G55NdIlyH3nvgFV12wOpt84GMJqDTV0mMVcH5m2p616T9fnlXor1_oQ50FXKDGSVspeLNQ

Requested by

Host: 83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com
URL: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Nov 2021 12:56:25 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C1321A95A3E04867B9F37507EB889175&google_push=AYg5qPJxXd8HdZnD5-gR8-07j3_1G55NdIlyH3nvgFV12wOpt84GMJqDTV0mMVcH5m2p616T9fnlXor1_oQ50FXKDGSVspeLNQ
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 21 Nov 2021 12:56:25 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62B4
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEN10B8DDIJs_LxKUevtmwTM&google_cver=1&google_push=AYg5qPJxj4UFL07EK6ahgfQIh8X7uODNObnaRnL4aOr3oczSZYKRCnKChCYRWBnkqMsvMKCKVXRHx5zcVGCy655Pz4JuJdyqGxM
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzIwQ0E0QUM0QzdENzJFQQ==

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzIwQ0E0QUM0QzdENzJFQQ==

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzIwQ0E0QUM0QzdENzJFQQ==
date: Mon, 22 Nov 2021 12:56:25 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62B4
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC3Yks169Rtdl9kLmaMZxiY&google_cver=1&google_push=AYg5qPIRKt3M9DnOj_7tNiBHgcx6eHfKs518ZLuaYjDv8RpPX7tUmfiS4FZhOjklUcfrDVOCsIMGaZAmehaC0R...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMzM3NzM5MDk4MTAxOTc5Ng%3D%3D&google_push=AYg5qPIRKt3M9DnOj_7tNiBHgcx6eHfKs518ZLuaYjDv8RpPX7tUmfiS4FZhOjklUcfrDVOCsIMGaZAmehaC0R78mM...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMzM3NzM5MDk4MTAxOTc5Ng%3D%3D&google_push=AYg5qPIRKt3M9DnOj_7tNiBHgcx6eHfKs518ZLuaYjDv8RpPX7tUmfiS4FZhOjklUcfrDVOCsIMGaZAmehaC0R78mMbmH1nKH34

Requested by

Host: 83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com
URL: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMzM3NzM5MDk4MTAxOTc5Ng%3D%3D&google_push=AYg5qPIRKt3M9DnOj_7tNiBHgcx6eHfKs518ZLuaYjDv8RpPX7tUmfiS4FZhOjklUcfrDVOCsIMGaZAmehaC0R78mMbmH1nKH34
Date: Mon, 22 Nov 2021 12:56:25 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62B4
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEM_8nfgXTCfH1I9esKt4rj4&google_cver=1&google_push=AYg5qPLukCsb83d-KtzZgrmJQKL7aT0Or3wkAv6fRXhq-5aCegNNvIW_z6Xle...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEM_8nfgXTCfH1I9esKt4rj4&google_cver=1&google_push=AYg5qPLukCsb83d-KtzZgrmJQKL7aT0Or3wkAv6fRXhq-5aCegNNvIW_z6Xle...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=AUtk3B6HUQOTiIT8s8pkhA&google_push=AYg5qPLukCsb83d-KtzZgrmJQKL7aT0Or3wkAv6fRXhq-5aCegNNvIW_z6Xle8UJ29YAg3lu9FplMQanX...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=AUtk3B6HUQOTiIT8s8pkhA&google_push=AYg5qPLukCsb83d-KtzZgrmJQKL7aT0Or3wkAv6fRXhq-5aCegNNvIW_z6Xle8UJ29YAg3lu9FplMQanXhaEajQTb23ZlfZzvbo

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 22 Nov 2021 12:56:25 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=AUtk3B6HUQOTiIT8s8pkhA&google_push=AYg5qPLukCsb83d-KtzZgrmJQKL7aT0Or3wkAv6fRXhq-5aCegNNvIW_z6Xle8UJ29YAg3lu9FplMQanXhaEajQTb23ZlfZzvbo
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 237

GET
H/1.1 403
Forbidden gg_pixel
sync.adaptv.advertising.com/ Frame 62B4 14 B
14 B 445ms
99ms Image
text/plain 3.230.12.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEA7AyetP48U_f3KIyVzt-7w&google_cver=1&google_push=AYg5qPLK575LiS6NJk121N8GtuEHLXAJc453IklCNtATfcwqrgubA8L7vJKK5JCHZCtDFaj9VbyslkVj-KLZP5WPNncq8UdUVw
Requested by: Host: 83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com
URL: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.12.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-12-180.compute-1.amazonaws.com
Software: ribs2.0 /
Resource Hash: 0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Server: ribs2.0
Connection: keep-alive
Content-Length: 14
Content-Type: text/plain

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62B4
Redirect Chain

https://google-sync.rutarget.ru/sync?google_gid=CAESED2I9rC7mt9O7cTZDNoPFz4&google_cver=1&google_push=AYg5qPI7snLx9c3Z4uNZcdCpNLS9R-RBx9SxGrt0WSMg8i7tjBBfZfud7dkXYfELndaxjNFWfrjxb7k3nEmPxHREsVKj6jx...
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=WE9uN3owTFdJcjEx&google_ula=2046794&google_push=AYg5qPI7snLx9c3Z4uNZcdCpNLS9R-RBx9SxGrt0WSMg8i7tjBBfZfud7dkXYfELndaxjNFWfrjxb7k3nE...

170 B
188 B

157ms
157ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=WE9uN3owTFdJcjEx&google_ula=2046794&google_push=AYg5qPI7snLx9c3Z4uNZcdCpNLS9R-RBx9SxGrt0WSMg8i7tjBBfZfud7dkXYfELndaxjNFWfrjxb7k3nEmPxHREsVKj6jxaYaA

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=WE9uN3owTFdJcjEx&google_ula=2046794&google_push=AYg5qPI7snLx9c3Z4uNZcdCpNLS9R-RBx9SxGrt0WSMg8i7tjBBfZfud7dkXYfELndaxjNFWfrjxb7k3nEmPxHREsVKj6jxaYaA
Date: Mon, 22 Nov 2021 12:56:25 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62B4
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKLUeywmazytI0_DfkCMGjE&google_cver=1&google_push=AYg5qPKlPoTPo2rNiNecmxtIl-yDE981P4-keOLkC-0jvi9L4b8RBXOazjqCr3BB9IA96s9OHUusyFEKHbsaGvN0...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKlPoTPo2rNiNecmxtIl-yDE981P4-keOLkC-0jvi9L4b8RBXOazjqCr3BB9IA96s9OHUusyFEKHbsaGvN0nqWC67_8HxQ

170 B
188 B

37ms
36ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKlPoTPo2rNiNecmxtIl-yDE981P4-keOLkC-0jvi9L4b8RBXOazjqCr3BB9IA96s9OHUusyFEKHbsaGvN0nqWC67_8HxQ

Requested by

Host: 83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com
URL: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Nov 2021 12:56:25 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKlPoTPo2rNiNecmxtIl-yDE981P4-keOLkC-0jvi9L4b8RBXOazjqCr3BB9IA96s9OHUusyFEKHbsaGvN0nqWC67_8HxQ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: zWkv5heALSdLX9u5Ei_eJrvGtvf4QfjVZ1pQD3BTJ3ebKzbsYcOXDg==

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 62B4 0
12 B 15ms
14ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LtNpEtaCdFEE7h_kSc32aGmRFaxDcmRwBKQQJRvqU1cM9r8C3IpFQfWaDzJI5K2DpCbC9y

Requested by

Host: 83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com
URL: https://83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 dc_pre=CPuymriCrPQCFYSEhQodTsEJsw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7760067956100.017
adservice.google.com/ddm/fls/z/ Frame 42BD 42 B
63 B 48ms
48ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPuymriCrPQCFYSEhQodTsEJsw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7760067956100.017

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPuymriCrPQCFYSEhQodTsEJsw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7760067956100.017?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/ 3 KB
2 KB 38ms
10ms Script
application/javascript 2600:9000:2156:2400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/choice.js
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 747e8f5454d77ac3ee2339c3490cb7b805d59d7fedd4cc0682ae6ed9c33b7d25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 22 Nov 2021 12:55:33 GMT
content-encoding: br
last-modified: Tue, 09 Feb 2021 19:08:19 GMT
server: AmazonS3
age: 53
etag: W/"9de17307c4f74768ad3438dca5916747"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: nYXJ0ysk6WRIPrtKQOwZc7dzQ21srvNY0uv5g6ttKKik3ak7O6UH8g==

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 187 KB
65 KB 8ms
7ms Script
application/x-javascript 184.30.21.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0ca7ac572e91f48a9f91fed11122240caad074164d0fd0c33125f8b72637fc66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:25 GMT
content-encoding: gzip
last-modified: Sun, 21 Nov 2021 09:09:23 GMT
etag: W/"2ece6-HPm/3NuZ3l1vMem8JrwVbR4ruTM"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 5674a3ccf8b79db3669aa9be56c8f227
timing-allow-origin: *, *
content-length: 66465
expires: Mon, 22 Nov 2021 16:56:25 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 35ms
9ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:47:18 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 950142074

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
403 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=od&pp=DIV&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FJDZ3VYF2N372V8J9MSRB8PJ
date: Mon, 22 Nov 2021 12:56:25 GMT
cf-cache-status: HIT
age: 2434287
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6b2251577cfa375e-MXP

