urlscan.io logo urlscan.io
SecurityTrails logo

celebwell.com Open in urlscan Pro
192.0.66.80  Public Scan

Go To Rescan Add Verdict Report
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Submission: On November 30 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 64 IPs in 11 countries across 42 domains to perform 180 HTTP transactions. The main IP is 192.0.66.80, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is celebwell.com. The Cisco Umbrella rank of the primary domain is 182028.
TLS certificate: Issued by R3 on October 23rd 2022. Valid for: 3 months.
This is the only time celebwell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 192.0.66.80 2635 (AUTOMATTIC)
1 13.225.85.39 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
1 54.164.3.34 14618 (AMAZON-AES)
1 54.155.18.159 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:206... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
3 172.64.151.162 13335 (CLOUDFLAR...)
1 5 13.224.195.78 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 34.120.133.55 396982 (GOOGLE-CL...)
2 35.71.131.137 16509 (AMAZON-02)
1 54.158.154.2 14618 (AMAZON-AES)
1 13.225.87.188 16509 (AMAZON-02)
1 18.194.231.91 16509 (AMAZON-02)
4 18.156.195.47 16509 (AMAZON-02)
3 37.252.171.84 29990 (ASN-APPNEX)
1 2602:803:c003... 26667 (RUBICONPR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 5 104.18.33.19 13335 (CLOUDFLAR...)
1 172.64.154.237 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
5 23.35.237.86 16625 (AKAMAI-AS)
3 85.91.45.57 27381 (CASALE-MEDIA)
6 213.227.153.223 60781 (LEASEWEB-...)
1 151.101.130.132 54113 (FASTLY)
3 64.202.112.191 22075 (AS-OUTBRAIN)
4 213.227.153.221 60781 (LEASEWEB-...)
3 146.75.118.132 54113 (FASTLY)
1 3 2a03:2880:f21... 32934 (FACEBOOK)
1 14 2a03:2880:f24... 32934 (FACEBOOK)
5 2a03:2880:f27... 32934 (FACEBOOK)
2 23.35.236.201 16625 (AKAMAI-AS)
1 151.101.65.108 54113 (FASTLY)
2 23.205.235.133 16625 (AKAMAI-AS)
2 3 3.75.15.124 16509 (AMAZON-02)
1 1 34.193.201.64 14618 (AMAZON-AES)
1 185.64.190.78 62713 (AS-PUBMATIC)
5 69.173.144.165 26667 (RUBICONPR...)
3 4 37.157.3.30 198622 (ADFORM)
2 2 185.29.132.241 30419 (MEDIAMATH...)
2 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.168 1299 (TWELVE99 ...)
3 185.64.190.80 62713 (AS-PUBMATIC)
6 6 142.250.186.34 15169 (GOOGLE)
2 198.47.127.20 62713 (AS-PUBMATIC)
1 1 141.94.171.213 16276 (OVH)
1 2 54.78.254.47 16509 (AMAZON-02)
2 3 34.91.62.186 396982 (GOOGLE-CL...)
1 2 52.46.128.147 16509 (AMAZON-02)
1 5 185.80.39.216 27381 (CASALE-MEDIA)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
2 2 135.125.160.77 16276 (OVH)
2 69.173.144.138 26667 (RUBICONPR...)
1 54.147.255.25 14618 (AMAZON-AES)
1 192.132.33.46 18568 (BIDTELLECT)
180 64
23    192.0.66.80 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
celebwell.com
1    13.225.85.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-39.fra2.r.cloudfront.net
cdn.parsely.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    54.164.3.34 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-3-34.compute-1.amazonaws.com
api.parsely.com
1    54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
p1.parsely.com
1    2606:4700:10::6816:14d1 (United States)

ASN13335 (CLOUDFLARENET, US)
www.eatthis.com
1    2600:9000:206f:7e00:d:2820:3bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
karma.mdpcdn.com
4    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2600:9000:21f3:f000:19:bcbe:a700:21 (United States)

ASN16509 (AMAZON-02, US)
d30qdagvt44524.cloudfront.net
3    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
5    13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:20eb:c400:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)
d3div1mtym39ic.cloudfront.net
1    2600:9000:21f3:3400:11:e0c9:84c0:21 (United States)

ASN16509 (AMAZON-02, US)
d9jj3mjthpub.cloudfront.net
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    54.158.154.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-154-2.compute-1.amazonaws.com
id.sv.rkdms.com
1    13.225.87.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-188.fra2.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    18.194.231.91 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-231-91.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
4    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
3    37.252.171.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
1    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
bd7f17abb391430f745a486b60e91610.safeframe.googlesyndication.com
5    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
3    85.91.45.57 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a5143.casalemedia.com
6    213.227.153.223 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
b1-eudc1.zemanta.com
1    151.101.130.132 (United States)

ASN54113 (FASTLY, US)
widgets.zemanta.com
3    64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
stas.outbrain.com
4    213.227.153.221 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce14.ams-01.nl.leaseweb.net
b1t-eudc1.zemanta.com
3    146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
zem.outbrainimg.com
3    2a03:2880:f21c:81c4:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
platform.instagram.com
graph.instagram.com
14    2a03:2880:f245:e0:face:b00c:0:4420 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.instagram.com
5    2a03:2880:f273:cd:face:b00c:0:43fe (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
scontent.cdninstagram.com
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    3.75.15.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-15-124.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    34.193.201.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-201-64.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.168 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com
d5p.de17a.com
3    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
6    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    141.94.171.213 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh
pixel.onaudience.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loada.exelator.com
3    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
2    135.125.160.77 (France)

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu
gu.dyntrk.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    54.147.255.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-255-25.compute-1.amazonaws.com
rtb.adentifi.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
Apex Domain
Subdomains		 Transfer
23 celebwell.com
celebwell.com — Cisco Umbrella Rank: 182028
414 KB
19 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248
stats.g.doubleclick.net — Cisco Umbrella Rank: 142
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
174 KB
17 instagram.com
platform.instagram.com — Cisco Umbrella Rank: 8477
www.instagram.com — Cisco Umbrella Rank: 1110
graph.instagram.com — Cisco Umbrella Rank: 215
482 KB
14 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 689
as-sec.casalemedia.com — Cisco Umbrella Rank: 2313
a5143.casalemedia.com — Cisco Umbrella Rank: 294654
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 562
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 705
dsum.casalemedia.com — Cisco Umbrella Rank: 2031
17 KB
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
bd7f17abb391430f745a486b60e91610.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 182
106 KB
11 zemanta.com
b1-eudc1.zemanta.com — Cisco Umbrella Rank: 18177
widgets.zemanta.com — Cisco Umbrella Rank: 11602
b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 12898
6 KB
11 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 622
ads.pubmatic.com — Cisco Umbrella Rank: 635
image6.pubmatic.com — Cisco Umbrella Rank: 871
simage2.pubmatic.com — Cisco Umbrella Rank: 819
image2.pubmatic.com — Cisco Umbrella Rank: 1258
image4.pubmatic.com — Cisco Umbrella Rank: 1287
simage4.pubmatic.com
26 KB
10 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 607
eus.rubiconproject.com — Cisco Umbrella Rank: 735
token.rubiconproject.com — Cisco Umbrella Rank: 732
pixel.rubiconproject.com — Cisco Umbrella Rank: 411
14 KB
8 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1441
stas.outbrain.com — Cisco Umbrella Rank: 3464
28 KB
8 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 410
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 704
s.amazon-adsystem.com — Cisco Umbrella Rank: 396
6 KB
5 cdninstagram.com
scontent.cdninstagram.com — Cisco Umbrella Rank: 663
185 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 84
region1.google-analytics.com — Cisco Umbrella Rank: 1166
40 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 865
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 219
190 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 276
acdn.adnxs.com — Cisco Umbrella Rank: 764
27 KB
4 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1464
21 KB
4 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1363
x.bidswitch.net — Cisco Umbrella Rank: 381
1 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1152
2 KB
3 outbrainimg.com
zem.outbrainimg.com — Cisco Umbrella Rank: 2810
43 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 467
29 KB
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 888
cdn.indexww.com — Cisco Umbrella Rank: 2113
15 KB
3 cloudfront.net
d30qdagvt44524.cloudfront.net
d3div1mtym39ic.cloudfront.net
d9jj3mjthpub.cloudfront.net
45 KB
3 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3771
api.parsely.com — Cisco Umbrella Rank: 15335
p1.parsely.com — Cisco Umbrella Rank: 3008
22 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1407
843 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 18479
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5967
562 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 602
1 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 121
www.google.com — Cisco Umbrella Rank: 16
2 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 454
652 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 106
125 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3342
pixel.wp.com — Cisco Umbrella Rank: 2850
3 KB
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1090
263 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1820
35 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 3144
420 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2373
350 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3958
498 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1021
594 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 5200
792 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 6208
165 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1086
358 B
1 mdpcdn.com
karma.mdpcdn.com — Cisco Umbrella Rank: 39730
109 KB
1 eatthis.com
www.eatthis.com — Cisco Umbrella Rank: 80754
2 KB
180 42
Domain Requested by
23 celebwell.com celebwell.com
14 www.instagram.com 1 redirects platform.instagram.com
www.instagram.com
12 securepubads.g.doubleclick.net karma.mdpcdn.com
securepubads.g.doubleclick.net
celebwell.com
www.googletagservices.com
6 cm.g.doubleclick.net 6 redirects
6 b1-eudc1.zemanta.com karma.mdpcdn.com
celebwell.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 token.rubiconproject.com eus.rubiconproject.com
5 scontent.cdninstagram.com www.instagram.com
5 widgets.outbrain.com karma.mdpcdn.com
celebwell.com
widgets.outbrain.com
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 c.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 b1t-eudc1.zemanta.com celebwell.com
widgets.outbrain.com
4 www.googletagservices.com securepubads.g.doubleclick.net
4 c2shb.ssp.yahoo.com karma.mdpcdn.com
4 www.google-analytics.com celebwell.com
www.google-analytics.com
www.googletagmanager.com
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 image2.pubmatic.com ads.pubmatic.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 x.bidswitch.net 2 redirects
3 zem.outbrainimg.com celebwell.com
widgets.outbrain.com
3 stas.outbrain.com celebwell.com
3 a5143.casalemedia.com karma.mdpcdn.com
3 cdn.jsdelivr.net securepubads.g.doubleclick.net
3 ib.adnxs.com karma.mdpcdn.com
acdn.adnxs.com
2 pixel.rubiconproject.com
2 gu.dyntrk.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 loada.exelator.com 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 simage2.pubmatic.com ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 eus.rubiconproject.com karma.mdpcdn.com
eus.rubiconproject.com
2 ads.pubmatic.com karma.mdpcdn.com
ads.pubmatic.com
2 graph.instagram.com www.instagram.com
2 match.adsrvr.org js-sec.indexww.com
ssum-sec.casalemedia.com
2 js-sec.indexww.com karma.mdpcdn.com
2 www.googletagmanager.com celebwell.com
1 simage4.pubmatic.com ads.pubmatic.com
1 bttrack.com
1 rtb.adentifi.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 acdn.adnxs.com karma.mdpcdn.com
1 platform.instagram.com 1 redirects
1 widgets.zemanta.com karma.mdpcdn.com
1 www.google.com tpc.googlesyndication.com
1 bd7f17abb391430f745a486b60e91610.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 as-sec.casalemedia.com js-sec.indexww.com
1 htlb.casalemedia.com karma.mdpcdn.com
1 hbopenbid.pubmatic.com karma.mdpcdn.com
1 fastlane.rubiconproject.com karma.mdpcdn.com
1 grid.bidswitch.net karma.mdpcdn.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 id.sv.rkdms.com js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
karma.mdpcdn.com
1 region1.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 d9jj3mjthpub.cloudfront.net
1 d3div1mtym39ic.cloudfront.net
1 d30qdagvt44524.cloudfront.net karma.mdpcdn.com
1 karma.mdpcdn.com celebwell.com
1 www.eatthis.com celebwell.com
1 pixel.wp.com celebwell.com
1 p1.parsely.com celebwell.com
1 api.parsely.com celebwell.com
1 stats.wp.com celebwell.com
1 cdn.parsely.com celebwell.com
180 77
Subject Issuer Validity Valid
celebwell.com
R3		 2022-10-23 -
2023-01-21		 3 months crt.sh
*.parsely.com
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-22 -
2023-08-22		 a year crt.sh
karma.mdpcdn.com
Amazon		 2022-05-02 -
2023-05-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
securedvisit.com
Amazon		 2022-10-29 -
2023-11-26		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-01-15 -
2023-01-13		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.outbrainimg.com
R3		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2022-09-08 -
2022-12-07		 3 months crt.sh
*.instagram.com
DigiCert SHA2 High Assurance Server CA		 2022-09-08 -
2022-12-07		 3 months crt.sh
*.graph.instagram.com
DigiCert SHA2 High Assurance Server CA		 2022-09-08 -
2022-12-07		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-21 -
2023-04-20		 a year crt.sh

This page contains 17 frames:

Primary Page: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Frame ID: F93ABB8CD630EB15B5315AE010DE43DB
Requests: 74 HTTP requests in this frame

Frame: https://bd7f17abb391430f745a486b60e91610.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3C40A02BE76755E411D37F8CC15A6BD8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 35B8327EEABA271DB658D60FA1BA30C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 39B02025D966D227187F12CD02E4C8DC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Frame ID: 0CD5E0CD1E158F15F3AC02BEC3C5D28D
Requests: 7 HTTP requests in this frame

Frame: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Frame ID: 6203C03FBEF0C5D3DAD5850951FDB5A1
Requests: 15 HTTP requests in this frame

Frame: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Frame ID: 9FAB0558A014B8779ADE16763982156B
Requests: 13 HTTP requests in this frame

Frame: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Frame ID: AD20CB5E8DE40A86AB99C4948BD131CC
Requests: 13 HTTP requests in this frame

Frame: https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
Frame ID: 9B9722768228E3D81C0134B8A757CEFA
Requests: 18 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 09686AB212BD783973A8DFD8C199997A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Frame ID: C3F610249B9363F9C44822FDEC2D0784
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FF8F2F46F4FEB1754D60AD2611E0D2F0
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B9662E0C3567CEDDB02A08B0A7A0C848
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebwell.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: EB2E15379FD5D8717D28D02C61594294
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0048FE5B-5C40-4B81-90E5-A638D1DCD86E&gdpr=0&gdpr_consent=
Frame ID: 0FD6FE56E27DE2B4E6BDFD7933344979
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a6106386-a1e2-4200-9511-6488d57009d2&gdpr=0&gdpr_consent=
Frame ID: 594EBB3C3F7F3B3FC8EBFC291692D782
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4740650124262738589
Frame ID: 3BC21B72D52B14F38C8824345F8E9F20
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Yanet Garcia in Bathing Suit Celebrates "FIFA World Cup" — Celebwell

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

180
Requests

89 %
HTTPS

31 %
IPv6

42
Domains

77
Subdomains

64
IPs

11
Countries

2129 kB
Transfer

5819 kB
Size

57
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Request Chain 118
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Request Chain 150
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=themediagrid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=paQgQ2TcTcNa52ycVbO_fYrHJoY&user_group=1&ssp=themediagrid
Request Chain 151
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebwell.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebwell.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 156
  • https://c1.adform.net/serving/cookie/match?party=14&cid=0048FE5B-5C40-4B81-90E5-A638D1DCD86E&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0048FE5B-5C40-4B81-90E5-A638D1DCD86E&gdpr=0&gdpr_consent=
Request Chain 157
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a6106386-a1e2-4200-9511-6488d57009d2&gdpr=0&gdpr_consent=
Request Chain 158
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4740650124262738589
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AEj-W1xAS4GQ5aY40dzYbg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 160
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b9906386-a1e1-4400-8d07-326a508b79b7
Request Chain 161
  • https://pixel.onaudience.com/?partner=214&mapped=0048FE5B-5C40-4B81-90E5-A638D1DCD86E&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
Request Chain 162
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDA0OEZFNUItNUM0MC00QjgxLTkwRTUtQTYzOEQxRENEODZF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPrq8jnYZkydql8PhV4H_ho&google_cver=1
Request Chain 165
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6603968377792390772
Request Chain 166
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4ah4C2d6vt9nLD1HmPCHwAABLUAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4ah4C2d6vt9nLD1HmPCHwAABLUAAAAB&dcc=t
Request Chain 167
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y4ah4C2d6vt9nLD1HmPCHwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEObWku4cHTEF2nglg7Z0ymo&google_cver=1
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4ah4C2d6vt9nLD1HmPCHwAABLUAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJkTz37h3wPCCWl-Wg_GmgQ&google_cver=1
Request Chain 170
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2E85EA101529465AB109460370DA8CEC
Request Chain 171
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=97fdc9a8-35d7-0ed8-6a872f1f
Request Chain 172
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1685406049&external_user_id=ceed7b58-a8cd-4c90-bf5f-62828cb63cb3
Request Chain 173
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 176
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK76OSicdiF4iL1vl0000yQ&google_cver=1
Request Chain 180
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=2E85EA101529465AB109460370DA8CEC&expires=365

180 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/ 		136 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
08f1159ba20036e83e7d3c06fa872465d8a208369bc3bc7935c32e9022932787

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=300, must-revalidate
cf-edge-cache
cache,platform=wordpress
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Nov 2022 00:20:44 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://celebwell.com/wp-json/>; rel="https://api.w.org/" <https://celebwell.com/wp-json/wp/v2/posts/610053>; rel="alternate"; type="application/json" <https://celebwell.com/?p=610053>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache
miss
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
hhn1 0 4 9980
Yanet-Garcia.png
celebwell.com/wp-content/uploads/sites/2/2022/11/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/uploads/sites/2/2022/11/Yanet-Garcia.png?w=640px%2C&crop=0%2C0%2C640px%2C360px&quality=82&strip=1
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3b2f7523a5b11f6c4eeddef43719b156c1593505cda2795da2933d156c2010ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
x-rq
hhn1 109 195 443
last-modified
Mon, 28 Nov 2022 21:04:13 GMT
server
nginx
etag
"bf0f22db388e7975"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
194130
expires
Tue, 28 Nov 2023 21:04:13 GMT
main-concat.css
celebwell.com/wp-content/themes/celebwell/css/ 		124 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-content/themes/celebwell/css/main-concat.css?ver=1669734242
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
16f01757f1b5bf036cae51885b0c1794418033ec269ee616e48e9865e678805d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
x-rq
hhn1 0 4 9980
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 15:04:02 GMT
server
nginx
age
33037
etag
W/"63861f62-1f0e6"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
22844
expires
Thu, 30 Nov 2023 00:20:44 GMT
lato-v17-latin-ext_latin-900.woff2
celebwell.com/wp-content/themes/celebwell/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-content/themes/celebwell/fonts/lato-v17-latin-ext_latin-900.woff2
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b31ada1046743817e7c081ca2b02a18a9c359a442ac4a9b19954bdcb4b4c1c65

Request headers

Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Origin
https://celebwell.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
content-encoding
gzip
age
0
x-cache
miss
content-length
24369
x-rq
hhn1 0 4 9980
last-modified
Tue, 29 Nov 2022 14:27:48 GMT
server
nginx
etag
W/"638616e4-5f18"
vary
X-Mobile-Class
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 00:20:44 GMT
lato-v17-latin-ext_latin-regular.woff2
celebwell.com/wp-content/themes/celebwell/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-content/themes/celebwell/fonts/lato-v17-latin-ext_latin-regular.woff2
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf4861c7d0c966f0ed6564f6aad6b28cbd3421a9ca4f60e2246848d249f196

Request headers

Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Origin
https://celebwell.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
content-encoding
gzip
age
0
x-cache
miss
content-length
25334
x-rq
hhn1 0 4 9980
last-modified
Tue, 29 Nov 2022 14:27:48 GMT
server
nginx
etag
W/"638616e4-62e8"
vary
X-Mobile-Class
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 00:20:44 GMT
classic-themes.min.css
celebwell.com/wp-includes/css/ 		217 B
292 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
x-rq
hhn1 0 4 9980
last-modified
Tue, 15 Nov 2022 19:44:35 GMT
server
nginx
age
655724
etag
"6373ec23-d9"
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
217
expires
Thu, 30 Nov 2023 00:20:44 GMT
cw-logo.svg
celebwell.com/wp-content/themes/celebwell/img/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/themes/celebwell/img/cw-logo.svg
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
285a3410b6c9daa6ec89ea2baf9c18290c37377fea84957c59211418a575717e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
content-encoding
gzip
x-rq
hhn1 0 4 9980
last-modified
Tue, 29 Nov 2022 14:27:48 GMT
server
nginx
age
0
etag
W/"638616e4-a39"
vary
X-Mobile-Class
x-cache
miss
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1265
expires
Thu, 30 Nov 2023 00:20:44 GMT
regenerator-runtime.min.js
celebwell.com/wp-includes/js/dist/vendor/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
x-rq
hhn1 0 4 9980
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 19:44:35 GMT
server
nginx
age
655723
etag
W/"6373ec23-194b"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2457
expires
Thu, 30 Nov 2023 00:20:44 GMT
wp-polyfill.min.js
celebwell.com/wp-includes/js/dist/vendor/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
x-rq
hhn1 0 4 9980
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 19:44:35 GMT
server
nginx
age
655723
etag
W/"6373ec23-459f"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6532
expires
Thu, 30 Nov 2023 00:20:44 GMT
hooks.min.js
celebwell.com/wp-includes/js/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
x-rq
hhn1 0 4 9980
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 19:44:35 GMT
server
nginx
age
655723
etag
W/"6373ec23-132e"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1661
expires
Thu, 30 Nov 2023 00:20:44 GMT
loader.js
celebwell.com/wp-content/plugins/wp-parsely/build/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-content/plugins/wp-parsely/build/loader.js?ver=eba15df5f79bd7d0de45
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f832a3f9fb50dfb245accbfe1f55d83f4330332a2a1b1640888d253398b95bb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
x-rq
hhn1 0 4 9980
content-encoding
gzip
last-modified
Tue, 22 Nov 2022 10:04:25 GMT
server
nginx
age
655723
etag
W/"637c9ea9-9c2"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1024
expires
Thu, 30 Nov 2023 00:20:44 GMT
p.js
cdn.parsely.com/keys/celebwell.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/celebwell.com/p.js?ver=3.5.2
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.85.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-85-39.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
56aa7052b7cd411c7df0555668e14f85c39ee7b3051e959232ca206425643024

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
public
date
Tue, 29 Nov 2022 03:33:42 GMT
content-encoding
gzip
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
last-modified
Tue, 19 Oct 2021 21:48:54 GMT
server
nginx
x-amz-cf-pop
FRA2-C2
age
74822
etag
W/"616f3d46-df42"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
mxJywfCSKXcB-lzPGNvYlgEY6c2z2Xv8bH5LasmVnLZtL1cELceRbw==
expires
Wed, 30 Nov 2022 03:33:42 GMT
bundle.min.js
celebwell.com/wp-content/themes/celebwell/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-content/themes/celebwell/js/bundle.min.js?ver=1669734242
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dd2c3903ec6dffa7a4fe9572af07225c4390627c37991836894d66cd8bfb900e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
x-rq
hhn1 0 4 9980
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 15:04:02 GMT
server
nginx
age
33037
etag
W/"63861f62-473f"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6568
expires
Thu, 30 Nov 2023 00:20:44 GMT
e-202248.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202248.js
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc
HIT hhn
date
Wed, 30 Nov 2022 00:20:44 GMT
content-encoding
br
server
nginx
etag
W/"62f6b688-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 20 Nov 2023 00:47:04 GMT
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65756236417b5ba4b29cd46161b4d435c8b158ffa5ff3ca582e6d0a7ba63004f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6c39f60bae626fb60e79338adfebfdc94ae19a9988711bfc6958886ff2acbc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
lato-v17-latin-ext_latin-700.woff2
celebwell.com/wp-content/themes/celebwell/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-content/themes/celebwell/fonts/lato-v17-latin-ext_latin-700.woff2
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f254eb93b015455a3c89aaf970631bc989fe2bd387f79e871b514992359651aa

Request headers

Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Origin
https://celebwell.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
content-encoding
gzip
x-rq
hhn1 0 4 9980
last-modified
Tue, 29 Nov 2022 14:27:48 GMT
server
nginx
age
0
etag
W/"638616e4-6088"
vary
X-Mobile-Class
x-cache
miss
content-type
application/font-woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 00:20:44 GMT
lato-v17-latin-ext_latin-italic.woff2
celebwell.com/wp-content/themes/celebwell/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-content/themes/celebwell/fonts/lato-v17-latin-ext_latin-italic.woff2
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
aa6f5c5c40c439bc098e2b5f432120acf43450b13858c961e771fd2f749ce224

Request headers

Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Origin
https://celebwell.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
content-encoding
gzip
age
0
x-cache
miss
content-length
26303
x-rq
hhn1 0 4 9980
last-modified
Tue, 29 Nov 2022 14:27:48 GMT
server
nginx
etag
W/"638616e4-66c8"
vary
X-Mobile-Class
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 00:20:44 GMT
profile
api.parsely.com/v2/ 		295 B
401 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.parsely.com/v2/profile?apikey=celebwell.com&uuid=pid%3D0604e4332729a32ee3a800741e171b4b&url=https%3A%2F%2Fcelebwell.com%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
Requested by
Host: celebwell.com
URL: https://celebwell.com/wp-content/plugins/wp-parsely/build/loader.js?ver=eba15df5f79bd7d0de45
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.3.34 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-3-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a2c269f2fc6ca280eb656d7e23141b51a82703c33ec8f4b1b280bcd2011c054a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 30 Nov 2022 00:20:44 GMT
server
nginx
content-length
295
content-type
application/json
/
p1.parsely.com/plogger/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1669767644444&plid=99648269&idsite=celebwell.com&url=https%3A%2F%2Fcelebwell.com%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fcelebwell.com%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F&sref=&sts=1669767644442&slts=0&title=Yanet+Garcia+in+Bathing+Suit+Celebrates+%22FIFA+World+Cup%22+%E2%80%94+Celebwell&date=Wed+Nov+30+2022+00%3A20%3A44+GMT%2B0000+(GMT)&action=pageview&pvid=23670533&u=pid%3D0604e4332729a32ee3a800741e171b4b
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Wed, 30 Nov 2022 00:20:44 GMT
Cache-Control
no-cache
Last-Modified
Wednesday, 30-Nov-2022 00:20:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=196211166&post=610053&tz=-5&srv=celebwell.com&hp=vip&j=1%3A11.5.1&host=celebwell.com&ref=&fcp=0&rand=0.5232630355205239
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 30 Nov 2022 00:20:44 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
facebook-white.svg
celebwell.com/wp-content/themes/celebwell/img/icons/social/ 		270 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/themes/celebwell/img/icons/social/facebook-white.svg
Requested by
Host: celebwell.com
URL: https://celebwell.com/wp-content/themes/celebwell/css/main-concat.css?ver=1669734242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5f025aeb2b8a345245a0f8b16d8dcc936ecd39dacda76546d7915534fa01c6f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/wp-content/themes/celebwell/css/main-concat.css?ver=1669734242
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
x-rq
hhn1 0 4 9980
last-modified
Tue, 29 Nov 2022 14:27:48 GMT
server
nginx
age
0
etag
"638616e4-10e"
vary
X-Mobile-Class
x-cache
miss
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
270
expires
Thu, 30 Nov 2023 00:20:44 GMT
twitter-white.svg
celebwell.com/wp-content/themes/celebwell/img/icons/social/ 		563 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/themes/celebwell/img/icons/social/twitter-white.svg
Requested by
Host: celebwell.com
URL: https://celebwell.com/wp-content/themes/celebwell/css/main-concat.css?ver=1669734242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e9ab67ec001634e9d890170262e1ac5e94b687af8a41775b745c315da18eb3a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/wp-content/themes/celebwell/css/main-concat.css?ver=1669734242
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
content-encoding
gzip
x-rq
hhn1 0 4 9980
last-modified
Tue, 29 Nov 2022 14:27:48 GMT
server
nginx
age
0
etag
W/"638616e4-233"
vary
X-Mobile-Class
x-cache
miss
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
335
expires
Thu, 30 Nov 2023 00:20:44 GMT
share-icon-w.svg
celebwell.com/wp-content/themes/celebwell/img/icons/social/ 		2 KB
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/themes/celebwell/img/icons/social/share-icon-w.svg
Requested by
Host: celebwell.com
URL: https://celebwell.com/wp-content/themes/celebwell/css/main-concat.css?ver=1669734242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6987a1b33bb2627d402f7150018cafe3e64d164c475becab16c7554ae78710c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/wp-content/themes/celebwell/css/main-concat.css?ver=1669734242
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
content-encoding
gzip
x-rq
hhn1 0 4 9980
last-modified
Tue, 29 Nov 2022 14:27:48 GMT
server
nginx
age
0
etag
W/"638616e4-672"
vary
X-Mobile-Class
x-cache
miss
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
803
expires
Thu, 30 Nov 2023 00:20:44 GMT
anna-bechtel-eat-this-not-that-writer.jpg
www.eatthis.com/wp-content/uploads/sites/4/2020/07/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.eatthis.com/wp-content/uploads/sites/4/2020/07/anna-bechtel-eat-this-not-that-writer.jpg?quality=82&strip=all&w=96
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:14d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe7d1bc7e0b1b69c6c30a48047089c915de77bcd62e15693c3149e350b136052

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
x-rq
ams7 109 140 443
cf-cache-status
DYNAMIC
last-modified
Sun, 16 Oct 2022 17:15:20 GMT
server
cloudflare
etag
"e2fe3fc662fda294"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
771f6b421b9e9b34-FRA
content-length
1782
expires
Mon, 16 Oct 2023 17:15:20 GMT
barbie-nunez.jpg
celebwell.com/wp-content/uploads/sites/2/2022/11/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/uploads/sites/2/2022/11/barbie-nunez.jpg?resize=134,76&quality=82&strip=all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e2e8c353902203d42b22f79784d48da53d84634ab393ae04791a23c3cbdd0dc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
x-rq
hhn1 109 30 443
last-modified
Wed, 30 Nov 2022 00:20:44 GMT
server
nginx
etag
"2e1cf437484ae12a"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4116
expires
Thu, 30 Nov 2023 00:20:44 GMT
KirstyG.png
celebwell.com/wp-content/uploads/sites/2/2022/11/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/uploads/sites/2/2022/11/KirstyG.png?resize=134,76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cfa9e89468331f6c5c472d63abd12cb40e10139f4b2ac15709d3b1ba48f5f655

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
x-rq
hhn1 109 196 443
last-modified
Tue, 29 Nov 2022 21:22:39 GMT
server
nginx
etag
"6bd466163ac939c5"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11672
expires
Wed, 29 Nov 2023 21:22:39 GMT
ElizaSpencer.png
celebwell.com/wp-content/uploads/sites/2/2022/11/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/uploads/sites/2/2022/11/ElizaSpencer.png?resize=134,76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fa9c291f736b48f4e77e9f1a8388014c04e8438a04ed28d9dbdf738a1a3fa40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
x-rq
hhn1 109 195 443
last-modified
Tue, 29 Nov 2022 17:10:38 GMT
server
nginx
etag
"3fdedd307b48ecde"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11498
expires
Wed, 29 Nov 2023 17:10:38 GMT
DanicaPatrickMain.png
celebwell.com/wp-content/uploads/sites/2/2022/11/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/uploads/sites/2/2022/11/DanicaPatrickMain.png?resize=134,76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1bd909ab08aeeeb48e7dbe8faa7197336d6770ec1094f2e0c6b6e1a0a6c448a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:44 GMT
x-rq
hhn1 109 142 443
last-modified
Tue, 29 Nov 2022 17:00:43 GMT
server
nginx
etag
"039275562cced9a7"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
13324
expires
Wed, 29 Nov 2023 17:00:43 GMT
karma_revshare.celebwell.com.js
karma.mdpcdn.com/service/js-min/ 		348 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:7e00:d:2820:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fac8d871bdb4a11d934d3ea72c118e1666f4d753171e5cb5dc765291f7ea0836