GET
H2 200 rrv7.js Show response
bid.underdog.media/ 6 KB
3 KB 7ms
7ms Script
application/x-javascript 2600:9000:2156:7400:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/rrv7.js
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_11_16_13_56_35_2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7400:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4e3408a70098b006e6e4d27b7cd450869ce043168453961574546c84f240168

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:00:49 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 12:00:04 GMT
server: AmazonS3
age: 3336
etag: "6376a0808a75032704eaed6f1991d566"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 2721
x-amz-cf-id: 5zLoRp9zz1SntunbMwaWwqy01HRWo7WQxy1UEqN3ALiW6U1YwXm4Zg==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 38ms
23ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b90bd0451bf1f1a1918a6c36eb2c87f9eb88dd759f9506606d551df3dfdb084f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 12:56:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9235
x-xss-protection: 0

GET
H/1.1 200
OK d3d3Lmhhd3RjZWxlYnMuY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 94ms
52ms XHR
application/json 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3Lmhhd3RjZWxlYnMuY29t
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 12:56:25 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=37337
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: d94a60574f5c34bc81c18f837dfe6f89
Content-Length: 15
Expires: Mon, 22 Nov 2021 23:18:42 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 32ms
17ms Image
image/gif 184.30.21.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=8.29585291005115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:25 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Wed, 22 Dec 2021 12:56:25 GMT

OPTIONS
H/1.1 200
OK 61891d59935f492ab9f0aa07.enc
hb.vntsm.com/v2/live/ Frame 0
0 68ms
53ms Preflight
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v2/live/61891d59935f492ab9f0aa07.enc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: ref_url
Origin: https://www.hawtcelebs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Mon, 22 Nov 2021 12:56:25 GMT
Content-Type: application/octet-stream
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: ref_url, X-Geo,Content-Type,x-bl,x-geo-subdivision
Access-Control-Expose-Headers: ref_url, X-Geo, Content-Type,x-bl,x-geo-subdivision
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
venatus-cdn-hb-rule-version: 1.1
x-ip: 193.27.14.26
x-geo: DE
Access-Control-Allow-Origin: *
x-bl: 0
X-HW: 1637585785.cds102.fr8.hn,1637585785.cds102.fr8.hn,1637585785.cds244.fr8.sc,1637585785.cds244.fr8.p,1637585785.cds102.fr8.sl
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 61891d59935f492ab9f0aa07.enc Show response
hb.vntsm.com/v2/live/ 36 KB
7 KB 22ms
21ms XHR
text/plain 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v2/live/61891d59935f492ab9f0aa07.enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 269c2f688f9e6b642729a93cede8f3f0d21b74188e13262b6be74a48289a12ee

Request headers

Referer: https://www.hawtcelebs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
ref_url: aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20vbWFpdGxhbmQtd2FyZC1iZXZlcmx5LWhpbGxzLSUyMDA3MTMyMDE3

Response headers

Date: Mon, 22 Nov 2021 12:56:25 GMT
Content-Encoding: gzip
venatus-cdn-hb-rule-version: 1.1
Transfer-Encoding: chunked
x-ip: 193.27.14.26
Connection: keep-alive
Last-Modified: Mon, 22 Nov 2021 11:20:49 GMT
ETag: "22a295f981f90ca2289c95eb54be1730"
Access-Control-Allow-Methods: GET, OPTIONS
X-HW: 1637585785.cds102.fr8.hn,1637585785.cds102.fr8.hc,1637585785.cds132.fr8.c,1637585785.cds102.fr8.sl
Content-Type: text/plain
Access-Control-Allow-Origin: *
x-bl: 0
Cache-Control: max-age=600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Geo,Content-Type,x-bl,x-geo-subdivision
x-geo: DE
Access-Control-Expose-Headers: ref_url, X-Geo, Content-Type,x-bl,x-geo-subdivision

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 2 KB
3 KB 55ms
13ms Script
application/javascript 51.89.24.69
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017&j=
Requested by: Host: waust.at
URL: https://waust.at/c.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.69 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip69.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 12:56:25 GMT
X-T: 0.783
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: ger1
Expires: Mon, 22 Nov 2021 12:56:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-10995097-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6918
date: Mon, 22 Nov 2021 11:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 22 Nov 2021 13:01:07 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 30 B
146 B 318ms
103ms Script
text/javascript 67.202.114.212
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=a9etg89wet&t=Page%20not%20found%20%E2%80%93%20HawtCelebs&c=c&x=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017&y=&a=0&d=0.366&v=27&r=8817
Requested by: Host: waust.at
URL: https://waust.at/c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.114.212 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 203b3c3339bb307cc737565f6ed3fa4be6c7bc87001c8831da13af740898c0e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:25 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 22 Nov 2021 12:56:25 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 9ms
8ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:25 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 29 Nov 2021 12:56:25 GMT

GET
H2 200 rules-p-274pYeudnKvDs.js Show response
rules.quantcount.com/ 3 B
437 B 10ms
9ms Script
application/javascript 2600:9000:2156:ba00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-274pYeudnKvDs.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 04:05:51 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
age: 31835
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:47:21 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: p2Ck-6G-9jHVZ7gG1r2aawXEmYYKsgv_smi1cpmy7KPOLt3BV5VbYQ==

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 179 KB
47 KB 9ms
8ms Script
text/javascript 2600:9000:2156:2400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b850fd9301b5a95c9c7ead67c57622e1a06680f69bf8d2f5ce57983011da3b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:55:45 GMT
content-encoding: gzip
age: 40
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 04 Nov 2021 17:39:32 GMT
server: AmazonS3
etag: W/"0a70fce71435f53991adb4bbecc5d2cf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: dXc0MMuP1xOfrDb_L9U4VSIjHLREqKjZ3OKjWS2YOKve_SxS919RMA==

GET
H2 200 pixel;r=1324780994;source=choice;rf=3;a=p-274pYeudnKvDs;url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017;uht=2;fpan=0;fpa=P0-543045710-1637585784379;pbc=;ns=0;ce=1;q...
pixel.quantserve.com/ 35 B
210 B 12ms
11ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1324780994;source=choice;rf=3;a=p-274pYeudnKvDs;url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017;uht=2;fpan=0;fpa=P0-543045710-1637585784379;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=hawtcelebs.com;je=0;sr=1600x1200x24;dst=0;et=1637585785599;tzo=0;ogl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:25 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 298ms
96ms Script
text/html 158.69.251.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?1890596&@f16&@g1&@h1&@i1&@j1637585785603&@k0&@l1&@mPage%20not%20found%20%E2%80%93%20HawtCelebs&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:159568044&@b3:1637585786&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%2007132017&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns546644.ip-158-69-251.net
Software: /
Resource Hash: b39d327171011fb8d8fac2fcba357b994c48da91d5b0ce1f4d64a66667c3a53c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 12:56:25 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 50 KB
19 KB 40ms
11ms Script
text/javascript 143.204.98.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-38.fra50.r.cloudfront.net
Software: /
Resource Hash: c76853b9b64b3fb4b4cfbd22885e4cc2e3f14918020efb69a1df8eaeeb2a3b8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 10:15:55 GMT
content-encoding: gzip
cheq_headers_order: Content-Type Cache-Control Expires Etag Content-Length Content-Encoding Date Connection
age: 9630
etag: "c6e6-H+PLdQz0EEd97ZlT78HNXlxTPcM"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: FRA50-C1
content-length: 19276
x-amz-cf-id: xA_MpwxEP8xj3gAXHsEUQWVtMiEgwFogByoTNL1PeMeDZakUaZh80A==
expires: Mon, 22 Nov 2021 22:15:55 GMT

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 43ms
8ms XHR
application/json 2600:9000:2156:f000:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f000:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f249ae8ef5b514cb11c7e322891ff8829f7d53c23bd3ca2ce0967ffabc96c5d

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.hawtcelebs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 03:00:37 GMT
content-encoding: gzip
age: 35749
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Sat, 20 Nov 2021 19:52:29 GMT
server: AmazonS3
etag: W/"131b2403be8c65941e08e2858dbd7bd8"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: xbSWmscTIW2WuGu.C7zg3yRu8nZVdbaV
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
content-type: application/json
x-amz-cf-id: pLzW3mvlZzPUZ_1kd2ZiYJTOaGccjr6XDBcXTlm93zUsm2wwgVK_7w==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BA1B 12 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 22 Nov 2021 12:31:48 GMT
expires: Tue, 22 Nov 2022 12:31:48 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FDCA 783 B
535 B 22ms
22ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb395ef5c59aeb34b9f918f6373e074857e8d1039a856699df28e3367ecd95c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lgjf18hNCO9iu0f/tBl69Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 22 Nov 2021 12:56:25 GMT
date: Mon, 22 Nov 2021 12:56:25 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-lgjf18hNCO9iu0f/tBl69Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 31ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2051351694&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%E2%80%93%20HawtCelebs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=476954395&gjid=448692480&cid=1025101189.1637585784&tid=UA-10995097-8&_gid=177864811.1637585786&_r=1&gtm=2ouba1&z=471174463

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hawtcelebs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
318 B 26ms
7ms Script
application/javascript 51.89.24.69
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=hawtcelebs.com&_ss=326gnbr8hb&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=6ofv&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.69 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip69.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dc68a7ef89f62a53c73b017253c68aa8a1b4aeb4a0953baa651e7fc91c65bc9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 12:56:25 GMT
X-T: 0.125
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Mon, 22 Nov 2021 12:56:24 GMT