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
n71rQD16.qdZAg7Qv6qXfnhxZn0BR727
content-encoding
gzip
via
1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
date
Wed, 30 Nov 2022 00:20:45 GMT
last-modified
Mon, 01 Aug 2022 19:56:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"c79b08d843c92c3ff79e1ec21d6b7ee5"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
QFYjODhllCuoRM7xpVhYFP8JP85cLhp-UsB_MJldFdRJ9ljOPBDVSg==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 29 Nov 2022 23:15:51 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3894
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 30 Nov 2022 01:15:51 GMT
js
www.googletagmanager.com/gtag/ 		215 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-37X3P54THV
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b8a5194875e00e028f9f9363ec690e922253615984880ff67357d6760de8c338
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76704
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 00:20:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2da6165225e429c1a994985dd850984b08ecf31f1ec7a12fcb89bfe2ef97e7cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27265
x-xss-protection
0
server
sffe
etag
"1407 / 507 of 1000 / last-modified: 1669763224"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 30 Nov 2022 00:20:45 GMT
segments
d30qdagvt44524.cloudfront.net/production/ 		15 B
356 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d30qdagvt44524.cloudfront.net/production/segments?muid=de9f4524-205d-4978-b33b-df1b3d28212e
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f000:19:bcbe:a700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
727b3ff0c716fa8e38788e3dab83691b06edf37ca523b826f9ef67700021516b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amzn-trace-id
Root=1-6386a1dd-2c954db9175ff5040bab7f03;Sampled=0
x-amzn-requestid
20d99fd0-25c5-4d62-a118-436560ee2c98
x-cache
Miss from cloudfront
content-type
text/javascript
x-amz-apigw-id
cY46nF54oAMF4ug=
content-length
15
x-amz-cf-id
8vXf4ostXPghxsKmDzWIva77xtPF7b3oQdFVhcY8ShsrP9Hl8cVAIQ==
184003-52190608802424.js
js-sec.indexww.com/ht/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5800f312944709b8d8e2e638a4c64704be610892c2fd06e962ac74b222615e19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 30 Nov 2022 00:06:01 GMT
server
cloudflare
age
795
etag
W/"76387d-9a4c-5eea4deaf0863"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
771f6b45bc63bbda-FRA
expires
Wed, 30 Nov 2022 04:20:45 GMT
apstag.js
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain
  • https://c.amazon-adsystem.com/aax2/apstag.js
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
178 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Protocol
H2
Server
2600:9000:20eb:c400:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 23:58:15 GMT
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 20:51:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
1351
x-amz-server-side-encryption
AES256
etag
W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
OJ82hV4Dtp3MqwF3t_hBVFAQq-GCmVYrG2rFyruyLdECJWHC_L2Eqw==

Redirect headers

date
Tue, 29 Nov 2022 02:23:55 GMT
via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
79010
x-cache
Hit from cloudfront
content-type
text/html
location
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length
167
x-amz-cf-id
CyagY1W6QC2tvZcur_rvBV8HDwUe4MwfFOl3QGJ1nRYk7rHq4ig6Dw==
x.gif
d9jj3mjthpub.cloudfront.net/ 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9jj3mjthpub.cloudfront.net/x.gif?pulse=-1&v=l1.0.21&type=karma&globalTI_SID=de9f4524-205d-4978-b33b-df1b3d28212e&request_id=4cc27598-63e3-4ab7-8338-a1dd06685d30&url=https%3A%2F%2Fcelebwell.com%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F&host=celebwell.com&ua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F107.0.5304.121%20safari%2F537.36&muuid_origin=celebwell.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3400:11:e0c9:84c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 14:23:33 GMT
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
last-modified
Sun, 24 Feb 2019 04:40:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
35833
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
csj9xfgysO5yM8I4SS7ChHshYR432olsktm_vGqXpK-pTExsTki2pw==
collect
stats.g.doubleclick.net/j/ 		1 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-201796943-1&cid=1920034113.1669767645&jid=389484462&gjid=22262615&_gid=2111973969.1669767645&_u=YGBAgUABAAAAAEAAI~&z=1590322065
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 30 Nov 2022 00:20:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://celebwell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=1036809572&t=pageview&_s=1&dl=https%3A%2F%2Fcelebwell.com%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F&ul=en-us&de=UTF-8&dt=Yanet%20Garcia%20in%20Bathing%20Suit%20Celebrates%20%22FIFA%20World%20Cup%22%20%E2%80%94%20Celebwell&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABAAAAAAAAI~&jid=389484462&gjid=22262615&cid=1920034113.1669767645&tid=UA-201796943-1&_gid=2111973969.1669767645&z=1499855183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 22:05:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8142
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 16:20:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Nov 2023 16:20:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		91 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=celebwell.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90701e4fd0c893d0a7ab1c395c26f51258cd0b0845ab6796b3f91ed59e7c65fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66
x-xss-protection
0
expires
Wed, 30 Nov 2022 00:20:45 GMT
collect
region1.google-analytics.com/g/ 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-37X3P54THV&gtm=2oebs0&_p=1036809572&cid=1920034113.1669767645&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669767645&sct=1&seg=0&dl=https%3A%2F%2Fcelebwell.com%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F&dt=Yanet%20Garcia%20in%20Bathing%20Suit%20Celebrates%20%22FIFA%20World%20Cup%22%20%E2%80%94%20Celebwell&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-37X3P54THV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 00:20:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://celebwell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
single.js
celebwell.com/wp-content/themes/celebwell/js/infinite-scroll/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celebwell.com/wp-content/themes/celebwell/js/infinite-scroll/single.js?ver=1669734242
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b2768c812d4deaef371d53201f4548e5cc903b0519691646fa7230f1074d0f14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
x-rq
hhn1 0 4 9980
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 15:04:02 GMT
server
nginx
age
33037
etag
W/"63861f62-ec1"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1305
expires
Thu, 30 Nov 2023 00:20:45 GMT
identity
api.rlcdn.com/api/ 		44 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://celebwell.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/ 		63 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184003
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
03ff2c15abeeb32f4ce3e6bc0eecabb825d0d4057e766547234728b700f191f3

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://celebwell.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 30 Dec 2022 00:20:45 GMT
/
id.sv.rkdms.com/identity/ 		2 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=MEREDITH&sv_domain=celebwell.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.154.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-154-2.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://celebwell.com
date
Wed, 30 Nov 2022 00:20:45 GMT
access-control-allow-credentials
true
server
nginx/1.22.0
content-length
2
vary
Origin
content-type
application/json
config
c.amazon-adsystem.com/cdn/prod/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Fcelebwell.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 20:35:00 GMT
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
13544
x-cache
Hit from cloudfront
access-control-allow-origin
https://celebwell.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
esFNBJQrvu3Z9ksU7dU4WbNu2zQL1eDO5urUQk1KMndwe0Mp4yeBZQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding
gzip
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
date
Tue, 29 Nov 2022 03:19:02 GMT
x-amz-cf-pop
FRA2-C1
age
75704
x-cache
Hit from cloudfront
last-modified
Fri, 18 Nov 2022 03:05:15 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
1tREbTpTHQZI7QdRFL9Hth7YL_N9NXK65hyq9O4hg6QcN_D4HYaqFQ==
config
c.amazon-adsystem.com/cdn/prod/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Fcelebwell.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 20:35:00 GMT
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
13544
x-cache
Hit from cloudfront
access-control-allow-origin
https://celebwell.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
lNCAWUH1tAG2R39QLowmOh2DjaGnpvhOgLh7yABzykysUfw5i9pQ5g==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		64 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3446&u=https%3A%2F%2Fcelebwell.com%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F&pid=NsD4GJqKSRFht&cb=0&ws=1600x1200&v=22.1107.1609&t=1250&slots=%5B%7B%22sd%22%3A%22div-gpt-leaderboard-flex-1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%223865%2Frevshare.celebwell.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-leaderboard-flex-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-square-fixed-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%223865%2Frevshare.celebwell.com%2Ftier3%2Fstructuredcontent%2Fdiv-gpt-square-fixed-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-square-fixed-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%223865%2Frevshare.celebwell.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-square-fixed-3%22%7D%2C%7B%22sd%22%3A%22div-gpt-square-fixed-4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%223865%2Frevshare.celebwell.com%2Ftier2%2Fstructuredcontent%2Fdiv-gpt-square-fixed-4%22%7D%5D&pj=%7B%22aps_privacy%22%3A%221--%22%2C%22si_pagegroup%22%3A%22celeb-news%22%2C%22adRefresh%22%3A0%7D&schain=1.0%2C1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-188.fra2.r.cloudfront.net
Software
Server /
Resource Hash
159bd804f3a207ce59088ef63f186ba5b3d906d5245b7bfa882a6a6c3f6a9314
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C2
x-amz-rid
3AGHXPFZ1EHXR101ACHD
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://celebwell.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
6dioY361iAvAriIin3NJ_fYTytogMUE3D65HQFG6WFjsXs3acmWCgg==
hbjson
grid.bidswitch.net/ 		23 B
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.231.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-231-91.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
42301a379f3e59ad5e10a552a6939578b9e12be574df21fc27cf30f1a3c47899

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://celebwell.com
date
Wed, 30 Nov 2022 00:20:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
48
content-type
application/json
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96901a017a7ae786e2e89dd5c10043&pos=celebwell_leadrbrd_flex_tier1_728x90&cmd=bid&secure=1
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c0e0215c7fe056073f99bf27d9fd944e42b66ea744145702492533ff449ea121

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://celebwell.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96901a017a7ae786e2e89dd5c10043&pos=celebwell_square_fixed_tier3_300x250&cmd=bid&secure=1
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e5dc8133e1cf7b2eae532cef83bf6ac1eb20784d22feafc39713aebf7ba8bbfb

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://celebwell.com
access-control-allow-credentials
true
content-length
6354
bidRequest
c2shb.ssp.yahoo.com/ 		9 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96901a017a7ae786e2e89dd5c10043&pos=celebwell_square_fixed_tier1_300x250&cmd=bid&secure=1
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b4fa5a6f9ea5c7c2fa476086459b388d08794012cc5b170665dd708101eb15bd

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://celebwell.com
access-control-allow-credentials
true
content-length
8817
bidRequest
c2shb.ssp.yahoo.com/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96901a017a7ae786e2e89dd5c10043&pos=celebwell_square_fixed_tier2_300x250&cmd=bid&secure=1
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
03258938a9b5e89469863cad098af4e9e022e081d26e3af0f8378b97d8407655

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://celebwell.com
access-control-allow-credentials
true
content-length
6358
prebid
ib.adnxs.com/ut/v3/ 		35 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8c40a706260efeaba896252a781d44b54631f570534785bc0c804d23d875a1c3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 30 Nov 2022 00:20:45 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
138.199.38.134; 138.199.38.134; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6ba5b7a1-e237-45be-af08-1c35a66926a3
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://celebwell.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		692 B
952 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7499&site_id=426724&zone_id=2441058%3B2441066%3B2441062%3B2441064&size_id=2%3B15%3B15%3B15&alt_size_ids=57%3B%3B%3B&rf=https%3A%2F%2Fcelebwell.com%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F&tg_i.pbadslot=3865%2Frevshare.celebwell.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-leaderboard-flex-1%3B3865%2Frevshare.celebwell.com%2Ftier3%2Fstructuredcontent%2Fdiv-gpt-square-fixed-1%3B3865%2Frevshare.celebwell.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-square-fixed-3%3B3865%2Frevshare.celebwell.com%2Ftier2%2Fstructuredcontent%2Fdiv-gpt-square-fixed-4&tk_flint=pbjs_lite_v6.23.0&x_source.tid=67c4589e-5e8d-4f37-96e1-558c08e13806%3Bfb88b6b5-3d9e-4d47-b7e2-3dd3e09a365c%3B4f426d9c-a3b0-40d7-9f50-2c6804847ecd%3B07fc4f4c-f81d-46de-a45b-cf0ff077d71a&l_pb_bid_id=22f33e3c3f093d7%3B23663d62d292da6%3B24f419d6c235856%3B255af3a791aeb55&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=3865%2Frevshare.celebwell.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-leaderboard-flex-1%3B3865%2Frevshare.celebwell.com%2Ftier3%2Fstructuredcontent%2Fdiv-gpt-square-fixed-1%3B3865%2Frevshare.celebwell.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-square-fixed-3%3B3865%2Frevshare.celebwell.com%2Ftier2%2Fstructuredcontent%2Fdiv-gpt-square-fixed-4&slots=4&rand=0.4181254092096238
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6daf5f0885ae8720ac86aa292d9b555de675e117ea318dc4b6fdd200b715d7e9

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 00:20:45 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://celebwell.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
692
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://celebwell.com
date
Wed, 30 Nov 2022 00:20:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		17 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=688248&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223126a894f4c9387%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcelebwell.com%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A5%2C%22msi%22%3A5%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2232d6de201ef6b0e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22688248%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22688248%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%223865%2Frevshare.celebwell.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-leaderboard-flex-1%22%7D%7D%2C%7B%22id%22%3A%223339213592aff2e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22688256%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%223865%2Frevshare.celebwell.com%2Ftier3%2Fstructuredcontent%2Fdiv-gpt-square-fixed-1%22%7D%7D%2C%7B%22id%22%3A%2234bd59baa54db1b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22688254%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%223865%2Frevshare.celebwell.com%2Ftier1%2Fstructuredcontent%2Fdiv-gpt-square-fixed-3%22%7D%7D%2C%7B%22id%22%3A%2235f14492ea78bf9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22688255%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%223865%2Frevshare.celebwell.com%2Ftier2%2Fstructuredcontent%2Fdiv-gpt-square-fixed-4%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c1284380e252e5a1d73725a9b59c8a1b6e2fd269da798344308d56b71e80aa8