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame BA1B 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 13:20:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Nov 2022 13:20:25 GMT

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 2 KB
2 KB 348ms
127ms Script
text/javascript 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=14511217251810908172882639829880036058590056558079570280876214859561&nc=0&tsf=0&tsfmi=&pv=0&cb=1637585785809&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=3581699936&at=&bid=e30%3D&di=W1siZWYiLDczMThdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImdvb2dsZSBpbmMu%0D%0AIChnb29nbGUpXCIsXCJyXCI6XCJhbmdsZSAoZ29vZ2xlLCB2dWxrYW4gMS4yLjAgKHN3aWZ0c2hh%0D%0AZGVyIGRldmljZSAoc3ViemVybykgKDB4MDAwMGMwZGUpKSwgc3dpZnRzaGFkZXIgZHJpdmVyLTUu%0D%0AMC4wKVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMu%0D%0AMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1%0D%0AbSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6OCxcIndnbFwiOjEsXCJncmVuXCI6XCJ3%0D%0AZWJraXQgd2ViZ2xcIixcInNlZlwiOjM1Nzc1Njc1NTgsXCJzZWNcIjpcIlwifSJdLFstMSwiLSJd%0D%0ALFstMiwiOSxlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVCSEpMODZMMjNBQ0dVaEJJ%0D%0Ad0lTU0VFQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yvcjg3MHV4cUZ4Il0sWy0z%0D%0ALCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2ll%0D%0AaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYs%0D%0AIntcIndcIjpbXCIwXCIsXCJjaHJvbWVcIixcIl9fcm9ja2V0TG9hZGVyRXZlbnRDdG9yXCIsXCJf%0D%0AX3JvY2tldExvYWRlckxvYWRQcm9ncmVzc1NpbXVsYXRvclwiLFwiX19jZlFSXCIsXCJkZW1hbmRT%0D%0AdXBwbHlTY1wiLFwiZGVtYW5kU3VwcGx5Q3JcIixcImRlbWFuZFN1cHBseVNyXCIsXCJob3VzZUFk%0D%0AQ2FtcGFpZ25zXCIsXCJkZW1hbmRTdXBwbHlUaVwiLFwiZGVtYW5kU3VwcGx5QXBcIixcImRlbWFu%0D%0AZFN1cHBseVRjXCIsXCJkZW1hbmRTdXBwbHlcIixcImdvb2dsZXRhZ1wiLFwiZ2dlYWNcIixcImdv%0D%0Ab2dsZV9qc19yZXBvcnRpbmdfcXVldWVcIixcImRzcGJqc1wiLFwiX2FwcFwiLFwiZ29vZ2xlX3Ny%0D%0AdFwiLFwiZ29vZ2xlX2xvZ2dpbmdfcXVldWVcIixcInRtb2RcIixcImdvb2dsZV9hZF9tb2RpZmlj%0D%0AYXRpb25zXCIsXCJnb29nbGVfbWVhc3VyZV9qc190aW1pbmdcIixcImdvb2dsZV9yZWFjdGl2ZV9h%0D%0AZHNfZ2xvYmFsX3N0YXRlXCIsXCJfZ2ZwX2FfXCIsXCJhZHNieWdvb2dsZVwiLFwiZ29vZ2xlX3Vz%0D%0AZXJfYWdlbnRfY2xpZW50X2hpbnRcIixcImdvb2dfcHZzaWRcIixcIl9nZnBfc19cIixcImdvb2ds%0D%0AZVRva2VuXCIsXCJnb29nbGVJTVN0YXRlXCIsXCJwcm9jZXNzR29vZ2xlVG9rZW5cIixcImdvb2ds%0D%0AZV91bmlxdWVfaWRcIixcImdhR2xvYmFsXCIsXCJnb29nX3Nkcl9sXCIsXCJ1ZG1fYWRzX3F1ZXVl%0D%0AXCIsXCJ1ZG1fZWRnZV9pbml0XCIsXCJfcW9wdGlvbnNcIixcIl9xZXZlbnRzXCIsXCJxdWFudHNl%0D%0AcnZlXCIsXCJfX3FjXCIsXCJlenRcIixcInF0cmFja1wiLFwidWRtX3IzQ2h1bmtcIixcInVkbV9y%0D%0AM1wiLFwiX3BianNHbG9iYWxzXCIsXCJfX2NvcmUtanNfc2hhcmVkX19cIixcImVuZGVkSGFuZGxl%0D%0AclwiLFwidWRtX3Byb2Nlc3NfYWRzX3F1ZXVlXCIsXCJkZWxldGVfdWRtX2VkZ2VcIl0sXCJuXCI6%0D%0AW10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEs%0D%0AIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIm51bGwiXSxbLTEz%0D%0ALCItIl0sWy0xNCwie1wib1wiOjAuMDIzODA5NTIzODA5NTIzODA4fSJdLFstMTUsIi0iXSxbLTE2%0D%0ALCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0%0D%0ALDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCww%0D%0ALFwiLVwiLFwiLVwiXSJdLFstMjAsIjEwMjUxMDExODkuMTYzNzU4NTc4NCJdLFstMjEsInd6dlg5%0D%0AcE9XIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0i%0D%0AXSxbLTI2LCJ7XCJ0amhzXCI6Mjk0MDAwMDAsXCJ1amhzXCI6MjYwMDAwMDAsXCJqaHNsXCI6Mzc2%0D%0AMDAwMDAwMH0iXSxbLTI3LCJbMCw5LjYsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyJdLFst%0D%0AMjksIntcInZcIjpbMiwyLDIsMiwwLDAsMCwyLDAsMiwwLDIsMCwwLDIsMiwyLDIsMF19Il0sWy0z%0D%0AMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIyIl0sWy0zMywiLSJdLFstMzQsIi0i%0D%0AXSxbLTM1LCJbMTYzNzU4NTc4NTcyMywwXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0z%0D%0ANywiLTE0NC02Ni0xODAtIl0sWy0zOCwiYywtMSwtMSw3NywwLDEsMCwwLDQ1LDE4OCwyMCwwLDQx%0D%0AOC45LDQxOC45LDIzODEsMjM4MSJdLFstMzksIltcIjIwMDMwMTA3XCIsMCxcIkdlY2tvXCIsXCJO%0D%0AZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwwXSJdLFst%0D%0ANDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAw%0D%0AMDAxMDAxMTEwMTEwMCJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCI2MjAsNjc4LDAsMCwwLDU2MSww%0D%0ALDAsNjQ4LDAsMCwwLDAsMCwwLDAsMCwwLDAsNjg0LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0s%0D%0AWy00NiwiMCJdLFstNDcsIkV0Yy9Vbmtub3duLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAs%0D%0AMCJdLFstNDksIi0iXSxbImJuY2giLDEzOV1d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A271%2C%22y%22%3A784%2C%22w%22%3A160%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=p9BAND1vDu&sdd=%7B%7D&pto=2467
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 95990d2b9993cf1831842eff0caffcd061843cacf6faa5429d04fc3c86360242

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:26 GMT
content-encoding: gzip
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cheq_headers_order: Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length: 1494
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 189 KB
65 KB 185ms
91ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:25 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 12:17:49 GMT
etag: "6194c8bd-101bc"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 65980
expires: Mon, 22 Nov 2021 13:56:25 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 185 KB
61 KB 38ms
10ms Script
application/x-javascript 143.204.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-4.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: TIXEr4j9ZaZJgKeoVZ8ehYwv1bF6gSxj
content-encoding: gzip
etag: W/"a8f24de78b4dc3ecbbff83b08aa9e411"
age: 22520
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:73702bf1-4472-485c-9bda-886a8f21cacd
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 6bc77264d69b4716594d8b5229cafdb9
last-modified: Wed, 17 Nov 2021 08:31:53 GMT
server: AmazonS3
date: Mon, 22 Nov 2021 06:41:06 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 67c429bc2e760b9ca91a98648469be411bfcccf8bfb6ea245b28e6585b1861aa
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: uWzvu-TxUY93k1aKdiImt36Xu6zV7KUKcJ1XIeNUudVvLvHE7u3T6g==

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/36/ 224 KB
55 KB 10ms
10ms Script
text/javascript 2600:9000:2156:2400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/36/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d261bc09d55ca6390f043aa5a196a8c4d49d38bb48792e007e539a9b67a86bbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 06:40:42 GMT
content-encoding: br
age: 108943
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 04 Nov 2021 17:39:16 GMT
server: AmazonS3
etag: W/"e9e236ee73ca8337502cca2d209ee395"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: hcPbWWgBC2Q35ZS0lCZip2TsMUy2HGtez386ko1o9WkIPyJTtvDwnA==

GET
H2 200 vendor-list-trimmed-v1.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 276 KB
35 KB 29ms
10ms XHR
application/json 2600:9000:2156:2400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68d4fd4bf1d9819beaaae700ef4d02333152766530935feac3a8bc3c5c371263

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 03:00:34 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 35752
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 03:00:32 GMT
server: AmazonS3
etag: W/"ec11d4de4e3f923c5b228c7510cd35e2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 4KZjSjuszaMn9GDgsstRJKYixjJ2v4lpixw8WY-S6OoABB96OhojMg==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 154 KB
36 KB 36ms
17ms XHR
application/json 2600:9000:2156:2400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9aaa0167f4abb8eb86f2182c46287c6bddc68d7538f0bfa9e71287db2c700a60

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.hawtcelebs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 03:00:31 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 35755
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 03:00:27 GMT
server: AmazonS3
etag: W/"9ab4b5bb20a76f8a622d53bc30f59776"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: FXnwjdr6ZFp4KFnvOGJNG1yehs3sXIQYGjTzsSaw-4zGRQm1ECQJ0w==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 66ms
20ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-10995097-8&cid=1025101189.1637585784&jid=476954395&gjid=448692480&_gid=177864811.1637585786&_u=YAhAAUAAAAAAAC~&z=1129848459

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hawtcelebs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Nov 2021 12:56:25 GMT
content-type: text/plain
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FDCA 0
0 48ms
48ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=553049833568933&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1 200
OK prebid
ib.adnxs.com/ut/v3/ 57 B
0 26ms
11ms Fetch
application/json 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 12:56:25 GMT
X-Proxy-Origin: 193.27.14.26; 193.27.14.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 901196f0-1512-4c4f-883b-39c295f6ca63
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.hawtcelebs.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 57
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 80 B
515 B 39ms
8ms XHR
text/html 143.204.98.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22274pYeudnKvDs%22%2C%22domain%22%3A%22www.hawtcelebs.com%22%2C%22publisher%22%3A%22HawtCelebs%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.36%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%224rHc6iLEBI7fi7DodmBOXQ%22%2C%22clientTimestamp%22%3A1637585785921%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-z5h5bnq3b48fm23c96h0%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/36/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-17.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.hawtcelebs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 06:14:19 GMT
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
age: 24127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 80
last-modified: Tue, 26 Nov 2019 14:21:44 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
vary: Origin
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: _88kDN2m8U6zMEOWYahAjdgrPua-QHt9EsNYMVDijAGYK2MK2H12Yw==

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
595 B 37ms
7ms Fetch
application/json 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 14:32:49 GMT
via: 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront), 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
age: 80617
x-amzn-requestid: dfbcb7f7-8114-40a3-b352-9e66cd255c63
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-619a5891-2827e6a12813c4182547823a;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA50-C1
x-amz-apigw-id: JKLGvEx4DoEF4mw=
content-length: 30
x-amz-cf-id: jWG18BA0ODT2HuAevwU_81Ccd9yJY6OgoZyaeS6CTr0wVJC3k_sZoA==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 32ms
31ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10995097-8&cid=1025101189.1637585784&jid=476954395&_u=YAhAAUAAAAAAAC~&z=715530982

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 57ms
32ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10995097-8&cid=1025101189.1637585784&jid=476954395&_u=YAhAAUAAAAAAAC~&z=715530982

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9A06 0
0 47ms
46ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuKcHeJObYeyXHNCVrASZ-4u4Coegv7Zm3s24nOwOzN6bz7wqEAEglZvKIWCV2qKCsAegAfTFzfwDyAECqQJt4xV1CeayPuACAKgDAaoEowJP0NavhDaEYA2CL52H7dTQ0kPOWOSXp7mbPYhBj_Wf6RYQuR9IRYE9GjZrVhD-JvkjrA19FRQihws4PxvitGFoi_UgYBmkvmiuAcSlATmNJlVjSskIMaAkCrpa24GbcEVSWox4Q24Mjq6EkXwcKb_lR47g1eyiRhsl-h-lv1WVN_gHhf5KDtYyOiQ4inBwhu0Sxh_w6kaWZTeEixzNFA2otyVIimOnnRyaPpzEnDh68zTQRtAAw4-sEU2YBIqsdPMfMeabu0kdQ4ke-FCEbE_gs4LDKF8slYv1ZqQisfSCfuXYayRLldhPVQ59XKJAayFJPtNk-bJQqhEbSMeajHhM0Nb92IlJDjtSPoJEnXvT3bQ4l5o7aj9xI8tbXlg7d9Q6MB3ABK3npNrgA-AEAaAGAoAH9LmyA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKqVDNIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=y1Bt9hYQvVU&vt=1&uach_m=[]
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9A06 42 B
64 B 54ms
54ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxNIuc-_fr8NOw21GMYXQ6DZmpu4CFTxM2xOBLuqrJyT3t6cLQHUOCslWd-sE-0txhmi564fv8-gPnSNWmQkMt4YHH_tK0qGeIKSYp1TXtL2ZpQOOVdACZxy0JFA9VFs39NJit0N9KpEXv&sai=AMfl-YS29kq05QXeEvBFeo6cWQyJ1I7EDfpxjcE726n3mrbST_mxORPWlpE6qrQdUvrMJgEccHgAXl2F7lgI78S2kjCtWbcIWL0aapcVt_si-JZBVvnO-YfvSKLknklIKvI&sig=Cg0ArKJSzCk8xIDrb3daEAE&id=ampim&o=272,164&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1061&mtos=0,0,1061,1061,1061&tos=0,0,1061,0,0&tfs=47&tls=1108&g=100&h=100&tt=1109&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2129913826

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 108ms
34ms Script
application/javascript 104.18.29.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:45 GMT
server: cloudflare
age: 99922
etag: W/"61295205-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6b22515b0827188f-MAN
expires: Thu, 25 Nov 2021 12:56:26 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9465.k5m8GSPcwWeNTSwRAVoS-gfa2eYRh-qm-c0mxqO7I1MdUvwjKAWJPTjeEpLOO-dl.b06VoeMZe9nxmI8-Uzn_IqDPqtE%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9465.YqqPLPLBg01nAJ21stk_GhS6_EYAN0nTs8DXadj2fMdsRLFxxv3HZvFiwmlvStV3fa8cwxLAbA3h6KSCd_4EAw%2C%2C.SU4rTeSPHbS5oa50OImX5hsXNUw%2C

75 B
75 B

45ms
45ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9465.YqqPLPLBg01nAJ21stk_GhS6_EYAN0nTs8DXadj2fMdsRLFxxv3HZvFiwmlvStV3fa8cwxLAbA3h6KSCd_4EAw%2C%2C.SU4rTeSPHbS5oa50OImX5hsXNUw%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9465.YqqPLPLBg01nAJ21stk_GhS6_EYAN0nTs8DXadj2fMdsRLFxxv3HZvFiwmlvStV3fa8cwxLAbA3h6KSCd_4EAw%2C%2C.SU4rTeSPHbS5oa50OImX5hsXNUw%2C
date: Mon, 22 Nov 2021 12:56:26 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 45ms
45ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif?t=ti(4)