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 00:20:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zr7NBYpIiAeH%2BKl8Jt8Qt8%2BqAwtLvvR%2B8h6FC4PwvsZoB9AWNk5aOaWbcBKYm7xtsLntenz4kwCc8eCg4sYMdReULHpQdEL7fgi60XG8CAj0UDCDweObJo%2F8nNU4zRj8d6MoVRHI"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://celebwell.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
771f6b471c869043-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
headerstats
as-sec.casalemedia.com/ 		0
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=830104&u=https%3A%2F%2Fcelebwell.com%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 00:20:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IXYkdgdRHB1dgnUYecXmqmqR3GkR778lwMrn0SfQ2%2B5i5xkkmls0PBZaxBmccrlf5WsIInQ7Ax7YQ36%2BtBFvJExB4PYh54ZMA5TwvPAeq6KRmGUU49MjmO%2BBxW1AAq3AGOaLb%2BzFKo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://celebwell.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
771f6b48be61bbc7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
BSHeilds.png
celebwell.com/wp-content/uploads/sites/2/2022/11/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celebwell.com/wp-content/uploads/sites/2/2022/11/BSHeilds.png?resize=134,76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.80 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
97ac7434dfd269ff7ab1408ef101803ee0a844259bc65ff0ceede9e613ea9be6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
x-rq
hhn1 109 200 443
last-modified
Tue, 29 Nov 2022 16:03:25 GMT
server
nginx
etag
"4cd26a2860d7fe25"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
x-optim-disabled
true
accept-ranges
bytes
content-length
13836
expires
Wed, 29 Nov 2023 16:03:25 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Fcelebwell.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 20:35:00 GMT
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
13544
x-cache
Hit from cloudfront
access-control-allow-origin
https://celebwell.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
__7qpYGDGyVUEfwlxSQE7XXF8tkIfc98Sxi23xkFEekSQvuecwmRCw==
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=celebwell.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=celebwell.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		93 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3165246334190328&correlator=4150353134261580&eid=31070881%2C31070920&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=3865%2Crevshare.celebwell.com%2Ctier1%2Cstructuredcontent%2Cceleb-news%2Ctier3%2Ctier2&enc_prev_ius=0%2F1%2F2%2F3%2F4%2C0%2F1%2F5%2F3%2F4%2C0%2F1%2F2%2F3%2F4%2C0%2F1%2F6%2F3%2F4%2C0%2F1%2F2%2F3%2F4%2C0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x90%7C970x250%2C300x250%7C299x251%2C300x250%7C299x251%2C300x250%7C299x251%2C1x1%2C1x1&ifi=1&adks=3376946455%2C1023894141%2C300914736%2C1066718759%2C2351827523%2C2311831800&sfv=1-0-40&ists=3&prev_scp=slot%3Dleaderboard-flex-1%26refreshType%3Dhard%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26bz%3D000%26bzr%3D0%7Cslot%3Dsquare-fixed-1%26refreshType%3Dhard%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26hb_size%3D300x250%26hb_pb%3D0.30%26hb_adid%3D391ec8ac812c3cb%26hb_size_onemobile%3D300x250%26hb_pb_onemobile%3D0.10%26hb_adid_onemobile%3D3746b186fd8d0aa%26hb_size_ix%3D300x250%26hb_pb_ix%3D0.30%26hb_adid_ix%3D391ec8ac812c3cb%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.10%26hb_adid_appnexus%3D42e7e35d0e6801f%26bz%3D035%26bzr%3D1%7Cslot%3Dsquare-fixed-3%26refreshType%3Dhard%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26hb_size%3D300x250%26hb_pb%3D0.30%26hb_adid%3D40af4d5752d5c79%26hb_size_onemobile%3D300x250%26hb_pb_onemobile%3D0.10%26hb_adid_onemobile%3D3818ef1b0eb89df%26hb_size_ix%3D300x250%26hb_pb_ix%3D0.30%26hb_adid_ix%3D40af4d5752d5c79%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.10%26hb_adid_appnexus%3D437ed07cad521eb%26bz%3D035%26bzr%3D1%7Cslot%3Dsquare-fixed-4%26refreshType%3Dhard%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26hb_size%3D300x250%26hb_pb%3D0.25%26hb_adid%3D41cf9a3afc3f338%26hb_size_onemobile%3D300x250%26hb_pb_onemobile%3D0.10%26hb_adid_onemobile%3D36d9029cc6750f1%26hb_size_ix%3D300x250%26hb_pb_ix%3D0.25%26hb_adid_ix%3D41cf9a3afc3f338%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.10%26hb_adid_appnexus%3D44b72f245c3892f%26bz%3D030%26bzr%3D1%7Cslot%3Dinterstitial%26refreshType%3Dhard%7Cslot%3Dwallpaper%26refreshType%3Dhard&eri=1&cust_params=path%3Dnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%26id%3D610053-news-yanet-garcia-in-bathing-s%26type%3Dstructuredcontent%26channel%3Dceleb-news%26pv%3D1%26otabc%3D0%26amznbid%3D0%26amznp%3D0%26muid%3Dde9f4524-205d-4978-b33b-df1b3d28212e%26mrid%3D4cc27598-63e3-4ab7-8338-a1dd06685d30%26dockedleaderboard%3Dfalse%26dockedrail%3Dtrue&ppid=de9f4524-205d-4978-b33b-df1b3d28212e&sc=1&cookie_enabled=1&abxe=1&dt=1669767645698&lmt=1669767645&dlt=1669767644231&idt=944&adxs=436%2C983%2C983%2C983%2C0%2C0&adys=301%2C726%2C2760%2C3050%2C8398%2C8398&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcelebwell.com%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F&frm=20&vis=1&psz=728x0%7C300x250%7C300x250%7C300x250%7C1600x8397%7C1600x8397&msz=728x0%7C300x0%7C300x0%7C300x0%7C1600x0%7C1600x0&fws=0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1920034113.1669767645&ga_sid=1669767646&ga_hid=1036809572&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8373a52f04bc16518619631ca44c5d4fab17e01c21212e878ea0e15108515938
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16997
x-xss-protection
0
google-lineitem-id
5739821174,5527157665,5527157665,5525981949,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138355873185,138329282324,138329282333,138329282333,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://celebwell.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bffc125c88dd0f2fc9d380d90aba524eff607ae9dc865d9e7d358cf8e417c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11461
x-xss-protection
0
container.html
bd7f17abb391430f745a486b60e91610.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3C40 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bd7f17abb391430f745a486b60e91610.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://celebwell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Nov 2022 00:20:45 GMT
expires
Thu, 30 Nov 2023 00:20:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 00:20:45 GMT
gtm.js
www.googletagmanager.com/ 		131 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TZW8S3J
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c1c70a67942e5b0f15c969709fd256d7910327572a8da9f32d5415c9714279c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50319
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Nov 2022 00:20:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 35B8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://celebwell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13404
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 20:37:21 GMT
expires
Wed, 29 Nov 2023 20:37:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 39B0 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
031e11b32c0221096f28542792e193129b288959e337d8219899375edd2514c7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-82pZYmqYI77sfhqXJ-p9lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://celebwell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-82pZYmqYI77sfhqXJ-p9lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Nov 2022 00:20:45 GMT
expires
Wed, 30 Nov 2022 00:20:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1036809572&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcelebwell.com%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F&ul=en-us&de=UTF-8&dt=Yanet%20Garcia%20in%20Bathing%20Suit%20Celebrates%20%22FIFA%20World%20Cup%22%20%E2%80%94%20Celebwell&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Visibility&ea=Article%20View&el=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F&_u=aGDAAUABAAAAAGAAI~&jid=1042183586&gjid=127694768&cid=1920034113.1669767645&tid=UA-201796943-1&_gid=2111973969.1669767645&_r=1&gtm=2wgbs0TZW8S3J&z=1330071199
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://celebwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 00:20:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://celebwell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZW8S3J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 29 Nov 2022 23:15:51 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3894
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 30 Nov 2022 01:15:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 39B0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=3165246334190328&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
pagead2.googlesyndication.com/bg/ Frame 35B8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 18:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 18:10:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0CD5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 16:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
26736
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 16:55:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0CD5 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 00:20:46 GMT
12545554924875589072
tpc.googlesyndication.com/simgad/ Frame 0CD5 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12545554924875589072
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
527858ce1bb19dae6c14b76fcdcfad610ded25359054df165c6855de46dd3f77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 21:01:49 GMT
x-content-type-options
nosniff
age
98337
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63789
x-xss-protection
0
last-modified
Mon, 25 Jan 2021 18:28:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Nov 2023 21:01:49 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 6203 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10014
x-jsd-version
1.14.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230118-FRA, cache-yyz4527-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"6c5a-5kbBcMwAuv899TsKizV+K03Rtig"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wU3UyKjFgkFdDyvl4Lc%2Brd5MEEhUlQ30pc3IquCzjBBPUVmdtosUQ237Y2Y33SkNTPAW%2Bf9bMI5WhDYBc3yAf9DdfQDGrsbgTDvU2SoxuvXJZtW3%2F2aAi9xnJVa%2FS5FRsfGos6i9xQcQqrAsMfc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
771f6b4dc8529b1f-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6203 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 00:20:46 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 9FAB 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10014
x-jsd-version
1.14.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230118-FRA, cache-yyz4527-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"6c5a-5kbBcMwAuv899TsKizV+K03Rtig"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7egaSkORbVckVYzfV%2BUkQVFtl8IxrTHmAeEygW7Mff8oCkHKQvc2%2BowTGv6P0gonGK7pO2gEhGMUgg38VyWXKxH4VeucJ4qcpwTraPVnCTG39kqZNs8PXfpJoiqRom0jOB%2F11mkSMhVLRymTxg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
771f6b4dc8549b1f-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9FAB 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 00:20:46 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame AD20 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10014
x-jsd-version
1.14.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230118-FRA, cache-yyz4527-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"6c5a-5kbBcMwAuv899TsKizV+K03Rtig"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WgTMbA2PVPGWG%2BcXDu%2FINR7TnECbCrhpKji8pYkpLLXsFlMbQh51%2FdhgTMsBsBXrKw7i8pkEsiAhtCiF2czfS3kQpN8UQaXhT52w6BDSmEZ3kZipSTSRPWTtd%2FG65inBdI2EhC1fE9LmjLvx788%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
771f6b4dc8559b1f-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AD20 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 00:20:46 GMT
truncated
/ Frame 0CD5 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
685a94ab271639b11517df241f5def3402c6c4cbc6303b5058e95ee0c031516a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0CD5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssM4SDGirOfDTnEz3S5FaoQmLFmAqqIRs6rNnboc2wJ54wJtmPIoJ8SlKRdjEBexlN_V7pbDUFP55l5jy25ESdYGLByOosZUTP9QwU-rW5wDNuT16r3xXjR9yj69DIJJqOoCfMff0UgooY6cH7MII_luoy0nds5pHzXGDuijUTNXtXnoFh6z6AffQT-AEr79QId-Jfk6Myz3IsdJZNi-k2Yp_dg3iQ_Bf0qrhE5sz_FwkegqKGUH3_2hnxPoYiF6xi12BuVWBr2t5SeoZvHPDcDjE_O1sf2NlQnQohLUej67tDEXPchbMQByTZYQXzd78GH5IzBKP0OlLl8zkfNpMyg-dUiAoNoSAbk6MetlK1SBj4edxpF6A&sai=AMfl-YQhQZiwiapHh2jIvVK-G-S9hFF3--GGri-7O_BZf34SQNNZ97zil9VIw5vs-KLgiLpMsBIgtKxIznxihcP45vYayyXRizOqSZq_xnH25KGvYnfcbrCuVt9b_jrNIVQYAOGUsNuOBx5vAD8ZpCmzYsMDaCb3vhl0o9PxycD9NW3OMTY&sig=Cg0ArKJSzJ1USFtB68zHEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 30 Nov 2022 00:20:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6203 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIKe946gz0pgk0pFbAS8c9JWm4c0bZ-vdQg8LmHBnuaSu1sczu2jrb1GwR7mgyl-DWrfxl-Kob7CNoK6gqUk4v5aR8A2XvkSuccxVxPBJt0upZVBl4Sqj5u5W74P9OSZGrgp19zhuqSdeAw_B8yf42xRk6hnkGgMJE_kELTOHkDnYyMYlmRP-tPBqMxjYoOzOlViuyMXkTU3ggdNgM7QkvXc-BoZm65paDZ4XIZcfdxObtZkFDcW7Z7oOCJjor1MqqxenCrZvEwUrdsihW0z_E9XHxr75ButRNc1anKn2YQPlkRg_2KCdfh3SgTkWS0OnfuIQTZ-otWila_-kzRo_A_vzMymGpb08q-zs8JoByubsqoITb4tEd5w&sai=AMfl-YTC7seN8CHpahQNkCAcRktHXSzUXzNWcHUh60k9Qus4jXhJMy6yEicdzJm6ABvtFFhatYOYRNkOy4Jhwu1SGft4pr9OY8kzNc8lTCjFSRdCpcK3ORoCopNNc17Xlzh8DlQO8layXbJ83D2mZEBdUIJcGEckSr6NrkMwGd6E462exCI&sig=Cg0ArKJSzGS2KMFLXHvQEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 30 Nov 2022 00:20:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9FAB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsso_93GMvOUl7mnAs6jrGIIa6GmPMIOzQbPLPMlxCtiI8baFRZXLQf_9V-18KrYMpUYaHJfYHKqU263YLctqV5IUk16jopiieCalkS1cf01VbHJ_8tJPMfo0N0OG_YSGB7vwcyR-tpG4ZgocSjCJMIU6z8_N6EPyzYw8lq_K2eoUPse8uFsnHHGqs960gogBnecWjchwj5F14EGUIq9wI0FJ-21kdViJLjcLjfTGM7YAou1MHNkujNxph27tq4bnLIJEpKREMH_jV1_rnGf5_lxAoip8SG2ASNtO_JGZW933JfVXbL4Y2j8CJretOXKaXE6PcP9OI2gMHP68dQrKBMgh_vm_Q6omVY8xWHNX_CLE3gti-J1sFcUXA&sai=AMfl-YToVSFfJ_07z9sht6aHYku_sw5bCw-0i_CvTTRuy9-X2-gxYz7nbf8GHmmd9cvrb6W_JrHHpz_LV4XGmsTy8Hgln2GEJML_1dbOBgKKV9yp2CpdENVDxVBCTYBm3w22m21mktBp-0OQz7SHbN3aCKOJw8QFOBGRjMSmgpbqYmpPdCo&sig=Cg0ArKJSzMH4yUTZjiKkEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 30 Nov 2022 00:20:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AD20 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJIm0DbbKQCofi029NRPgVk9hJYX5YQlyBZa5JtPVcOSf-M8e5Cyjd2u1e4g-IyKt86cfjYiuPh-U4VnRHDOfSq8g9BNy7erccjSkuQtFsuqIXsU0NA4Si4Or4VVkF-CqEqRCK_y0CIwVc2eywzjZfWaReDYc1WtTCE99dq6tpZ_3q1J4uiRvFH4SjPp7xdW_YQ8hdx0vWIQC_NvMVAGlFXX68vkvhyjxbeGN639SHSZzCi27v01NWGwwvaxv8JFMwKL-zVCpBUrIres2WNDPUGMbIsCFBTczUZP8RoqHXGvhytgaW2Bn_Y95NZVPYjXSPlQdr05IHJbw04aP9TyaPEwrg6evBVUTCxw4SscVOJpWvvt4ntIatAg&sai=AMfl-YT--D7TSszbGJmivdkBSKzZKf6RzdA1h4t-u4AGlTiidQ0UQ5rvMPvdztlgWG_Ze-dtWAjV8EGPLgSEvRqjiH_Qp5iXr_1g2habetI4hOYSVux1b6AsoQbeJHvUzV5UMyZbZPpJ7FA1KSrwTwIr2k1wUidgkmTdolpj-miu9jyIWWI&sig=Cg0ArKJSzIqZnG_8hB5AEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 30 Nov 2022 00:20:46 GMT
generate_204
tpc.googlesyndication.com/ Frame 35B8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?h2SgHw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
widget.js
widgets.outbrain.com/n2d/widget/ Frame AD20 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0d3fd60e80f18f6b8a3b0a3cfec13dcbdaf3e710db09b170096ab1c163dda39c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 13:46:18 GMT
server
AkamaiNetStorage
etag
"07232370ef9b8600031a091dcd1ad3af:1669729961.956991"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
8977
expires
Wed, 30 Nov 2022 04:20:46 GMT
v1
a5143.casalemedia.com/impression/ Frame AD20 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a5143.casalemedia.com/impression/v1?bidID=b0e558ca-558a-49e0-8329-4aeecd945af9&traceID=ce3a3nchuuh948ft71ng&dspID=17&userID=&cmpro=0&deviceType=2&expiryTime=1669768245&siteID=688255&creativeID=2116f71&pubID=184003&format=banner&channel=site
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.91.45.57 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Nov 2022 00:20:46 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
/
b1-eudc1.zemanta.com/bidder/win/index/d51209d3-7044-11ed-b534-2a1c0fd07b4f/0.31/7HGSRXHG6LSSDC3EJHO4VFQHPFZXCTG2ZGIR6QQ5YAFJFUPMPAKMJNVBFZDKNBSOPNU6SODSZRTGYFFPDDZC4UB2A5SGIJ3JVS75BT6UNHHZ7OWDQKBGC... Frame AD20 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-eudc1.zemanta.com/bidder/win/index/d51209d3-7044-11ed-b534-2a1c0fd07b4f/0.31/7HGSRXHG6LSSDC3EJHO4VFQHPFZXCTG2ZGIR6QQ5YAFJFUPMPAKMJNVBFZDKNBSOPNU6SODSZRTGYFFPDDZC4UB2A5SGIJ3JVS75BT6UNHHZ7OWDQKBGCSR2MU2QDCSGNEN7KIECJZ6HHGRB2HBTMDF6L4O7D2HP7EDZATFBZNAJZ436BENS3XMXZKGRUOB6WRLTUW6AC5ULPLI4MFDFBOGV4EOCOSBYR4X5PNRCFSIPFBM7BHTPY4YLDZWIIOWIFNXVLDPJU7EGQEYAU4SNK7VZS3TN2L6GAWZZ434JJ4SEPJOPPUHSGRJJ4KDDUE2A6AAP7HF4GKKYDPAGLCQZH6B2MQGM7LL6TAGSRXZPST7OQV4VGSN5OQNP34H4F5PPGANIKV4JYUBM4GEH5T74FKCH2VRCD4AHS2NBHCZJ3L5DB66LKHB7BK24PJNVYWZIYAMIAKJHH3SKR4LAP6HNFFPH454FA5EYNLLQISIWLDO7IA7LI3QPP4KIKZL6ACMKIPVAZSZHV3MAI/?
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 30 Nov 2022 00:20:46 GMT
Content-Length
0
widget.js
widgets.outbrain.com/n2d/widget/ Frame 6203 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0d3fd60e80f18f6b8a3b0a3cfec13dcbdaf3e710db09b170096ab1c163dda39c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 13:46:18 GMT
server
AkamaiNetStorage
etag
"07232370ef9b8600031a091dcd1ad3af:1669729961.956991"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
8977
expires
Wed, 30 Nov 2022 04:20:46 GMT
v1
a5143.casalemedia.com/impression/ Frame 6203 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a5143.casalemedia.com/impression/v1?bidID=64baad08-8da5-4e73-8504-97e1b5b59243&traceID=ce3a3nchuuh948ft71ng&dspID=17&userID=&cmpro=0&deviceType=2&expiryTime=1669768245&siteID=688256&creativeID=2116f71&pubID=184003&format=banner&channel=site
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.91.45.57 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Nov 2022 00:20:46 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
/
b1-eudc1.zemanta.com/bidder/win/index/d5121def-7044-11ed-903d-30579a6332b3/0.35/7HGSRXHG6LSSDC3EJHO4VFQHPGZ4AO5PQGJ5LKA5YAFJFUPMPAKBONZAKZBS35Y7N4CHBBPJNLYUDP7BZN2BJQ2KYBSGIJ3JVS75BT6UNHHZ7OWDQKBGC... Frame 6203 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-eudc1.zemanta.com/bidder/win/index/d5121def-7044-11ed-903d-30579a6332b3/0.35/7HGSRXHG6LSSDC3EJHO4VFQHPGZ4AO5PQGJ5LKA5YAFJFUPMPAKBONZAKZBS35Y7N4CHBBPJNLYUDP7BZN2BJQ2KYBSGIJ3JVS75BT6UNHHZ7OWDQKBGCSR2MU2QDCSGNEN7KIECJZ6HHGRB2HBTMDF6L7ICDKHLXFMXXT5BZNAJZ436BENS3XMXZKGRUOB6WRLTUW6AC5ULPLI4MFDFBOGV4EOCOSBYR4X5PNRCFSIPFBM7BHTPY4YLDZWIIOWIFNXVLDPJU7EGQEYAU4SNK7VZS3TN2L6GAWZZ434JJ4SEPJOPPUHSGRJJ4KDDUE2A6AAP7HF4GKKYDPAGLCQZH6B2MQGM7LL6TAGSRXZPST7OQV4VGSNSD5MIUSXI6FUCBBNMLXKZ5HDGF4ABOEECQKK3ZJRCD4AHS2NBHCZJ3L5DB66LKHB7BK24PJNVYWZIYAMIAKJHH3SKR4LAP6HNFFPH454FA5EYNLLQISIWLDO7IA7LI3QIDUMXLLRFZ7FVIPVAZSZHV3MAI/?
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 30 Nov 2022 00:20:46 GMT
Content-Length
0
widget-300x250.js
widgets.zemanta.com/1661433531/ Frame 9FAB 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.zemanta.com/1661433531/widget-300x250.js
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
097617c815c046a3464f318f247aa72daed4586e237c53293626be78522b6562