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
last-modified: Wed, 17 Nov 2021 12:17:49 GMT
etag: "6194c8bd-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 13:56:26 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 324ms
105ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1637585786111&dn=TC&iso=0&t=Page%20not%20found%20%E2%80%93%20HawtCelebs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 45ms
44ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=553049833568933&bg=!lJell9PNAAZQLpa_UC47ACkAdvg8Wl-DcrfVvutDWg--pqyPGrQBEe6IIZwVXkQGvugpaBXXcGMWGAIAAADOUgAAAAtoAQcKAIY_NCBkcudcXCcaQv1WOSgmioKBoYw-wSsyIW8ucJ2HFkdM3xYkwIYIm4N6x3lNnoiS1pcRy_VQw_AUmaILC-Wb4qgr2O4WeFuoeY70AyzNbo9BXbMVBbE3UEQHD_01fmHunzz9QUGwxdBLkYes-P5zHORbnRViLyPXK-f097E-dJ1wlVgf_ZkCg7ekhnDmAeK4UrAM9PEiTBitcnoD-ZcHzoFdnHT4HdsmpX0WjrdC5oNqQhiMofh9T75YpMP2ciXcmeLymWECttGMATkcbdGolnJqPjVfP_Eq5YK0V6z8OAsR80HCLNnWz31nh_PsFKHY13HCdHQE97Ye2wFi5RL1G4a_ZxOOXudu9gJnJdFSQNWQCfyQStLpnkzDo5EhW5WGS1KARUXVxyUaygr6kCHM0CooOgWRGkbbpGtfCOgyFTk8KRxAvnvALfoTNr9nD5_dSbvi1ZCvNnkatyyQpu_cs_kCaCnTupvMieTkVuHQIlCOohXcbA-eSmvuETvRvRvNBkoBMDFUzE5KIqsBkvRVX5iO6tHp0HvxF17PweuAXooDX0iX9bknvGAbfiy2_8Hc4BjiuFguMCImUsDBOB4s-QUPUmqDOATUh0M3GFYQS1ZdEnBy_LGwgJ9R785L79OxQSR_OeYbmml-Sc9-KZIvG4GXciHHqk_d3UC5iKi4qvtdf-79anwBcM3SUoSOmyeTMc6ISYcjwtzgw0T32a3_9U72x9d2ANS8zsNvqS-99yicWi7psQr1a4wsfl1USiguNAHY3IsSVWAyyU_0VBNcLyrSbaDSZFSQacEEL6IlCBB44t_ZrQplRHdLYVUpvaiRhiVc6tG40q4yLGqMRfccHu2OH824HUW_TFV9p306m5hLYp3NIJ6ihRvkdfZ0PX3P-1ZKX9d7VWdaJgs6DsrMT54zY1NIZwGyBKwL4bTpW6h5PSXBHGdb4RrDcTkz5MXM2Vh8Dvkf7hELlbskRsTFKxLaaaOdHm1udJE1coB492rSMJNJXIfK-yDEIisacR3m_rijMXhUR0RSuvw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 374ms
86ms XHR
application/json 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1637585786119&sessionId=953429af-3329-e520-ad30-8ee462d22199&url=www.hawtcelebs.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 12:56:26 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 261a3c5d36fe217b42964d2415ce6f18
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 9 KB
3 KB 146ms
117ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=undefined&idx=0&rand=22899&key=NANOWDGT01&widgetJSId=SB_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=953429af-3329-e520-ad30-8ee462d22199&fdu=www.hawtcelebs.com&px=271&py=1016&vpd=0&cw=160&activeTab=true&settings=true&recs=true&version=2000518&sig=wzvX9pOW&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=1&ccpa=1---&ccpaStat=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f4c75af2a40445893d8f2a46be73503f248fcea1197a884a5c9f4035d39570cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.43
x-cache-hits: 0, 0
x-traceid: fea18b8b900c56bb6bdff2f3b124d7df
content-encoding: gzip
content-length: 2765
x-served-by: cache-lga21943-LGA, cache-fra19148-FRA
x-timer: S1637585786.182807,VS0,VE111
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 334ms
84ms XHR
application/json 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1637585786174&sessionId=953429af-3329-e520-ad30-8ee462d22199&url=www.hawtcelebs.com&cheqSource=1&cheqEvent=2&responseTime=555
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 12:56:26 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 619f8b3e7730f1f5a6a031ccd86b0ef8
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
135 B 104ms
103ms Image
image/gif 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e001369e9c23def40829b9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d65337fd78afe6d4e3474fbe498dbd39e821da61c45085052aae2d05f91e44042e9e5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c02a0616e96569ae940a60ebc89825d957bd1fad811bc551c8c96dd82a77c3d835d277c483eca288e7e11879a729beeef27a5135efd560c5e010b3111700d75e0886d1c38681eb923bce6a88deefdc7fe9787c6fd22e2fcfc291482185bd70af57e4c11d9171f8271819039e35ff439cd0be71f8df78d209f2c3d6d87298584363fa5e051f7f44718aa360bf53dacf8b22ea8b66ed9663da85fdf96d81aba8556d7086f811038be55b0f51a5bcb067a32886f808baf224b360b273c002974b89ba36c60635a6f2806c543e7c002a024014a8e7906fd70aab464f4035e5b24fde84050afebcc3a7bf6ac2f1f9fa86fac2ed591c2ef155f2c34b7291117711d67f4f343de471ab6a0b81be8325df22a47acef56894e65a8b714b6365576001df80f6d13c36&cb=1637585786174&cri=p9BAND1vDu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:26 GMT
cache-control: no-cache, no-store, must-revalidate
cheq_headers_order: Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type: image/gif
content-length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 23B9 42 B
64 B 53ms
53ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszKOLg9VJ8w0tLqoMnP2q-gijPwjGGTfAjdUz6l-u9-hLmXDOAkp21dDWHiySJL34TUl-CRiD6iYRV9gtdNuofG0xK7FOSP6cDRl8Xmh0ieacOI2fe_NgTUeivA5rCNnuabqtXWqJRk_1t&sai=AMfl-YRNGdUyqXyS9bzyyYFE3cEd3QIo4rXRttRnnhggeDYCUtO2hWyqfIMWad8U17D7-0JbHmsMYL7MhiJkrNKaXE-MnCjW2QormCLFiu1ZOlY05A1ZSBaXcIQkuvV1&sig=Cg0ArKJSzE8gqIxWfNnHEAE&cid=CAASF-RoUd9Zfyp6FC40gY6exhvmuwgMYKxr&id=ampim&o=1029,524&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1004&mtos=0,0,1004,1004,1004&tos=0,0,1004,0,0&tfs=124&tls=1128&g=74.00000095367432&h=100&tt=1128&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2276988214

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2CDE 0
0 47ms
46ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDukVeJObYdeFIZW63wOFl7-wBoegv7Zmnpvg74EPzN6bz7wqEAEglZvKIWCV2qKCsAegAfTFzfwDyAEBqQJt4xV1CeayPuACAKgDAaoEoQJP0Jew-kEEr8eDiHhaBds97Cx4vsPzRAdzTpb08fRWZ7jqkzR0nkoxUsUmAtPAQSpVqq0sfgzJT_DB6H5ALaXkWLZ5kLEML9wshB3wTN7YZVZv8rFl7U4T5dbgVxEiPM07zRj7PvffjFUxl0BX8jcuGlYGGeNZDtit3AUw4-eXba8BTAJOY6d9bpZeIVxMiaQvGcAlt9Yrr93rAVvySHEo9kBTuoDiTmoAgQ2-w5JdUYO0I6PbjqFGfte1YKEDWxA-79qj3k0PdX_93Eys4xFMR0anBCwdqtO_gvWZ4hBYDxGNLTkNBCHm9AI_nwpPveWJA-fowQj7AqdVVoXT72W9lBauXuNnYORXOFrOhRhkOiCqWPQRnGG8NuWzU1PKKnu5wASt56Ta4APgBAGAB_S5sgOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCO5gvSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTk5Mzg1NjU4MjIwMzQ2ODCACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=LhYvfRDyx4Q&vt=1&uach_m=[]
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2CDE 42 B
64 B 50ms
50ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumO4mUBvmsrB0DO40SL3pIEmG8g4HbI7nsa9b17dy_KYWawEsWePAFPo7vmbo3I0vgeoYKPv8k_fwio5iCaNr_PhTwJ4bFlp4FYYhaLplZ2jgtMDofzmDYQga1I3DtVjRqACvHSRF8UqlS&sai=AMfl-YRJ6HvzEObASWw9wTooQpFDUZBzVmPA4dvyn9PX-ymM5d1Q1zsVsIV_4E8gJuFkk2Avr0Qt4LZbiK4NbKkETAmScB27Nc4yaetPQnc0YSewgFCPhaW89L_UfsWk&sig=Cg0ArKJSzG2wWpj2hNn-EAE&cid=CAASF-RoSnwbNG1O7_ny-FROQxuZoCedXlxq&id=ampim&o=1029,144&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=91&tls=1093&g=100&h=100&tt=1093&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2208769285

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/86335730/
Redirect Chain

https://mc.yandex.com/watch/86335730?wmode=7&page-url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22ye...
https://mc.yandex.com/watch/86335730/1?wmode=7&page-url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22...

331 B
413 B

46ms
46ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/86335730/1?wmode=7&page-url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A419%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A655695352709%3Ahid%3A698371612%3Az%3A0%3Ai%3A20211122125626%3Aet%3A1637585786%3Ac%3A1%3Arn%3A284610242%3Arqn%3A1%3Au%3A16375857863684979%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637585783344%3Ads%3A0%2C45%2C185%2C3%2C77%2C0%2C%2C20%2C0%2C2140%2C2140%2C0%2C366%3Adsn%3A0%2C45%2C186%2C2%2C78%2C0%2C%2C20%2C0%2C2140%2C2140%2C1%2C366%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637585786%3At%3APage%20not%20found%20%E2%80%93%20HawtCelebs&t=gdpr%2814%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

4c01ff59099b18fe859df78b70dfa6d2ffb5ce007157416fe2f560ff21ec4f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:26 GMT
x-content-type-options: nosniff
last-modified: Mon, 22-Nov-2021 12:56:26 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Mon, 22-Nov-2021 12:56:26 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 12:56:26 GMT
last-modified: Mon, 22-Nov-2021 12:56:26 GMT
location: /watch/86335730/1?wmode=7&page-url=https%3A%2F%2Fwww.hawtcelebs.com%2Fmaitland-ward-beverly-hills-%252007132017&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A419%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A655695352709%3Ahid%3A698371612%3Az%3A0%3Ai%3A20211122125626%3Aet%3A1637585786%3Ac%3A1%3Arn%3A284610242%3Arqn%3A1%3Au%3A16375857863684979%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637585783344%3Ads%3A0%2C45%2C185%2C3%2C77%2C0%2C%2C20%2C0%2C2140%2C2140%2C0%2C366%3Adsn%3A0%2C45%2C186%2C2%2C78%2C0%2C%2C20%2C0%2C2140%2C2140%2C1%2C366%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637585786%3At%3APage%20not%20found%20%E2%80%93%20HawtCelebs&t=gdpr%2814%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 22-Nov-2021 12:56:26 GMT

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 13 KB
14 KB 10ms
9ms Image
image/svg+xml 184.30.21.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
last-modified: Mon, 01 Nov 2021 09:41:05 GMT
server: AkamaiNetStorage
etag: "af7be0711fb1cf2f41bb793256c8f148:1635759801.296949"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13687
expires: Wed, 22 Dec 2021 12:56:26 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 11ms
11ms Image
image/svg+xml 184.30.21.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
last-modified: Wed, 27 Oct 2021 07:56:12 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1635321845.447882"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Wed, 22 Dec 2021 12:56:26 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 347ms
89ms Fetch
text/plain 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=09d3c226493791f5be211cca82bce089_34839_1637585786249&tm=785&eT=0&widgetWidth=160&widgetHeight=25&widgetX=272&widgetY=1016&wRV=2000518&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&cheq=2&rtt=149&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Nov 2021 12:56:26 GMT
content-encoding: gzip
X-TraceId: fdd3646a3b0e4e2fdab5c85e56cad501
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000518/module/ 55 KB
19 KB 19ms
19ms Script
application/x-javascript 184.30.21.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000518/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d878953f30ad909bd8ae4e8a60cf5cd7ed7c5081d585dc5a7f802692863138e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
content-encoding: gzip
last-modified: Sun, 21 Nov 2021 09:08:29 GMT
server: AkamaiNetStorage
etag: "6604c612fbd2540024636bc5940c945c:1637487002.958515"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 18856

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 262ms
86ms Fetch
application/json 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=09d3c226493791f5be211cca82bce089&pvId=09d3c226493791f5be211cca82bce089&sid=6155583&pid=34839&idx=0&wId=102&pad=0&org=0&tm=799&eT=3&cnsnt=no_consent&wRV=2000518&pVis=0&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 12:56:26 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 7794a792ee24ab3b9b39855fa79f98fd
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 24 KB
9 KB 355ms
348ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=undefined&settings=true&recs=true&widgetJSId=SB_1&key=NANOWDGT01&version=2000518&apv=false&sig=wzvX9pOW&format=html&rand=55975&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=1&ccpa=1---&ccpaStat=1&scrW=1600&scrH=1200&t=MDlkM2MyMjY0OTM3OTFmNWJlMjExY2NhODJiY2UwODk=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=11523-77045&layeredTestInfo=11523-77045-&clss=XBDlCa6oZB63trU0F0qhQ%2FuChRERnISYht4zLlauY59aV%2F63OFpY%2FAeUsL3mvT9rdL3WeOB5rfkoZFVS&dpr=1&cw=160&activeTab=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000518/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4a7078627a17d369b525271d84b173c6b3b827675d434165e83230866db906e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.23
x-cache-hits: 0, 0
x-traceid: 6984d21310f5957db3a261eae44cfe7f
content-encoding: gzip
content-length: 8846
x-served-by: cache-lga21923-LGA, cache-fra19148-FRA
x-timer: S1637585786.349303,VS0,VE342
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 322ms
105ms Script
application/javascript 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!a9etg89wet&dn=TC&cc=1&r=&us_privacy=1---
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Tue, 23 Nov 2021 12:56:26 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 108ms
108ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1637585786111&dn=TC&iso=0&t=Page%20not%20found%20%E2%80%93%20HawtCelebs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 1 B
470 B 145ms
144ms Script
application/x-javascript 68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;gdprApplies=true;consentGiven=false;consentData=
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_11_16_13_56_35_2021.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 12:56:26 GMT
Connection: Keep-Alive
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length: 1
Content-Type: application/x-javascript

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 105ms
105ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1637585786111&dn=TC&iso=0&t=Page%20not%20found%20%E2%80%93%20HawtCelebs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 105ms
105ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1637585786111&dn=TC&iso=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000518/module/ 503 B
787 B 7ms
7ms Script
application/x-javascript 184.30.21.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000518/module/singleAnimationOnFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3de7ab1dcc4e04dd59c5e377b672e06275dfabc3e27ff950512a26c52da8cb9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
last-modified: Sun, 21 Nov 2021 09:08:29 GMT
server: AkamaiNetStorage
etag: "ae553cf91279d80f1aabeb64faf8377d:1637486997.986153"
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 503

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 89ms
88ms Fetch
text/plain 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=0d5807d69fffdf275e19ef0d216987c7_34839_1637585786638&tm=1184&eT=0&widgetWidth=160&widgetHeight=498&widgetX=272&widgetY=1041&wRV=2000518&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=358&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Nov 2021 12:56:26 GMT
content-encoding: gzip
X-TraceId: da23edb49049f45c5d6400f0aaf4763e
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6IjUzMjZlNWNjYzQ1YTNkMzcxYjRlYWM0ZjdjMzdiZGFiZjM0NjFiZWQwN2Q2NTFiN2I3MDQ1ZDliOWJjODlhNGQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 38 KB
38 KB 34ms
10ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjUzMjZlNWNjYzQ1YTNkMzcxYjRlYWM0ZjdjMzdiZGFiZjM0NjFiZWQwN2Q2NTFiN2I3MDQ1ZDliOWJjODlhNGQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 486e84a69a6be0f3ab7c26f5d958add93fb70a912f228aeb4d475d7551d6c879

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
cache-control: max-age=1777183
last-modified: Wed, 07 Apr 2021 17:10:23 GMT
x-traceid: 7a2f6b16a7f849dfb9478140162210e1
timing-allow-origin: *
content-length: 38506
content-type: image/webp

GET
H2 200 eyJpdSI6ImU2NmM0OTI2MDk1MTY5OTA2NTI4MzM0NWMyMGQ0OTBhMWJjYTQxMWExMTBkY2E1YjFkYTdlMDUyNzQ1YmY1Y2YiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 23 KB
23 KB 34ms
10ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImU2NmM0OTI2MDk1MTY5OTA2NTI4MzM0NWMyMGQ0OTBhMWJjYTQxMWExMTBkY2E1YjFkYTdlMDUyNzQ1YmY1Y2YiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c662780e4110536c8efbb1319656e60244c3fc4249e710ff646f0458905095fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
cache-control: max-age=2460046
last-modified: Mon, 22 Nov 2021 11:24:28 GMT
x-traceid: 9da8c477ac8cbabd6e9726611f50ba29
timing-allow-origin: *
content-length: 23166
content-type: image/webp

GET
H2 200 eyJpdSI6IjQ3ZTU4MDRiMzdmYmVlYjYzMzljNzgzZjdkMjU0NGI5YjJiOWUxNWY4ODhjMzJlMzViZDBmOWVkMjQ3YTNlMzEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 26 KB
26 KB 32ms
8ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQ3ZTU4MDRiMzdmYmVlYjYzMzljNzgzZjdkMjU0NGI5YjJiOWUxNWY4ODhjMzJlMzViZDBmOWVkMjQ3YTNlMzEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 34d3653251a51f43a7d0ec271cfa340ff19d297fdb5485f1e2730d3e9ec7fac0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
cache-control: max-age=1586717
last-modified: Mon, 13 Sep 2021 04:50:25 GMT
x-traceid: f7d72293c0c5691bdf8c06002c634dc5
timing-allow-origin: *
content-length: 26356
content-type: image/webp

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 86ms
86ms Fetch
application/json 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=0d5807d69fffdf275e19ef0d216987c7&pvId=09d3c226493791f5be211cca82bce089&sid=6155583&pid=34839&idx=2&wId=1987&pad=3&org=0&tm=1192&eT=3&cnsnt=no_consent&wRV=2000518&pVis=1&lsd=-1&eIdx=1&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 12:56:26 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: f15908ce6a8e8f4938eda2611f899778
Content-Length: 4
Expires: 0

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 105ms
105ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1637585786111&dn=TC&iso=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 105ms
105ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1637585786111&dn=TC&iso=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:26 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 109ms
109ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1637585786111&dn=TC&iso=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:56:27 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

POST
H/1.1 200
OK log-viewability
log.outbrainimg.com/api/loggerBatch/ 4 B
325 B 374ms
94ms Ping
application/json 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.hawtcelebs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 12:56:29 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: f4ebe4182cf0ca7eb8aca657e70d3586
Content-Length: 4
Expires: 0

GET
H2 200 script.js Show response
d1oykxszdrgjgl.cloudfront.net/ 110 KB
38 KB 54ms
10ms Script
application/javascript 2600:9000:2156:6400:0:1651:6140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:0:1651:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f864a1e0b446f232ef60b8df80cb7a361bc4d03b37d6cd7ede2d3ba4a3ce7848

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:46:50 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 16:47:04 GMT
server: AmazonS3
age: 580
etag: W/"b3ab0e739c645f8900a9e51ee966058d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: QYfZ1jxpLDcE8dflarkeVCRqYEp-EegYmXMvWcBB0fLyiStTxfE4Fg==

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 116ms
94ms Preflight
text/plain 34.95.69.49

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 -, , ASN (),
Reverse DNS
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.hawtcelebs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.17.4
date: Mon, 22 Nov 2021 12:56:30 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 1a Show response
i.clean.gg/ 0
15 B 100ms
92ms XHR
application/octet-stream 34.95.69.49