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
F7fnhLzPsHtVwT9ZsW_Z_tULEBLr.EiD
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Nov 2022 00:20:46 GMT
x-amz-request-id
SCKFBJR0EVZRPKD6
age
1855
x-cache
HIT
content-length
4731
x-amz-id-2
4DDyKf9AUWvN5E+QNlk9rtgHrZ0gW4okl16w2DXoR1/ogh6QTFSTuJ25tbnIl8/oXgFXyevxW6c=
x-served-by
cache-hhn4073-HHN
last-modified
Thu, 25 Aug 2022 13:20:26 GMT
server
AmazonS3
x-timer
S1669767646.447843,VS0,VE0
etag
"d82289f774916799174cbf91965e8aaf"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-cache-hits
136
v1
a5143.casalemedia.com/impression/ Frame 9FAB 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a5143.casalemedia.com/impression/v1?bidID=5dc1dc8a-3e8f-4780-ac72-5e744bf6040b&traceID=ce3a3nchuuh948ft71ng&dspID=17&userID=&cmpro=0&deviceType=2&expiryTime=1669768245&siteID=688254&creativeID=2116f71&pubID=184003&format=banner&channel=site
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.91.45.57 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Nov 2022 00:20:46 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
/
b1-eudc1.zemanta.com/bidder/win/index/d5120ba2-7044-11ed-a906-94dde7d7f95e/0.35/7HGSRXHG6LSSDC3EJHO4VFQHPHUOF7IYY4VXCVQ5YAFJFUPMPAKHNBX6NLWPO2G5BOFFIWDKJE25ABMVGSQBJWFDWFSGIJ3JVS75BT6UNHHZ7OWDQKBGC... Frame 9FAB 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-eudc1.zemanta.com/bidder/win/index/d5120ba2-7044-11ed-a906-94dde7d7f95e/0.35/7HGSRXHG6LSSDC3EJHO4VFQHPHUOF7IYY4VXCVQ5YAFJFUPMPAKHNBX6NLWPO2G5BOFFIWDKJE25ABMVGSQBJWFDWFSGIJ3JVS75BT6UNHHZ7OWDQKBGCSR2MU2QDCSGNEN7KIECJZ6HGZRVT3AGZMHEVTKJ5GTQNV4LTPVBZNAJZ436BENS3XMXZKGRUOB6WRLTUW6AC5ULPLI4MFDFBOGV4EOCOSBYR4X5PNRCFSIPFBM7BHTPY4YLDZWIIOWIFNXVLDPJU7EGQEYAU4SNK7VZS3TN2L6GAWZZ434JJ4SEPJOPPUHSGRJJ4KDDUE2A6AAP7HF4GKKYDPAGLCQZH6B2MQGM7LL6TAGSRXZPST7OQV4VGSNWSZWLF4CXBKO4MWQGMCLDMJU6IX4NSAM5BQN53BRCD4AHS2NBHCZJ3L5DB66LKHB7BK24PJNVYWZIYAMIAKJHH3SKR4LAP6HNFFPH454FA5EYNLLQISIWLDO7IA7LI3QNF4RHRNGKN6JNIPVAZSZHV3MAI/?
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 30 Nov 2022 00:20:46 GMT
Content-Length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0CD5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_ICFqlM5KQ9C2-_MPRJ47AADcFCuUjmrkghXqj1abJ9MNBo3xq2djkXHZweRAqJnc4Tt2fCqfelCX_Gd0sD-v6DPXB5m7BS9j4lBF4h6n6n2X33u3acA6cN8IayMoErCfANOp91nRFZ4nH2lyd6ETFj6vrEbucTOehVCnQ98XS7h93Qh-AfCArQyP_a0roEGUFWwxT2UP1M5o7N0M8MnNbJwZ-Zv629k2O_depOBFlLx63teWGurQkE92KmY19Ms3xfD-5DGBiRPu_pAwluSEWlGZu7mjcAvxYbkgfqccL8DOKsdnOYRt827zaOOAeijyRrhDCFBTd2XVQcSrqkf6aTswXHEUDIvpTDGoh7-Ncb4o3suPS07G&sai=AMfl-YSHaj__msKZOtmNgPqO8B0IsrV1IsqQqpUMel__CMhPWFLlxbsIrcwLt1E8txJSDNchW-xeAfpkAEbfB91SzDSpVUz1sqVbNGElGPd_jHrzLS7W0Ji9JRi54woXVMdv_bwlwLx5HSbT0xsx-5TS-fGlBwaDIDhtH_M3j19ooOyQhPw&sig=Cg0ArKJSzIKFOZk8HJ5ZEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 30 Nov 2022 00:20:46 GMT
/
b1-eudc1.zemanta.com/bidder/win/index/d5120ba2-7044-11ed-a906-94dde7d7f95e/Y4ah3QAAAAAJdZb0Iz5Tzd7VgMw0fW7_RBn4EA/7HGSRXHG6LSSDC3EJHO4VFQHPHUOF7IYY4VXCVQ5YAFJFUPMPAKHNBX6NLWPO2G5BOFFIWDKJE25ABMVGSQ... Frame 9FAB 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-eudc1.zemanta.com/bidder/win/index/d5120ba2-7044-11ed-a906-94dde7d7f95e/Y4ah3QAAAAAJdZb0Iz5Tzd7VgMw0fW7_RBn4EA/7HGSRXHG6LSSDC3EJHO4VFQHPHUOF7IYY4VXCVQ5YAFJFUPMPAKHNBX6NLWPO2G5BOFFIWDKJE25ABMVGSQBJWFDWFSGIJ3JVS75BT6UNHHZ7OWDQKBGCSR2MU2QDCSGNEN7KIECJZ6HGZRVT3AGZMHEVTKJ5GTQNV4LTPVBZNAJZ436BENS3XMXZKGRUOB6WRLTUW6AC5ULPLI4MFDFBOGV4EOCOSBYR4X5PNRCFSIPFBM7BHTPY4YLDZWIIOWIFNXVLDPJU7EGQEYAU4SNK7VZS3TN2L6GAWZZ434JJ4SEPJOPPUHSGRJJ4KDDUE2A6AAP7HF4GKKYDPAGLCQZH6B2MQGM7LL6TAGSRXZPST7OQV4VGSNWSZWLF4CXBKO4MWQGMCLDMJU6IX4NSAM5BQN53BRCD4AHS2NBHCZJ3L5DB66LKHB7BK24PJNVYWZIYAMIAKJHH3SKR4LAP6HNFFPH454FA5EYNLLQISIWLDO7IA7LI3QNF4RHRNGKN6JNIPVAZSZHV3MAI/?
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 30 Nov 2022 00:20:46 GMT
Content-Length
0
writeStatistics
stas.outbrain.com/Stas/api/ Frame 9FAB 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stas.outbrain.com/Stas/api/writeStatistics?p=2q9RFOZqYuXZjgO04sFkrYUW5hsBcxA-GB4RnbAJ9h0GzR0JT7R2VX3fKMZjYHejf11ZjIf3CSULtj1_HW98T2UPbseMxrP5A-qn4hrMCMxuXbRRYVN4avj3MQtPiVX2jBRB4xUZSvMZZSPuL5TgPKLeuv7jCZRHf-26F8y34SKMym94MysqTjfHcWMWtyrurvHMXt5tp5SsljeXBAzcCvP_652gNbPuj4opaE-wiSW3Bgp7yRBiZV4GqQa0bSpzB74zEw2uPgy5TIfyIRO7VnkpUcvhOuZ_YL_UkFmVX-iDQw06ddiZvvIp4fyyAB11tjFVroYH56xgolG5OJ5MEn6SKKcbXe-5j89aKVFcWib0s0imuwptPTVGIdOzHQBvn3ZtfVaZo1mDMoOMNiUwKxFGcakJ35sqJL1QcAXvsNYawuVJOyEhi52xkPoD6tPo7jz0jSF1nt2m1-rER3tzYq2aLMMzUxGb7_sz9_MCODzuBgJAUJYIbkX2L98ndRkpMTpHZKXs-FrfdyTJ8e4PdvStTIqw4Yvybvb0dgVtTfOc3eDF99DZ9TRr62ZBo1cQQ6rfnZ8HJx4bZ9PrMPgvxq9AopwSP-eW2stJKR-BlynoI7Ut9oFSnqy-jSnoGePyFu_l6R2ev5U7vPzVwRkU0l4k6zEmufK-JXYDZeZJ38pVkSRv7BXulRYCtcMOuXWtel9OOB0QQjU65SLbUlaNcEWf-cRLW2wJiv5mfzaajXGem_H9iNx7U_bK3FEm_ygqjicPgqjoamditDkYZqtFaI8J7r5A_PO2Ggut6xZQks4&c=d0a58ee&v=3&deb=8673053
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Wed, 30 Nov 2022 00:20:46 GMT
Cache-Control
no-cache
content-encoding
gzip
Connection
close
X-TraceId
af18c6aca597bea000338ab194b0d469
Content-Length
60
Content-Type
image/gif
/
b1t-eudc1.zemanta.com/t/imp/impression/TO5K6SYKKSVHLFQGLCF55SBWR6GM5YKARVTPSZREBEQHWPVIAU7HLHJA72XETVLTFL7U7PYGGCOAXCCRWSJOGCD5LSNEU5LX3WB3T4WW7E52I6QC7Q2YZLMEUVV5OFGZRJFOC2SW4JGINIX3B3JOADS3XAMLCP... Frame 9FAB 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/TO5K6SYKKSVHLFQGLCF55SBWR6GM5YKARVTPSZREBEQHWPVIAU7HLHJA72XETVLTFL7U7PYGGCOAXCCRWSJOGCD5LSNEU5LX3WB3T4WW7E52I6QC7Q2YZLMEUVV5OFGZRJFOC2SW4JGINIX3B3JOADS3XAMLCPIJUEWIAWRI7NFHQVYDWO3JWQYIZFW35BLUNIB7QXJXPIZT3LBTA7CLHYQPR3LFLUD6H3EOXVXCIQ3KOPWHDNFRA3FLK2NXJVT7OUPXNK6RIOBZ3NWKMX6ZN7LYZMQSGGYYQS6BUITINVCOOGYQ2RN7BOB5SI7MOJ4DL6UBIBCT4UXR2MF5D2TLG2PIHDEQKN5YOHO2K3L7UGAOC6QO6JTQ/?
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Wed, 30 Nov 2022 00:20:46 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 9FAB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Fri, 30 Dec 2022 00:20:46 GMT
fe4778ba99aff167de343d17ec0b63165e.png
zem.outbrainimg.com/p/srv/sha/e2/e5/ae/ Frame 9FAB 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/e2/e5/ae/fe4778ba99aff167de343d17ec0b63165e.png?w=298&h=110&fit=crop&crop=faces,center&fm=jpg
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
9c1616e7ea7fdd51ae7a08f8ba8863ca7191e07e4c1d8b8f8127ec72f9b7253f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
4685515
x-cache
HIT, HIT, HIT
x-imgix-id
c0070219f41e06f5672996a54e78a599ae7a1fb2
cross-origin-resource-policy
cross-origin
content-length
12918
x-served-by
cache-sjc10068-SJC, cache-fra-eddf8230052-FRA, cache-fra-eddf8230103-FRA
x-imgix-render-farm
01.592
last-modified
Thu, 06 Oct 2022 18:48:51 GMT
server
imgix
x-timer
S1669767647.524594,VS0,VE0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
57
truncated
/ Frame 9FAB 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53b6474d6bf20a899ee17c59f34e31d89ed46a612d73a06143a3344bcdf0c175

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame AD20 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Fri, 30 Dec 2022 00:20:46 GMT
fe4778ba99aff167de343d17ec0b63165e.png
zem.outbrainimg.com/p/srv/sha/e2/e5/ae/ Frame AD20 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/e2/e5/ae/fe4778ba99aff167de343d17ec0b63165e.png?w=298&h=133&fit=crop&crop=faces,center&fm=jpg
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
bcada8069f9edddd6c9e8e412f7a7d251d20c106a25cb3cd4427ad366e6fead0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
2747740
x-cache
HIT, HIT, HIT
x-imgix-id
6c9e4179e911b4b86afd772ced9c8761f3d813c4
cross-origin-resource-policy
cross-origin
content-length
15150
x-served-by
cache-sjc10082-SJC, cache-fra-eddf8230043-FRA, cache-fra-eddf8230103-FRA
x-imgix-render-farm
01.592
last-modified
Sat, 29 Oct 2022 05:05:06 GMT
server
imgix
x-timer
S1669767647.528721,VS0,VE1
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1
/
b1-eudc1.zemanta.com/bidder/win/index/d51209d3-7044-11ed-b534-2a1c0fd07b4f/Y4ah3QAAAAA5kLaGNGwLHo5Ykj91Rtgz7hV5iQ/7HGSRXHG6LSSDC3EJHO4VFQHPFZXCTG2ZGIR6QQ5YAFJFUPMPAKMJNVBFZDKNBSOPNU6SODSZRTGYFFPDDZ... Frame AD20 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-eudc1.zemanta.com/bidder/win/index/d51209d3-7044-11ed-b534-2a1c0fd07b4f/Y4ah3QAAAAA5kLaGNGwLHo5Ykj91Rtgz7hV5iQ/7HGSRXHG6LSSDC3EJHO4VFQHPFZXCTG2ZGIR6QQ5YAFJFUPMPAKMJNVBFZDKNBSOPNU6SODSZRTGYFFPDDZC4UB2A5SGIJ3JVS75BT6UNHHZ7OWDQKBGCSR2MU2QDCSGNEN7KIECJZ6HHGRB2HBTMDF6L4O7D2HP7EDZATFBZNAJZ436BENS3XMXZKGRUOB6WRLTUW6AC5ULPLI4MFDFBOGV4EOCOSBYR4X5PNRCFSIPFBM7BHTPY4YLDZWIIOWIFNXVLDPJU7EGQEYAU4SNK7VZS3TN2L6GAWZZ434JJ4SEPJOPPUHSGRJJ4KDDUE2A6AAP7HF4GKKYDPAGLCQZH6B2MQGM7LL6TAGSRXZPST7OQV4VGSN5OQNP34H4F5PPGANIKV4JYUBM4GEH5T74FKCH2VRCD4AHS2NBHCZJ3L5DB66LKHB7BK24PJNVYWZIYAMIAKJHH3SKR4LAP6HNFFPH454FA5EYNLLQISIWLDO7IA7LI3QPP4KIKZL6ACMKIPVAZSZHV3MAI/?
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 30 Nov 2022 00:20:46 GMT
Content-Length
0
writeStatistics
stas.outbrain.com/Stas/api/ Frame AD20 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stas.outbrain.com/Stas/api/writeStatistics?p=5dUUb9CsOOEhGZ3UFFXiiZUcP2UKz-vaZXGwB2Iwb_9IIbTDQE_UFUQRpF1c69k98OIsg06HgHDy6g4G4x3xSOU4YjN5HkC19AjkMwRCX15rgECDijFz2QjzzY3noUtnUVaCH4GFLqWBIJRmcHNPpVTtv7HVxEtOs4eBojxZUwzYGgdh-DD5pQsW2H_Swi5jG3sQx97bZ5EPeIJM8nv-7YF7njj_U8HjAFE4UVQpGQ2R5wQK1_d4cMvpDnMKaB5QVoWo8PC79s_LU4H43ODzBq7XD7lnbqwtd1RwEg42vDAzBJDFomWpeEIZsUHMzFSV32JBtLThjuU9sTaatEz-VQoaMc5XJwgO8Juxw4iFNp4_Q4ovpD0Me1dg1vxTwpApAphf9v2lS0F-5WiQJwJyspAR5nGySNY0f1RDJjUUZUsL-OnHy4G3EBC5PlNdzdpWyH8Qxp7RGthTno4g9cnexbHP2vblzTKzYWyvid2hvfKWzAPpFA28nufo0jTjQjqC-0iSuGAvryqRpwcTEZk-6qR7yib6HyF1YIeTYatCPsXyMxEZrg95-GxqESL8yo5ipTZjPqscNCnH_DzdUQ56gwLXeXIhJF9PdI5qm-Rv2vKPHTc343kH2u28Y-dVvgqqAJZDPjHSol4hJKpAG3vpqMS7hsK3v3AqGslltzOTDmVsuF251OL-YzHEJWusl2uKiSthT7ZfgYLRi7qw_AFzY3z9qnrbO_MMbCNoZxptcG-t60MGabSQuiKiMj6_trPbchUp4zi5Hj6NvE3uzTcwjf9fJTxMzRYp6XVfhBXUXVg&c=6544e280&v=3&deb=8673053
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Wed, 30 Nov 2022 00:20:46 GMT
Cache-Control
no-cache
content-encoding
gzip
Connection
close
X-TraceId
01fe64e6e147bb490574d342314fa745
Content-Length
60
Content-Type
image/gif
/
b1t-eudc1.zemanta.com/t/imp/impression/TO5K6SYKKSVHLZSZT3JF5Y33ROGM5YKARVTPSZVXXZJFDWOEAO2FXFI2KZCDAAY5VM4ZZSUTPDLX6FB2FNUX5CWVMKMHQUYP64BCAK5OGPHI3PO23BORWP3KLW4HM2SWPA5GVQQYRGWHVIX3B3JOADS3XAMLCP... Frame AD20 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/TO5K6SYKKSVHLZSZT3JF5Y33ROGM5YKARVTPSZVXXZJFDWOEAO2FXFI2KZCDAAY5VM4ZZSUTPDLX6FB2FNUX5CWVMKMHQUYP64BCAK5OGPHI3PO23BORWP3KLW4HM2SWPA5GVQQYRGWHVIX3B3JOADS3XAMLCPIJUEWIAWRI7NFHQVYDWO3JWQYIZFW35BLUNIB7QXJXPIZT3LBTA7CLHYQPR3LFLUD6H3EOXVXCIQ3KOPWHDNFRA3FLK2NXJVT7OUPXNK6RIOBZ3NWKMX6ZN7LYZMQSGGYYQS6BUITINVCOOGYQ2RN7BOB5SI7MOJ4DL6UBIBCT4UXR2MF5D2TLG2PIHDEQKN5YOHO2K3L7UGAOC6QO6JTQ/?
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Wed, 30 Nov 2022 00:20:46 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
truncated
/ Frame AD20 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
273f8b05b6788804555695475dedf8aea7fec225f791a2e14fc06f82f2700a09