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 -, , ASN (),
Reverse DNS
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hawtcelebs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Nov 2021 12:56:30 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.demand.supply/	1970-01-20 16:24:17	Name: demandSupplyTi Value: 8c9fb8fb-df96-4983-bc46-d8c3f11a713b
.udmserve.net/	1970-01-20 07:38:41	Name: dt Value: 0E1671D1-8031-305B-B093-D1BAB5118F74
.adnxs.com/	1970-01-20 01:02:41	Name: uuid2 Value: 3261607854599123216
.admixer.net/	1970-01-20 16:24:17	Name: am-uid Value: deacbd6cf19b4c55abc7493d7e363d64
.pubmatic.com/	1970-01-19 22:54:32	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 01:02:41	Name: SyncRTB3 Value: 1638748800%3A220
.pubmatic.com/	1970-01-20 01:02:41	Name: KADUSERCOOKIE Value: 08A664A5-B9EF-4381-943D-3DC79717B614
www.hawtcelebs.com/	1970-01-19 23:36:17	Name: udmsrc Value: %7B%7D
.quantserve.com/	1970-01-20 08:23:20	Name: mc Value: 619b9378-61017-838c9-ceffc
.hawtcelebs.com/	1970-01-20 08:17:34	Name: __qca Value: P0-543045710-1637585784379
.udmserve.net/	1970-01-20 01:02:41	Name: admix Value: deacbd6cf19b4c55abc7493d7e363d64
.technoratimedia.com/	1970-01-21 18:41:05	Name: tads_uid Value: GDPR
.admanmedia.com/	1970-01-20 07:38:41	Name: admtr Value: aa38c7bcc4717a60db9c616d5b34b1d36f7ecdaf
.pubmatic.com/	1970-01-20 01:02:41	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 22:54:32	Name: pi Value: 156505:3
.pubmatic.com/	1970-01-20 01:02:41	Name: chkChromeAb67Sec Value: 2
.udmserve.net/	1970-01-20 01:02:41	Name: apnid Value: 3261607854599123216
.doubleclick.net/	1970-01-20 08:14:41	Name: IDE Value: AHWqTUkm1YdPLY6DYwTXv_NxqsxlArtKfY5q1c3paQTYv-b-_5p1Xf-6xO-jc2T_xtc
.hawtcelebs.com/	1970-01-20 08:14:41	Name: __gads Value: ID=cc52b1ba5c745fdd:T=1637585784:S=ALNI_MZoEcUEbT0-IQQSouhKrpP8C4kRCQ
.udmserve.net/	1970-01-20 01:02:41	Name: pmid Value: 08A664A5-B9EF-4381-943D-3DC79717B614
.doubleclick.net/	1970-01-19 22:53:09	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 07:38:41	Name: CMID Value: YZuTeW-jjcaUJ19h34OjUwAA
.casalemedia.com/	1970-01-20 01:02:41	Name: CMPS Value: 3230
.adnxs.com/	1970-01-20 01:02:41	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In:r')T/!]tbPl1M>e)ZlrFUfJ+tGXxo3[SKkDXX@jz>snQXU=m`$_#M'EYZT5jrx@Z6bpRzqF1`b`iI>fHJ
.casalemedia.com/	1970-01-20 01:02:41	Name: CMPRO Value: 1199
.casalemedia.com/	1970-01-19 22:54:32	Name: CMST Value: YZuTeWGbk3kA
.casalemedia.com/	1970-01-20 07:38:41	Name: CMRUM3 Value: 2d619b93792760CAESEDocjWNXODi5UDzUIyCCuWA
.redintelligence.net/	1970-01-20 01:02:41	Name: 8lcfmzhxc8d6_uid Value: 18d627691409f9ed
.adfarm1.adition.com/	1970-01-20 01:02:41	Name: UserID1 Value: 7033377390981019796
.m6r.eu/	1970-01-19 22:53:09	Name: test Value: true
.simpli.fi/	1970-01-20 07:40:08	Name: suid Value: C1321A95A3E04867B9F37507EB889175
.m6r.eu/	1970-01-20 01:02:41	Name: cct Value: 1637585785490
.m6r.eu/	1970-01-20 01:02:41	Name: id Value: 014b64dc1e875103938884fcb3ca6484
www.hawtcelebs.com/	1970-01-20 07:38:41	Name: HstCfa1890596 Value: 1637585785603
www.hawtcelebs.com/	1970-01-20 07:38:41	Name: HstCla1890596 Value: 1637585785603
www.hawtcelebs.com/	1970-01-20 07:38:41	Name: HstCmu1890596 Value: 1637585785603
www.hawtcelebs.com/	1970-01-20 07:38:41	Name: HstPn1890596 Value: 1
www.hawtcelebs.com/	1970-01-20 07:38:41	Name: HstPt1890596 Value: 1
www.hawtcelebs.com/	1970-01-20 07:38:41	Name: HstCnv1890596 Value: 1
www.hawtcelebs.com/	1970-01-20 07:38:41	Name: HstCns1890596 Value: 1
.dtscout.com/	1970-01-19 22:53:10	Name: m Value: 1
.dtscout.com/	1970-01-19 22:53:20	Name: oa Value: 1
.dtscout.com/	1970-01-20 01:17:05	Name: df Value: 1637585785
.hawtcelebs.com/	1970-01-20 16:24:17	Name: _ga Value: GA1.2.1025101189.1637585784
.hawtcelebs.com/	1970-01-19 22:54:32	Name: _gid Value: GA1.2.177864811.1637585786
.hawtcelebs.com/	1970-01-19 22:53:05	Name: _gat_gtag_UA_10995097_8 Value: 1
fksnk.com/	1970-01-19 23:03:10	Name: AWSALBCORS Value: gXygLxtwBxDvZB3Y3Dvm/UVf+CH3lUwr1bBE2RctfAouKxQl98o4a+jvjoRRwtkcdO6V+WREQ1Nb+p7PEaFTb8+EU+RKtw9EjY4fZ0OQrVxKdemMdRTwbsuRgQJV
.fksnk.com/	1970-01-20 01:02:41	Name: f_001 Value: C20CA4AC4C7D72EA
.fksnk.com/	1970-01-19 22:54:32	Name: g_001 Value: 1
.rutarget.ru/	1970-01-20 03:12:17	Name: userId Value: XOn7z0LWIr11
www.hawtcelebs.com/	1970-01-19 22:54:32	Name: _lr_geo_location Value: DE
.hawtcelebs.com/	1970-01-20 07:38:41	Name: _ym_uid Value: 16375857863684979
.hawtcelebs.com/	1970-01-20 07:38:41	Name: _ym_d Value: 1637585786
.mc.yandex.com/	1970-01-19 22:53:06	Name: sync_cookie_csrf Value: 724281636fake
.hawtcelebs.com/	1970-01-19 22:54:17	Name: _ym_isad Value: 2
obs.cheqzone.com/	1970-01-20 06:56:56	Name: cg_uuid Value: 86eefe944f94bdd77af4a02ed588050a
.mc.yandex.ru/	1970-01-19 22:53:06	Name: sync_cookie_csrf Value: 3673778245fake
.yandex.com/	1970-01-20 07:38:41	Name: yandexuid Value: 5748272751637585786
.yandex.com/	1970-01-20 07:38:41	Name: yuidss Value: 5748272751637585786
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1342025621637585786
.yandex.com/	1970-01-23 14:29:05	Name: i Value: EJyneQuv/dLLJBEVBGtgMJiRXB91+L3lwY3roC1gy+e+q+jp4lGojAsXaN7eJvGRha7oeppUjvSjPY3N2dfiXfQ7+tk=
.yandex.com/	1970-01-20 07:38:41	Name: ymex Value: 1669121786.yrts.1637585786#1669121786.yrtsi.1637585786
.udmserve.net/	1970-01-20 07:38:41	Name: udmts Value: 1637585786.0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://partner.googleadservices.com/gampad/cookie.js?domain=www.hawtcelebs.com&callback=_gfp_s_&client=44890869%2C3968751&gpid_exp=1 Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEA7AyetP48U_f3KIyVzt-7w&google_cver=1&google_push=AYg5qPLK575LiS6NJk121N8GtuEHLXAJc453IklCNtATfcwqrgubA8L7vJKK5JCHZCtDFaj9VbyslkVj-KLZP5WPNncq8UdUVw Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9465.YqqPLPLBg01nAJ21stk_GhS6_EYAN0nTs8DXadj2fMdsRLFxxv3HZvFiwmlvStV3fa8cwxLAbA3h6KSCd_4EAw%2C%2C.SU4rTeSPHbS5oa50OImX5hsXNUw%2C Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	URL: https://www.hawtcelebs.com/maitland-ward-beverly-hills-%2007132017 Message: The resource https://live.demand.supply/p4/v14-0-0/d3d3Lmhhd3RjZWxlYnMuY29tLw== was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
83f2a5ee8706e4f8ef7a965a967991b4.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
api.demand.supply
ats.rlcdn.com
audit-tcfv2.quantcast.mgr.consensu.org
bid.underdog.media
cdn.ampproject.org
cdn.contentspread.net
cdn.tynt.com
cm.g.doubleclick.net
cs.admanmedia.com
d1oykxszdrgjgl.cloudfront.net
de.tynt.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
google-sync.rutarget.ru
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900015.redintelligence.net
hb.vntsm.com
i.clean.gg
ib.adnxs.com
ic.tynt.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
images.outbrainimg.com
inv-nets.admixer.net
live.demand.supply
log.outbrainimg.com
mc.yandex.com
mc.yandex.ru
mcdp-nydc1.outbrain.com
mv.outbrain.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
quantcast.mgr.consensu.org
rules.quantcount.com
s.ad.smaato.net
s10.histats.com
s4.histats.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync.adaptv.advertising.com
sync.technoratimedia.com
t.dtscout.com
tcheck.outbrainimg.com
test.quantcast.mgr.consensu.org
tpc.googlesyndication.com
tracking.m6r.eu
udmserve.net
um.simpli.fi
waust.at
whos.amung.us
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.hawtcelebs.com
104.18.29.199
129.159.70.95
136.243.149.243
138.201.135.164
142.250.185.194
142.250.186.98
142.250.74.198
143.204.98.17
143.204.98.38
143.204.98.4
143.204.98.65
146.0.227.109
151.101.14.132
151.139.128.11
158.69.251.190
159.122.14.34
184.30.21.80
184.30.24.241
184.30.25.193
185.64.190.80
198.47.127.18
198.47.127.20
2600:1f18:e8a:cd08:3437:aff5:50c:d298
2600:9000:2156:2400:9:46dc:4700:93a1
2600:9000:2156:6400:0:1651:6140:21
2600:9000:2156:7400:5:c4ab:c3c0:93a1
2600:9000:2156:9800:1b:5138:8a40:93a1