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 6203 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Fri, 30 Dec 2022 00:20:46 GMT
fe4778ba99aff167de343d17ec0b63165e.png
zem.outbrainimg.com/p/srv/sha/e2/e5/ae/ Frame 6203 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/e2/e5/ae/fe4778ba99aff167de343d17ec0b63165e.png?w=298&h=133&fit=crop&crop=faces,center&fm=jpg
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
bcada8069f9edddd6c9e8e412f7a7d251d20c106a25cb3cd4427ad366e6fead0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
2747740
x-cache
HIT, HIT, HIT
x-imgix-id
6c9e4179e911b4b86afd772ced9c8761f3d813c4
cross-origin-resource-policy
cross-origin
content-length
15150
x-served-by
cache-sjc10082-SJC, cache-fra-eddf8230043-FRA, cache-fra-eddf8230103-FRA
x-imgix-render-farm
01.592
last-modified
Sat, 29 Oct 2022 05:05:06 GMT
server
imgix
x-timer
S1669767647.556478,VS0,VE0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
2
/
b1-eudc1.zemanta.com/bidder/win/index/d5121def-7044-11ed-903d-30579a6332b3/Y4ah3QAAAACLvXAVpOgzlRFtn3sSwyvjVPMaFA/7HGSRXHG6LSSDC3EJHO4VFQHPGZ4AO5PQGJ5LKA5YAFJFUPMPAKBONZAKZBS35Y7N4CHBBPJNLYUDP7BZN2... Frame 6203 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-eudc1.zemanta.com/bidder/win/index/d5121def-7044-11ed-903d-30579a6332b3/Y4ah3QAAAACLvXAVpOgzlRFtn3sSwyvjVPMaFA/7HGSRXHG6LSSDC3EJHO4VFQHPGZ4AO5PQGJ5LKA5YAFJFUPMPAKBONZAKZBS35Y7N4CHBBPJNLYUDP7BZN2BJQ2KYBSGIJ3JVS75BT6UNHHZ7OWDQKBGCSR2MU2QDCSGNEN7KIECJZ6HHGRB2HBTMDF6L7ICDKHLXFMXXT5BZNAJZ436BENS3XMXZKGRUOB6WRLTUW6AC5ULPLI4MFDFBOGV4EOCOSBYR4X5PNRCFSIPFBM7BHTPY4YLDZWIIOWIFNXVLDPJU7EGQEYAU4SNK7VZS3TN2L6GAWZZ434JJ4SEPJOPPUHSGRJJ4KDDUE2A6AAP7HF4GKKYDPAGLCQZH6B2MQGM7LL6TAGSRXZPST7OQV4VGSNSD5MIUSXI6FUCBBNMLXKZ5HDGF4ABOEECQKK3ZJRCD4AHS2NBHCZJ3L5DB66LKHB7BK24PJNVYWZIYAMIAKJHH3SKR4LAP6HNFFPH454FA5EYNLLQISIWLDO7IA7LI3QIDUMXLLRFZ7FVIPVAZSZHV3MAI/?
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 30 Nov 2022 00:20:46 GMT
Content-Length
0
writeStatistics
stas.outbrain.com/Stas/api/ Frame 6203 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stas.outbrain.com/Stas/api/writeStatistics?p=r4FqoPVVkAqnQONaSb5yDeot4jgtz-CyBk3josfIPgziiQhGaMcp-SqNB80rAqthuGvKaqJHvqSDjOfdFKmswbo9APsTlaJsAinvtoTwmWO6Ap9gODCZHGNqdYmFjeinh3X-tyQZOF_QWvfljHgVvF5h8bxLnxCCj3mvU3fnKsqc43meRmxqAuMi_yxbB_UAU9s1nixWKI65xYRnLxhomULNf4a7QoQ4DW5zHT7Nr46-SXqOXGcJ4w-WpZvJiGIXTqX63lamdBCzs8KdbVt5ytF5CZWENThCfPKb9kiz5PjI0TYwaU5ESxI5aFMe6TMNvYEqcwdVlrVKDg2ZmlH3P3Y9YovCs-b2sHU3wK_piUMPs3XrtlpN5IhA-YC0xoWxJWyyogW2VOsPMohOCyJMmj--CdBz50Wld_o9QmqE0rHwl6TMzz4FByG5cT_8fEBECFQaIX5Cl-1e6m-LAZRfq8Rfz1jopawcK9idbAZhKLewGtYn1gxpzE6u3ThHBe1A5t7GguJRyCvG7AANVVvxYYFolnj7GADsR_en-1wGuS2PFZuDv76IqT90_g-I57HpLaLwHzUZqo0cHw2DlVymCbkrmvzk4NTpQwek8z1ords_N0vSG3GrSQpKCiLYBUc-a6M5DSUSz5BUKbpewjSHRdQdHbZ1XsoCI8ZfhKxx1a2VRPjeQd50dw_i4zS1NPO0ijtn5TaeTdQbyI3o6hnctGb8px6YddAdk789MUa3HuwxgfecAKV0vDTyZ2d4thmoHe-FablBAj9dn4ISNuyO9SsalGLOk2yodoPOHxsx2Z8&c=18a03517&v=3&deb=8673053
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Wed, 30 Nov 2022 00:20:46 GMT
Cache-Control
no-cache
content-encoding
gzip
Connection
close
X-TraceId
18128a891d102d602516a345917fd022
Content-Length
60
Content-Type
image/gif
/
b1t-eudc1.zemanta.com/t/imp/impression/TO5K6SYKKSVHKFUMFN525I7YY6GM5YKARVTPSZXZBQZPMVZTITQVCF372I7EXBSULU4GQDY7JXYTFPSYMBZ5QFC2HQ6FY3QR3G2CQUJOPTUPWRZIZOHOEUACPV4HTDQYXYZRIMIXLO6H3IX3B3JOADS3XAMLCP... Frame 6203 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/TO5K6SYKKSVHKFUMFN525I7YY6GM5YKARVTPSZXZBQZPMVZTITQVCF372I7EXBSULU4GQDY7JXYTFPSYMBZ5QFC2HQ6FY3QR3G2CQUJOPTUPWRZIZOHOEUACPV4HTDQYXYZRIMIXLO6H3IX3B3JOADS3XAMLCPIJUEWIAWRI7NFHQVYDWO3JWQYIZFW35BLUNIB7QXJXPIZT3LBTA7CLHYQPR3LFLUD6H3EOXVXCIQ3KOPWHDNFRA3FLK2NXJVT7OUPXNK6RIOBZ3NWKMX6ZN7LYZMQSGGYYQS6BUITINVCOOGYQ2RN7BOB5SI7MOJ4DL6UBIBCT4UXR2MF5D2TLG2PIHDEQKN5YOHO2K3L7UGAOC6QO6JTQ/?
Requested by
Host: celebwell.com
URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Wed, 30 Nov 2022 00:20:46 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
truncated
/ Frame 6203 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd4c1fc24b5764c74a734a8b6d1b3bd09c11c4926ede5a9739606a853e8bd7f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 9FAB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUmqAIuupqwrTo8hRVewYa7DAB2OtO5l5mnsSJwbXr2KdDPuyDI8Y-EA_sfywe99J8Qo58iFDE5crtz698n-hx-Rf_yrqzd_LBr9YzKqDlbbqABo-QgObLHwtt1rws1Fh9EFvolYVuPiWGoMTWsrBRdJ1tMX26LcQA1vGzWpMfd0H554TLrd-vLuavIfNX2M3zgNnj33Z2HZqf6la89Kx6BIJ7Y_gZ_z0LNvQNeGVAydsda79SvpIpRy_h_Ujr-snjvjusqEPxmlLKPtIzFTHU4rncAb-vrw3eG64OT9k2qCYRiZMGLsvgd7BdMc0CSqFvL47qinsbhaOThWYVFWHPGH4n6eUKiHAMisYvWfEzh6z9ggIDgMGsWy86&sai=AMfl-YSipo-0wS7Wc4a3ANgCghiV8nMariqpuTjZC8xZ2mXjUNRuOqYikCZQaX6eoBQ69K0nwbOUigcQv815SJ0XvjiYgC6VD2j2K3wpYzIL69WL-Pn1rRbsH2wbEnR1XHk0UCQY1RKLr6u7VLwuG88nbRMUDZjEZNGWxFA72vLDFem_2tU&sig=Cg0ArKJSzESZrapuMSz7EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 30 Nov 2022 00:20:46 GMT
ab12745d93c5.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Protocol
H3
Server
2a03:2880:f245:e0:face:b00c:0:4420 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 02:06:25 GMT
content-encoding
br
etag
"ab12745d93c5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
4843
priority
u=3,i

Redirect headers

date
Wed, 30 Nov 2022 00:20:46 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
odn
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control
max-age=21600
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.instagram.com/reel/CfAoADSAZke/embed/captioned/ Frame 9B97 		87 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
Requested by
Host: platform.instagram.com
URL: https://platform.instagram.com/en_US/embeds.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f245:e0:face:b00c:0:4420 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9d8c1bec2d3e70de1b9611f6b60c969fb47c80234cd50f5fb974f8f8d51f6897
Security Headers
Name Value
Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com https://*.giphy.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://celebwell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-expose-headers
X-IG-Set-WWW-Claim
alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-language
de
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com https://*.giphy.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests
content-type
text/html; charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop"
date
Wed, 30 Nov 2022 00:20:46 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-trial
AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
pragma
no-cache
priority
u=0
report-to
{"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
strict-transport-security
max-age=31536000
vary
Accept-Language, Cookie, Accept-Encoding
x-accel-buffering
no
x-aed
74
x-content-type-options
nosniff
x-ig-origin-region
odn
x-ig-peak-time
1
x-ig-push-state
c2
x-ig-request-elapsed-time-ms
33
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame AD20 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvX-IqCzXszcPz1kUVHYZJPUus7uoEH6rGzqYypU5qu8EY6YVlzRVa0q1xUMLEE901gGeOnlgT3ERQK_d10YI9LrWzGXLcR0zD8ge0hwQ9TjjG3vnVMF7dUUwjyRCEQmjl_PzBfQGJXRa4ZjY42IydwteqHSfsSxzynOnWe_U_Xr573atxjbLaGNfiyZsYDpnzqZBpx2Fz0M_ZPlz6ArZf8sd0J1mK7gQmU2O_r3UgdVJzouaI5CQ4k_oev4XlQI7oEhgdo4gbq8jt2T8Wy1zOPpBI4wT2bYrb3f3UDE9D6NhRMySkOPFemYS1x5xLV3v4J046NYl94QNDKjI8PcGi5-sMpnqa8nl7GmUbRuqIjiFd3uh3av4TErjcF&sai=AMfl-YQAjmFuynmGsQxwHwMyiiUeS49KMqWdyCaOSg7Q9naWgaf3Yf8Yx4REIBuvuvV2VCmIptl2JIkb70mrM7yHHs4fVGut2f2XICwh-wGXB_APAsTp_aaVNsO4A_WhLLYBUTGqqztSAcYuS_6MyCJsfpZFdu2R6SXPvD-UHrnt6M_XZ50&sig=Cg0ArKJSzM0nzcViYYR7EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 30 Nov 2022 00:20:46 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=3165246334190328&bg=!2dql2p7NAAbvMpMzzzI7ACkAdvg8WuwUTSwSPy04AakBvC7xqIxHX5Wh6137H5vhFCTI0VRmocmT1gIAAADTUgAAAARoAQeZAqaUMHteIw4aPE051R2JoO8gqbYvA0J9NR43QVEOJpM1sUXkgiughHbWWb6PR8TP-13haShlICI6l713So9PCscbvCZOSFK7yGaDabtVBgAJEmhfEhUxyP1CSMfcTmy4uyLVu8yvhDyyRCkYDYIAsquGhOyMmA_OpsWjQV37hhQHEi7vRROIlLuwtSs0D8YdmKXL1i_D8xUJQ2AW_gzFhV5cQAsiW1snzu-bbsxId_RS7iQ0VPUGkaLK13aq3unwocNKXELsh6U4BxbJwHX2EMj4lIY3TNIlBuynZlmXVU9Q8w9xD27Tdwxmyw79qTucHIstM5ErUqUEpaJ3tcWwm7Aaj5vj6w3c7D2fscqzkfMQMuy_-MyXR73pj3f8VqO_48HOpfpGI1pBJH-AAQCf23BJBLmPG0B6JeippfHzQs9yfgERNOVd0ZFsG4-hKDah4HEVXssZvf79mNfDUSpEh30_WQbHOyurjeEPODFi8putFvaQESwX6iVR1bux8f_RMrXF2BGBmso4k0KrFrHDifoHSipSxR9YWc_-5TEkmpw-IyWTsLjCZtf0YxSXO-4MY107YvZ7U5_aZ2SiyTBSWPIw0RT_qs5Xlj8yRQxnfz-HJoY2svKQspq107n90PYeTj5Cdlrf1ENlkO0shLaPbxbXWHO76KhCKklvF3B6C7_xfLpA0JFxyEOh1j-wAJpJa4nRnfhB0mx7vpBRfW0S6xVSKVlGGmLPDY7UBktlCJk1ssFJkGzGL2B7MuRqBC9n5qCe4rB-gYXJGAIn6PN1l712PRf4QXSsAxGUWspCMl0OmZxx9izlKflcqD0XmLOl5ECp0pOpc1dczQUs_pZlDI5kfrSCmtU24n8VyEku0NaeC7cKQFZLn6FCBPCnyoO04HuWZFtjT3I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
67ac6f7b1749.css
www.instagram.com/static/bundles/es6/EmbedSimpleBase.css/ Frame 9B97 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSimpleBase.css/67ac6f7b1749.css
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f245:e0:face:b00c:0:4420 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c05a202bfec3c0e8fdba6936f9cf8ac41bcafd546ce89f29d16d6e347963fd6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:46:40 GMT
content-encoding
br
etag
"67ac6f7b1749"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
3082
priority
u=0
9fe266c92fd0.js
www.instagram.com/static/bundles/es6/de_DE.js/ Frame 9B97 		292 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/de_DE.js/9fe266c92fd0.js
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f245:e0:face:b00c:0:4420 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e18bf494d9162e5b6182d93485d724af7d6e5f001ad4df72cf337fc612da4f96

Request headers

Referer
https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 22:56:28 GMT
content-encoding
br
etag
"9fe266c92fd0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
70805
priority
u=1
4d61e552e263.js
www.instagram.com/static/bundles/es6/EmbedSimple.js/ Frame 9B97 		495 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSimple.js/4d61e552e263.js
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f245:e0:face:b00c:0:4420 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6c4b4f2fc1cb95cd17e7694be1d45ce6adb54c7ff4642532380fea9959a0bc8f

Request headers

Referer
https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 13:23:19 GMT
content-encoding
br
etag
"4d61e552e263"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
121448
priority
u=1
view
securepubads.g.doubleclick.net/pcs/ Frame 6203 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhQJvDO9t8Iq_5fAwz8nbxSB7FFanTvA2G4tDdQnGhXCtk4BP0Kw-8eQ4QUB-zRke7aI3RorC1OIIark1Kay0lJHZujXRdDHPwDulJJiXuvjsX3Wb6d7NNAchj8IsZVpc6UVYNUKhy16nBx6qpQEkzmO2WX4YUf0DG8TwQE8q-mUjxBYv_WoreX1h1-OBeDIYLMefQPavIececikm43LehajnatbhbQ5hvsywz_gJF63nuljzK8k4BYcdbyk1bfYQvYD5AChGnlD7q6G2j1vYOoKepAoWHBLr1kplswc-Wz5yyyzdPcsbrymtmYAQyiLVUDEYrhr0eVM075gEZJrVJ_qThi0aDuoJn8inMCcPFS8mSjB1-EGyNmext&sai=AMfl-YRx66bEgWLPxgewgz6nWEG0VY7gm0D7wN1Wq_uZS_R4qjWxqQ6dEmpKjNyONovmj_dyzJMnFDx1DILT48lCsun1NREFmHfOP81zWbBv52Fvu5k0LcD1bGzYzRUQF_q2xVLDnvKo8bL-1cFb_KH4Lg2soOnZBfr-b4DHRzW_e0gFoPc&sig=Cg0ArKJSzLhaAzBZQ5LlEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 30 Nov 2022 00:20:46 GMT
316873973_700691308093043_254518455733573805_n.jpg
scontent.cdninstagram.com/v/t51.2885-19/ Frame 9B97 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.cdninstagram.com/v/t51.2885-19/316873973_700691308093043_254518455733573805_n.jpg?stp=dst-jpg_s150x150&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=_9yQLh875WcAX9Zuidp&edm=AJBgZrYBAAAA&ccb=7-5&oh=00_AfCKOC7ZI9ZKxR9kKWj8szLh2oE1_cu99IS0sdpoq2Aweg&oe=638C1463&_nc_sid=78c662
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f273:cd:face:b00c:0:43fe Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
12c8a1221205ae39748899da67c7cb7a9a3da2105e24424efc2f8804e08b7410

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.instagram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-haystack-needlechecksum
821169992
date
Wed, 30 Nov 2022 00:20:47 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Thu, 24 Nov 2022 07:38:56 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3468956907
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2915839859
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
4782
289032735_1008171020067502_3287008799777372343_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/ Frame 9B97 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.cdninstagram.com/v/t51.2885-15/289032735_1008171020067502_3287008799777372343_n.jpg?stp=dst-jpg_e15_p640x640&_nc_ht=scontent.cdninstagram.com&_nc_cat=110&_nc_ohc=-LFwP8gMneIAX-UTk2m&edm=AJBgZrYBAAAA&ccb=7-5&oh=00_AfBKbwr_mjq4OOV2SZB4Lf6NQimUsF9UBrYoki9cm7hpFA&oe=63881FD1&_nc_sid=78c662
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f273:cd:face:b00c:0:43fe Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
477b4dae3c40b7d681801c51420c286fdef54dcb150d9c18ef6dd8aba24e97bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.instagram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-haystack-needlechecksum
1373352826
date
Wed, 30 Nov 2022 00:20:47 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Mon, 20 Jun 2022 02:09:09 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2879807221
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
681010879
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
85744
273209346_485622196462923_8707607455725364080_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/ Frame 9B97 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.cdninstagram.com/v/t51.2885-15/273209346_485622196462923_8707607455725364080_n.jpg?stp=dst-jpg_e35_s150x150&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=16QRp27gW5YAX_-yNC0&edm=AJBgZrYBAAAA&ccb=7-5&oh=00_AfCoTUheP8DXn8SD8g2dBt1zlB3A7XpA57c_2BTeKj8_sg&oe=63881A39&_nc_sid=78c662
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f273:cd:face:b00c:0:43fe Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4e4532ba02cfad3b9aab3fbe24ccd840c8ace39e51a2e0d451f95641bdd2ad91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.instagram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-haystack-needlechecksum
3359128007
date
Wed, 30 Nov 2022 00:20:47 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Sun, 06 Feb 2022 05:49:02 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=740317068
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
249533296
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
3813
173874278_326061322216620_3257064739135380916_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/ Frame 9B97 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.cdninstagram.com/v/t51.2885-15/173874278_326061322216620_3257064739135380916_n.jpg?stp=dst-jpg_e35_s150x150&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=f0Lcb7MQ_y0AX-T_Ln2&edm=AJBgZrYBAAAA&ccb=7-5&oh=00_AfBOVUPhPACCt4GMsd1gyJcnhe3rIXy8Q1KUKrRGNFbW3A&oe=63881153&_nc_sid=78c662
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f273:cd:face:b00c:0:43fe Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50fc1acf8fec0d4a07ad306ce573d7d060c2b3355f2e9db17df36c124295d890

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.instagram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-haystack-needlechecksum
3163055888
date
Wed, 30 Nov 2022 00:20:47 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Sun, 18 Apr 2021 18:14:36 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3788028550
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
504538236
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
8280
3e5c3713b6fd.css
www.instagram.com/static/bundles/es6/EmbedRichBase.css/ Frame 9B97 		114 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedRichBase.css/3e5c3713b6fd.css
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f245:e0:face:b00c:0:4420 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548005b1d32066c8d7ab7b2f74d0d066d2607dc63bb3b6604ac7bc6f0eb38207

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 03:27:40 GMT
content-encoding
br
etag
"3e5c3713b6fd"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
12994
priority
u=0
7d15f80b7ca0.js
www.instagram.com/static/bundles/es6/EmbedRich.js/ Frame 9B97 		882 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedRich.js/7d15f80b7ca0.js
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f245:e0:face:b00c:0:4420 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4c9677d237284e37c57e59182c2ad3fa28524cce813ead1def8e9db85799d481

Request headers

Referer
https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 19:29:52 GMT
content-encoding
br
etag
"7d15f80b7ca0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
208966
priority
u=3,i
6c7742894eb6.png
www.instagram.com/static/bundles/es6/sprite_embed_6c7742894eb6.png/ Frame 9B97 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.instagram.com/static/bundles/es6/sprite_embed_6c7742894eb6.png/6c7742894eb6.png
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedSimpleBase.css/67ac6f7b1749.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f245:e0:face:b00c:0:4420 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
23beda30424ac7c49957ce15299d0199803995498851441548cf89108a12871b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.instagram.com/static/bundles/es6/EmbedSimpleBase.css/67ac6f7b1749.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 21:59:11 GMT
content-encoding
br
etag
"6c7742894eb6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
12978
priority
u=3,i
3e5c3713b6fd.css
www.instagram.com/static/bundles/es6/EmbedRich.css/ Frame 9B97 		114 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedRich.css/3e5c3713b6fd.css
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedSimple.js/4d61e552e263.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f245:e0:face:b00c:0:4420 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548005b1d32066c8d7ab7b2f74d0d066d2607dc63bb3b6604ac7bc6f0eb38207

Request headers

Referer
https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 01:48:13 GMT
content-encoding
br
etag
"3e5c3713b6fd"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
12994
priority
u=0
3e5c3713b6fd.css
www.instagram.com/static/bundles/es6/EmbedRich.css/ Frame 9B97 		114 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedRich.css/3e5c3713b6fd.css
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedSimple.js/4d61e552e263.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f245:e0:face:b00c:0:4420 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548005b1d32066c8d7ab7b2f74d0d066d2607dc63bb3b6604ac7bc6f0eb38207

Request headers

Referer
https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 01:48:13 GMT
content-encoding
br
etag
"3e5c3713b6fd"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
12994
priority
u=0
289032735_1008171020067502_3287008799777372343_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/ Frame 9B97 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.cdninstagram.com/v/t51.2885-15/289032735_1008171020067502_3287008799777372343_n.jpg?stp=dst-jpg_e15_p640x640&_nc_ht=scontent.cdninstagram.com&_nc_cat=110&_nc_ohc=-LFwP8gMneIAX-UTk2m&edm=AJBgZrYBAAAA&ccb=7-5&oh=00_AfBKbwr_mjq4OOV2SZB4Lf6NQimUsF9UBrYoki9cm7hpFA&oe=63881FD1&_nc_sid=78c662
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedRich.js/7d15f80b7ca0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f273:cd:face:b00c:0:43fe Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
477b4dae3c40b7d681801c51420c286fdef54dcb150d9c18ef6dd8aba24e97bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.instagram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-haystack-needlechecksum
1373352826
date
Wed, 30 Nov 2022 00:20:47 GMT
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Mon, 20 Jun 2022 02:09:09 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2879807221
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
681010879
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
85744
priority
u=1
2fdc79aa66b0.png
www.instagram.com/static/bundles/es6/sprite_video_2fdc79aa66b0.png/ Frame 9B97 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.instagram.com/static/bundles/es6/sprite_video_2fdc79aa66b0.png/2fdc79aa66b0.png
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedRichBase.css/3e5c3713b6fd.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f245:e0:face:b00c:0:4420 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
54c2687de64bd6df6f87c864412becc0ba8c43282e84fd5ef7949c347498b2c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.instagram.com/static/bundles/es6/EmbedRichBase.css/3e5c3713b6fd.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 00:29:28 GMT
content-encoding
br
etag
"2fdc79aa66b0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
4684
priority
u=3,i
/
b1t-eudc1.zemanta.com/t/imp/view/TO5K6SYKKSVHKFUMFN525I7YY6GM5YKARVTPSZXZBQZPMVZTITQVCF372I7EXBSULU4GQDY7JXYTFPSYMBZ5QFC2HQ6FY3QR3G2CQUJOPTUPWRZIZOHOEUACPV4HTDQYXYZRIMIXLO6H3IX3B3JOADS3XAMLCPIJUEWI... Frame 6203 		0
0
/
b1t-eudc1.zemanta.com/t/imp/view/TO5K6SYKKSVHKFUMFN525I7YY6GM5YKARVTPSZXZBQZPMVZTITQVCF372I7EXBSULU4GQDY7JXYTFPSYMBZ5QFC2HQ6FY3QR3G2CQUJOPTUPWRZIZOHOEUACPV4HTDQYXYZRIMIXLO6H3IX3B3JOADS3XAMLCPIJUEWI... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://b1t-eudc1.zemanta.com/t/imp/view/TO5K6SYKKSVHKFUMFN525I7YY6GM5YKARVTPSZXZBQZPMVZTITQVCF372I7EXBSULU4GQDY7JXYTFPSYMBZ5QFC2HQ6FY3QR3G2CQUJOPTUPWRZIZOHOEUACPV4HTDQYXYZRIMIXLO6H3IX3B3JOADS3XAMLCPIJUEWIAWRI7NFHQVYDWO3JWQYIZFW35BLUNIB7QXJXPIZT3LBTA7CLHYQPR3LFLUD6H3EOXVXCIQ3KOPWHDNFRA3FLK2NXJVT7OUPXNK6RIOBZ3NWKMX6ZN7LYZMQSGGYYQS6BUITINVCOOGYQ2RN7BOB5SI7MOJ4DL6UBIBCT4UXR2MF5D2TLG2PIHDEQKN5YOHO2K3L7UGAOC6QO6JTQ/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://celebwell.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Allow
GET, HEAD, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Wed, 30 Nov 2022 00:20:47 GMT
66d8f00956e9.js
www.instagram.com/static/bundles/es6/EmbedAsyncLogger.js/ Frame 9B97 		2 KB
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedAsyncLogger.js/66d8f00956e9.js
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedSimple.js/4d61e552e263.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f245:e0:face:b00c:0:4420 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2ca69feef28c20ecd1ceecd849a2d43b1579310195a5d9bd469e2266b84f868f

Request headers

Referer
https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
Origin
https://www.instagram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:46:29 GMT
content-encoding
br
etag
"66d8f00956e9"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
733
priority
u=3,i
activeview
pagead2.googlesyndication.com/pcs/ Frame 0CD5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu49oKEigjG-zz0_x51nHRz2ul5p5yXKh8kGQnGePVIhIPUkNuGOieKtkAh5ENProtsD8YIokaP2X1ZzZaiMAw88fwe0euxnsee05sO7yqnnRWv3lm7&sig=Cg0ArKJSzHjqhVNRmjFsEAE&id=lidar2&mcvt=1000&p=256,436,346,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3376946455&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669767646229&rpt=209&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 00:20:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6203 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmZvaL7NIwYtIrjbD9Z4KmsHZEee8ZPXVL4Ct4AIFdpnsOaDiOW9JUKX8RLTgtLy4jUiTe4bXWtaMDlzd1hfQDyB4XWz5BoEatr2x3LQ39FSGCXb1A&sig=Cg0ArKJSzPCJbPoBRwyxEAE&id=lidar2&mcvt=1000&p=726,983,976,1283&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1023894141&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669767646243&rpt=672&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 00:20:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logging_client_events
graph.instagram.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.instagram.com/logging_client_events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f21c:81c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-asbd-id
Access-Control-Request-Method
POST
Origin
https://www.instagram.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-headers
x-asbd-id
access-control-allow-methods
GET, POST, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
300
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-type
application/json; charset=UTF-8
date
Wed, 30 Nov 2022 00:20:48 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v9.0
pragma
no-cache
strict-transport-security
max-age=15552000
vary
Origin
x-fb-debug
LyDIZj8eUhMtlQTHAZjrweB5s7aoAeDHZR0YJgWusB8W7mgYeSVT9gvnBxPC8oLhcNrykW8YyqAmX7EHIZHMYw==
x-fb-request-id
Aqfs4Tv8vvmo2lbUdXMiHC_
x-fb-rev
1006646727
x-fb-rlafr
0
x-fb-trace-id
C1Z2E3UfLSa
x-fb-trip-id
1425083115
logging_client_events
graph.instagram.com/ Frame 9B97 		107 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://graph.instagram.com/logging_client_events
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedSimple.js/4d61e552e263.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f21c:81c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9b7c9bb91016a0d17171d9a9307591530d2211c64f33104a1b87299a6b386f95
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Referer
https://www.instagram.com/
X-ASBD-ID
198387
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000
date
Wed, 30 Nov 2022 00:20:48 GMT
cross-origin-resource-policy
cross-origin
x-fb-rev
1006646727
content-length
107
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
UetoZfQQWcLDegx0VrS9e1LLFD1lLBigA2FE07sLr3HdkVOo2C1ujOHMqQgWmhsup+45OD9x/z6vKOWb7+aDJQ==
x-fb-trip-id
1425083115
x-fb-trace-id
D1W5ZTfDztP
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AsqhX0HuL6v8JzT1ov9VMkb
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v9.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
falco
www.instagram.com/logging/ Frame 9B97 		15 B
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/logging/falco
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedSimple.js/4d61e552e263.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f245:e0:face:b00c:0:4420 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
Security Headers
Name Value
Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com https://*.giphy.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-IG-WWW-Claim
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
*/*
Referer
https://www.instagram.com/reel/CfAoADSAZke/embed/captioned/?cr=1&v=14&wp=638&rd=https%3A%2F%2Fcelebwell.com&rp=%2Fnews-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup%2F
X-Requested-With
XMLHttpRequest
X-ASBD-ID
198387
X-CSRFToken
g9UXJGvA2kuwqUOZkydUOo2BtMf60Gen
X-IG-App-ID
936619743392459