2600:9000:2156:ba00:6:44e3:f8c0:93a1
2600:9000:2156:f000:3:a4cd:8380:93a1
2606:4700:20::681a:507
2606:4700:3036::ac43:b893
2606:4700::6810:8516
2606:4700::6810:8616
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:801::2008
2a00:1450:4001:802::2002
2a00:1450:4001:808::2003
2a00:1450:4001:810::200a
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c0a::9d
2a02:6b8::1:119
3.230.12.180
34.95.69.49
37.252.172.45
37.252.173.27
46.105.201.240
51.89.24.69
54.89.121.91
67.202.105.32
67.202.105.34
67.202.114.212
68.71.249.118
70.42.32.63
72.251.244.140
80.64.106.148
85.114.131.233
85.114.159.93
88.214.206.142
0149d432d10370d1df76494be44f3c6e123003506f9efda701496cb36e4e31b6
03d33ff0e445ca94b108f891fe14b1a37b0892a529e9b93294d38ce63868c1f9
04b6f812be412d9dec5268790c2a0d8935c7cd3de76fc014079720285b153d78
07c2eac652ab509c7f9b6ec28d2835b43ddda445efb42213344933ae811d5775
081107d7eeb69e79efee74b771b64bda578e8fc5f5b11cd0df6d9757de32ff22
0882fe11baf5c777266a9ab3f14aa451432c7099158b2d69b3515ee5c8e66d4d
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
09856371d453de312e47036fefbe16fe858630be315139ec3abc24254ca913c0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca7ac572e91f48a9f91fed11122240caad074164d0fd0c33125f8b72637fc66
0ce5b1f55889bf23d3cfe3f0497d38eb8facf496ffa63e59f7f8848b79d72a1d
0d45ac4e51dbe7532f569df196c3699fed1452e20a9c1ab1eb505a319ade7216
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40
0f249ae8ef5b514cb11c7e322891ff8829f7d53c23bd3ca2ce0967ffabc96c5d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15f24ed2fb108bfb369cf2ad3d58dd262c51bbdb66b0f5e9e0c07b1e756b1528
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1d928a04b7eb464006b49ca87495cfc57723be2d6d4e9460abbc9336d79fb588
1ebf9646795446b469e54afd6e5242ea0f6f9dbbf0e1b001da8f79e277af0446
203b3c3339bb307cc737565f6ed3fa4be6c7bc87001c8831da13af740898c0e5
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269c2f688f9e6b642729a93cede8f3f0d21b74188e13262b6be74a48289a12ee
272bbab8078bc84bca9190aaaf9058674297b4a85af04a25d8d5236310390a51
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2be192196744c6d920eaf53a59f1b3cbf4cf297a8b992a279a44ffb8d905268c
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
34d3653251a51f43a7d0ec271cfa340ff19d297fdb5485f1e2730d3e9ec7fac0
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3b850fd9301b5a95c9c7ead67c57622e1a06680f69bf8d2f5ce57983011da3b1
3c92dc5ed84c544eb24deefdc45cfa80f6e8e1b79af6143e981356fb3f0c022d
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3de7ab1dcc4e04dd59c5e377b672e06275dfabc3e27ff950512a26c52da8cb9a
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
466000461b5773e9a90b9e510d3a07e5c65561eea6b43677b78fde287f33ccd5
47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d
4832ec1d24edd6198f1a9ca7905e43c6a1042b81f8fc00317e32c3734b169240
486e84a69a6be0f3ab7c26f5d958add93fb70a912f228aeb4d475d7551d6c879
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
49a7329c58737bc59c1ca113696cffc69d5224c72bffaa456a28cf202208ec3c
4a7078627a17d369b525271d84b173c6b3b827675d434165e83230866db906e7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b614df29623388eccceeb9957146a93d860034652314d13360915e1a38a57a5
4c01ff59099b18fe859df78b70dfa6d2ffb5ce007157416fe2f560ff21ec4f62
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5130eb2b26589edc79df541561e0c40469fdb05a7a75566a61e580e1d473254e
5133635d4553362466f6c8cabd4d5beada085eb9bc867f040f3017244ca0a7d6
532acb79d63d12ceaa81e4e954f201661789ac6303a578a43903f9e734e3a116
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341
558cdefa5e7639697b2bf0860fae00320fa6b137184786b896f59af32914eee3
57a29fc9eeea48568bb18d830d9a24b447cee2a97e8b4c36081a0e6b94acd64c
57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1
59d27cf9c69877482c94985f6d0d7c55aa68a3e52abf2c13c5f7cc7688cbd163
5c21346e0102cb0ae60afdb16611a27cc5699b4d39e6fbbd2db156d1985070de
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5d6e61cb3c4ae724badcc9c884eeade6281c998f5da1e3eef7cdcacd25219309
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
62f872bccd34d2a96223b20fb97b21b1fee29cdc127b1b1468e0098755b0ef86
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
661252df2d0e861f9cbfa9138561ac01bd0e14e1c1046126e420ab6503e84201
68d4fd4bf1d9819beaaae700ef4d02333152766530935feac3a8bc3c5c371263
747e8f5454d77ac3ee2339c3490cb7b805d59d7fedd4cc0682ae6ed9c33b7d25
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a09203164e37a342dbee354566f20fe232d1ae70d0c78013b9a086941908e83
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8c27da5de07d1b09f6150fff69aebb6508de55d29c6767170cb13f3fb2b9afa0
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
92ab75a629de5bddb8f5be900ddf3324c364720f5f52192a78de55817d7de9d7
95990d2b9993cf1831842eff0caffcd061843cacf6faa5429d04fc3c86360242
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aaa0167f4abb8eb86f2182c46287c6bddc68d7538f0bfa9e71287db2c700a60
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9f667d43bb69fdd776b27f9fd4e6aecb53297bbaaba3899e6ad1a38b69a8c6d5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a40dcd59c23d9ed6f0fbaeefeb57c78543b487ad93c49f5f74b89dd85b0ea278
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad359abf0da259594e4cfbb6f92868c0a1ed9e7806a7f35d5d0f1d1443fac49d
ad77d6c61a7c179c6c6ceaa287a2cd89a84cad7128de4551327a6f21d5ea8af0
af0d6570462dee3c3937e8694b2ee98ea78313219976105080e94680c29769ad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b39d327171011fb8d8fac2fcba357b994c48da91d5b0ce1f4d64a66667c3a53c
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b90bd0451bf1f1a1918a6c36eb2c87f9eb88dd759f9506606d551df3dfdb084f
bd79060fc23487667adfe40d39d76df55b091d5ce93be744c521b03aa2d56dd2
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bee4c3ddceefb6558b86e3d6bbe40326f6d67e1b0b535eb6949d570e7630d82d
c09ab1db0d9fbdcef20518036f8976f32adf38b37ec215106599e1af9d0875a0
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c662780e4110536c8efbb1319656e60244c3fc4249e710ff646f0458905095fc
c700ab058a6192d2ef5d42b62a7ae961c5eaaa16650208261aa0c207b4794625
c76853b9b64b3fb4b4cfbd22885e4cc2e3f14918020efb69a1df8eaeeb2a3b8e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd98f7212bcbcb4b32fda1b3f0cc8fe24598ddc269ff5b4a2be2246ad052f501
ce7047f1978917a3b97a424026182cf9eebcc488c8019f0fc85bc2acf78ecd70
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d261bc09d55ca6390f043aa5a196a8c4d49d38bb48792e007e539a9b67a86bbb
d4e3408a70098b006e6e4d27b7cd450869ce043168453961574546c84f240168
d58b8fc714ce78819cc24dfa7c938e1472f6a269a8f80c9b59b64e23355b76f1
d878953f30ad909bd8ae4e8a60cf5cd7ed7c5081d585dc5a7f802692863138e8
da01a6397c71b4499e3c842879b1312d6e4dd6b775044d3b87c82a83663fba35
dc68a7ef89f62a53c73b017253c68aa8a1b4aeb4a0953baa651e7fc91c65bc9f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5741effcd117827c8468c0ca8b4312d3331925be9803bbcfa2cc6e7c3584908
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4c75af2a40445893d8f2a46be73503f248fcea1197a884a5c9f4035d39570cf
f864a1e0b446f232ef60b8df80cb7a361bc4d03b37d6cd7ede2d3ba4a3ce7848
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
fa5d43c5b6285e57558482c60da61f12434bc7a1f18694c33a410fbd340aa78b
fb395ef5c59aeb34b9f918f6373e074857e8d1039a856699df28e3367ecd95c8

www.hawtcelebs.com Open in urlscan Pro 2606:4700:3036::ac43:b893 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

226 Requests

92 %HTTPS

40 %IPv6

48 Domains

74 Subdomains

55 IPs

10 Countries

2244 kBTransfer

6351 kBSize

63 Cookies

4 Outgoing links

Page URL History

Redirected requests

226 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hawtcelebs.com Open in urlscan Pro
2606:4700:3036::ac43:b893 Public Scan

Screenshot
Live screenshot

Full Image

226
Requests

92 %
HTTPS

40 %
IPv6

48
Domains

74
Subdomains

55
IPs

10
Countries

2244 kB
Transfer

6351 kB
Size

63
Cookies

226 HTTP transactions
6 data transactions