Response headers

date
Wed, 30 Nov 2022 00:20:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com https://*.giphy.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests
x-ig-set-www-claim
0
x-aed
74
alt-svc
h3=":443"; ma=86400
content-length
15
x-xss-protection
0
pragma
no-cache
x-ig-request-elapsed-time-ms
17
cross-origin-embedder-policy-report-only
require-corp;report-to="coep"
x-ig-origin-region
odn
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop"
x-ig-push-state
c2
vary
Accept-Language, Cookie
x-frame-options
SAMEORIGIN
content-language
de
access-control-allow-origin
https://www.instagram.com
report-to
{"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
x-ig-peak-time
1
access-control-expose-headers
X-IG-Set-WWW-Claim
x-robots-tag
noindex
priority
u=1
expires
Sat, 01 Jan 2000 00:00:00 GMT
envelope
api.rlcdn.com/api/identity/ 		0
0
ixmatch.html
js-sec.indexww.com/um/ Frame 0968 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://celebwell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
546
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
771f6b5c4c0dbbda-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Nov 2022 00:20:48 GMT
expires
Wed, 30 Nov 2022 04:20:48 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C3F6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://celebwell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=53205
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 30 Nov 2022 00:20:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 30 Nov 2022 15:07:33 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame FF8F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://celebwell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
70112
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 30 Nov 2022 00:20:48 GMT
ETag
W/"623de86a-cf34"
Expires
Tue, 22 Nov 2022 04:52:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
6, 1137244
X-Served-By
cache-lga13626-LGA, cache-hhn4059-HHN
X-Timer
S1669767649.721384,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame B966 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.celebwell.com.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://celebwell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 30 Nov 2022 00:20:48 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=themediagrid
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=paQgQ2TcTcNa52ycVbO_fYrHJoY&user_group=1&ssp=themediagrid
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=188&user_id=paQgQ2TcTcNa52ycVbO_fYrHJoY&user_group=1&ssp=themediagrid
Protocol
H2
Server
3.75.15.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-15-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://celebwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=188&user_id=paQgQ2TcTcNa52ycVbO_fYrHJoY&user_group=1&ssp=themediagrid
Date
Wed, 30 Nov 2022 00:20:49 GMT
Connection
keep-alive
Content-Length
140
Content-Type
text/html; charset=utf-8
usermatch
ssum-sec.casalemedia.com/ Frame EB2E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebwell.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebwell.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebwell.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88a1610f1d519a4560b00bc1bedeaabaa557628bc00213b802c3184c5ec22f18

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
771f6b5d2d03917d-FRA
content-encoding
br
content-type
text/html
date
Wed, 30 Nov 2022 00:20:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5vBlC9et4NnE7W930mGM3JPcgGTIwAVpEVmtKkkgP5GCT31%2Bevk6S1eqHk7ddfVnPzvsOlU0qeSdjNxxfzITjDvz5DJKIUXHizbhl3YGtJbk5Uw3Tn1yyxWpZTBDGGUweTiyAhiStcB1w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
771f6b5ccdf5696f-FRA
content-length
0
date
Wed, 30 Nov 2022 00:20:48 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fcelebwell.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyR99aibZcDSeS38EU%2BB0cRZOCio3%2BHgaUmuqR9Mg6ec2ITr70HV4mdxtkBmA7%2FPbxtjzX2YUgiw6Ju6YgYL7o4h8Y6IydFc4T1IUyBnWhLuBBr7%2FSlNhKhL2l8Ef0T7ts3IbzvY1HhzNw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame B966 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8bcf9a2d833eb44fca72ad4cf060ddef063d3d6e4bb2266e6eb3e906c6bb2dac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Wed, 30 Nov 2022 00:20:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Nov 2022 03:21:09 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10880
Connection
keep-alive
Content-Length
10066
Expires
Wed, 30 Nov 2022 03:22:08 GMT
async_usersync
ib.adnxs.com/ Frame FF8F 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Nov 2022 00:20:48 GMT
AN-X-Request-Uuid
caf0510d-774a-451e-8a27-f71fbf9e085a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.134; 138.199.38.134; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C3F6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=48895143&p=158139&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2d188799a741bfe980341481a48f71cb72ada9ff98f64e75ec2d53d706300a0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 30 Nov 2022 00:20:48 GMT
content-length
1875
content-type
text/html; charset=UTF-8
khaos.jpg
token.rubiconproject.com/ Frame B966 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
match
c1.adform.net/serving/cookie/ Frame 0FD6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=0048FE5B-5C40-4B81-90E5-A638D1DCD86E&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0048FE5B-5C40-4B81-90E5-A638D1DCD86E&gdpr=0&gdpr_consent=
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0048FE5B-5C40-4B81-90E5-A638D1DCD86E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 30 Nov 2022 00:20:48 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Wed, 30 Nov 2022 00:20:48 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0048FE5B-5C40-4B81-90E5-A638D1DCD86E&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 594E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a6106386-a1e2-4200-9511-6488d57009d2&gdpr=0&gdpr_consent=
42 B
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a6106386-a1e2-4200-9511-6488d57009d2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Nov 2022 00:20:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 30 Nov 2022 00:20:49 GMT
Expires
Wed, 30 Nov 2022 00:20:48 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 169 32252b7 master zrh-pixel-x26 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a6106386-a1e2-4200-9511-6488d57009d2&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 3BC2
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4740650124262738589
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4740650124262738589
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Nov 2022 00:20:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4740650124262738589
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C3F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AEj-W1xAS4GQ5aY40dzYbg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

unused62
8096267
date
Wed, 30 Nov 2022 00:20:48 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=UTF-8
cache-control
max-age=53205
accept-ranges
bytes
content-length
5549
expires
Wed, 30 Nov 2022 15:07:33 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Nov 2022 00:20:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C3F6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b9906386-a1e1-4400-8d07-326a508b79b7
0
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b9906386-a1e1-4400-8d07-326a508b79b7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 30 Nov 2022 00:20:49 GMT
Server
MT3 169 32252b7 master zrh-pixel-x30 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b9906386-a1e1-4400-8d07-326a508b79b7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 30 Nov 2022 00:20:48 GMT
/
loada.exelator.com/load/ Frame C3F6
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=0048FE5B-5C40-4B81-90E5-A638D1DCD86E&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol
H2
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:50 GMT
server
nginx
server-timing
total;dur=1.000
etag
"600050fd-0"

Redirect headers

date
Wed, 30 Nov 2022 00:20:49 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame C3F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDA0OEZFNUItNUM0MC00QjgxLTkwRTUtQTYzOEQxRENEODZF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Nov 2022 00:20:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Nov 2022 00:20:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C3F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPrq8jnYZkydql8PhV4H_ho&google_cver=1
42 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPrq8jnYZkydql8PhV4H_ho&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Nov 2022 00:20:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Nov 2022 00:20:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPrq8jnYZkydql8PhV4H_ho&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame C3F6 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 29 Nov 2022 00:20:48 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C3F6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6603968377792390772
42 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6603968377792390772
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Nov 2022 00:20:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Nov 2022 00:20:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6603968377792390772
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
s.amazon-adsystem.com/ Frame EB2E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4ah4C2d6vt9nLD1HmPCHwAABLUAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4ah4C2d6vt9nLD1HmPCHwAABLUAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4ah4C2d6vt9nLD1HmPCHwAABLUAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebwell.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Nov 2022 00:20:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WH68ZK4APBZXXBEBMD25
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Nov 2022 00:20:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3QH1E87CG9BK1K8G5NMH
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4ah4C2d6vt9nLD1HmPCHwAABLUAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EB2E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y4ah4C2d6vt9nLD1HmPCHwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEObWku4cHTEF2nglg7Z0ymo&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEObWku4cHTEF2nglg7Z0ymo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebwell.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Nov 2022 00:20:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Nov 2022 00:20:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEObWku4cHTEF2nglg7Z0ymo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame EB2E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebwell.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Nov 2022 00:20:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame EB2E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4ah4C2d6vt9nLD1HmPCHwAABLUAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJkTz37h3wPCCWl-Wg_GmgQ&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJkTz37h3wPCCWl-Wg_GmgQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebwell.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 00:20:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Df6%2BCjzogToq%2BZZ4y5tpy31aXcWZ%2Bxek0UEVYHGTxDhmQqkSmSkJ7cu6YCul0HPLE%2Bi5SfAwUsmoiJCS7nTZ%2FwcKn%2FSXx4xtYboBobWkqsYcfIa0a8JthBYSKVlEd3jZnAFIKIFQnbJ62g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
771f6b5dbdc0917d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Nov 2022 00:20:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJkTz37h3wPCCWl-Wg_GmgQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EB2E
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2E85EA101529465AB109460370DA8CEC
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2E85EA101529465AB109460370DA8CEC
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebwell.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Nov 2022 00:20:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Wed, 30 Nov 2022 00:20:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2E85EA101529465AB109460370DA8CEC
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 29 Nov 2022 00:20:48 GMT
crum
dsum.casalemedia.com/ Frame EB2E
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=97fdc9a8-35d7-0ed8-6a872f1f
43 B
869 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=97fdc9a8-35d7-0ed8-6a872f1f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebwell.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 00:20:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gy0M0GkHeUdjQyR2%2BUvFfbVm8kBEsge%2BbQvZXB1wQ8sRwj1eUY318CIScBbzQUM0MA5qy2ETOcN25R9YZrWwCq6v0kTRrUTM24w4yUVYrb3HstPwdYSDqRarzt8miZ0xGX9mjOkt"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
771f6b5eff13bb35-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 30 Nov 2022 00:20:48 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=97fdc9a8-35d7-0ed8-6a872f1f
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum-sec.casalemedia.com/ Frame EB2E
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1685406049&external_user_id=ceed7b58-a8cd-4c90-bf5f-62828cb63cb3
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1685406049&external_user_id=ceed7b58-a8cd-4c90-bf5f-62828cb63cb3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebwell.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Nov 2022 00:20:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Wed, 30 Nov 2022 00:20:49 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1685406049&external_user_id=ceed7b58-a8cd-4c90-bf5f-62828cb63cb3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame EB2E
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebwell.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Nov 2022 00:20:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Wed, 30 Nov 2022 00:20:48 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
htw-pixel.gif
cdn.indexww.com/ht/ Frame EB2E 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y4ah4C2d6vt9nLD1HmPCHwAA%261205
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebwell.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:48 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
6620
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
771f6b5dec979963-FRA
content-length
43
expires
Thu, 01 Dec 2022 00:20:48 GMT
token
token.rubiconproject.com/ Frame B966 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B966
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK76OSicdiF4iL1vl0000yQ&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK76OSicdiF4iL1vl0000yQ&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 30 Nov 2022 00:20:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK76OSicdiF4iL1vl0000yQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
token.rubiconproject.com/ Frame B966 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=25470
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame B966 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=36584
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame B966 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=37556&a=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B966
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=2E85EA101529465AB109460370DA8CEC&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=2E85EA101529465AB109460370DA8CEC&expires=365
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 30 Nov 2022 00:20:49 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=2E85EA101529465AB109460370DA8CEC&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 29 Nov 2022 00:20:49 GMT
CookieSyncRubicon
rtb.adentifi.com/ Frame B966 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncRubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.255.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-255-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:49 GMT
cookiesync
bttrack.com/pixel/ Frame B966 		35 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-servername
Track002-iad
pragma
no-cache
date
Wed, 30 Nov 2022 00:20:38 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control
private,no-cache
content-length
35
expires
-1
async_usersync
ib.adnxs.com/ Frame FF8F 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Nov 2022 00:20:49 GMT
AN-X-Request-Uuid
efd26be3-37f6-42da-8c30-8ffe6324cb20
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.134; 138.199.38.134; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame C3F6 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158139&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 00:20:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
b1t-eudc1.zemanta.com
URL
https://b1t-eudc1.zemanta.com/t/imp/view/TO5K6SYKKSVHKFUMFN525I7YY6GM5YKARVTPSZXZBQZPMVZTITQVCF372I7EXBSULU4GQDY7JXYTFPSYMBZ5QFC2HQ6FY3QR3G2CQUJOPTUPWRZIZOHOEUACPV4HTDQYXYZRIMIXLO6H3IX3B3JOADS3XAMLCPIJUEWIAWRI7NFHQVYDWO3JWQYIZFW35BLUNIB7QXJXPIZT3LBTA7CLHYQPR3LFLUD6H3EOXVXCIQ3KOPWHDNFRA3FLK2NXJVT7OUPXNK6RIOBZ3NWKMX6ZN7LYZMQSGGYYQS6BUITINVCOOGYQ2RN7BOB5SI7MOJ4DL6UBIBCT4UXR2MF5D2TLG2PIHDEQKN5YOHO2K3L7UGAOC6QO6JTQ/?
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=13435

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 boolean| isLighthouseAudit boolean| isSlowHardware object| dataLayer number| width object| karma string| GoogleAnalyticsObject function| ga function| __gaTracker function| gtag string| wpParselyApiKey object| etnt object| webVitalsAnalyticsData object| _stq object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wp object| wpParselyHooks object| PARSELY function| _typeof function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray function| trackLink object| lazySizes object| lazySizesConfig function| st_go function| linktracker_init object| wpcom object| googletag object| pbjs object| globalTI object| apstag object| karmaService object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady object| headertag boolean| apstagLOADED undefined| google_measure_js_timing object| pbjsChunk object| _pbjsGlobals object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| adServiceQ object| __s object| instgrm object| google_image_requests

57 Cookies

Domain/Path Name / Value
celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup Name:
Value: test
.celebwell.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/%22%2C%22sref%22:%22%22%2C%22sts%22:1669767644442%2C%22slts%22:0}
.celebwell.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=0604e4332729a32ee3a800741e171b4b%22%2C%22session_count%22:1%2C%22last_session_ts%22:1669767644442}
celebwell.com/ Name: isSlowHardware
Value: 0
celebwell.com/ Name: muuid_origin
Value: celebwell.com
celebwell.com/ Name: muuid_source
Value: CLIENT
celebwell.com/ Name: muuid_date
Value: 1669767645034
celebwell.com/ Name: first_request_id
Value: 4cc27598-63e3-4ab7-8338-a1dd06685d30
celebwell.com/ Name: globalTI_SID
Value: de9f4524-205d-4978-b33b-df1b3d28212e
.celebwell.com/ Name: _gid
Value: GA1.2.2111973969.1669767645
.celebwell.com/ Name: _gat
Value: 1
d9jj3mjthpub.cloudfront.net/ Name: cross_site_muuid
Value: 2da51bff-d78e-5e97-aba7-84df2b070e57
.celebwell.com/ Name: _ga_37X3P54THV
Value: GS1.1.1669767645.1.0.1669767645.0.0.0
celebwell.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adnxs.com/ Name: icu
Value: ChgI3el5EAoYASABKAEw3cOanAY4AUABSAEQ3cOanAYYAA..
.adnxs.com/ Name: uuid2
Value: 7499847767213736631
.celebwell.com/ Name: _ga
Value: GA1.2.1920034113.1669767645
.celebwell.com/ Name: _gat_UA-201796943-1
Value: 1
.celebwell.com/ Name: __gads
Value: ID=fac12fd51a960d3b:T=1669767645:S=ALNI_MZmJhc9lTU3F_OpkJd1hN_1vAJGDA
.celebwell.com/ Name: __gpi
Value: UID=00000b8a4466a5ca:T=1669767645:RT=1669767645:S=ALNI_MYamp2Brc8ybXU7iv3PqoW7ztQJiA
.doubleclick.net/ Name: IDE
Value: AHWqTUnNPm2wVaVJTTx6MxIBaE7sAEGmU7qUooc21d0BXcEdVUYswwR2EwbEO7gOBQk
celebwell.com/ Name: _lr_retry_request
Value: true
celebwell.com/ Name: _lr_env_src_ats
Value: false
.bidswitch.net/ Name: tuuid
Value: bb510dc6-d75a-48d7-b4c1-221be3c7cdd5
.bidswitch.net/ Name: c
Value: 1669767648
.bidswitch.net/ Name: tuuid_lu
Value: 1669767648
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMID
Value: Y4ah4C2d6vt9nLD1HmPCHwAA
.casalemedia.com/ Name: CMPS
Value: 1205
.casalemedia.com/ Name: CMPRO
Value: 1205
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0048FE5B-5C40-4B81-90E5-A638D1DCD86E
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 158139:2
.pubmatic.com/ Name: DPSync3
Value: 1670976000%3A201_197_219%7C1669852800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1670976000%3A13_7_161_56_220_21
.adform.net/ Name: C
Value: 1
.onaudience.com/ Name: cookie
Value: b93335685c73362c
.onaudience.com/ Name: done_redirects161
Value: 1
.simpli.fi/ Name: suid
Value: 2E85EA101529465AB109460370DA8CEC
.adform.net/ Name: uid
Value: 6603968377792390772
.de17a.com/ Name: guid
Value: 1.4740650124262738589
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEPrq8jnYZkydql8PhV4H_ho&KRTB&16514-CAESEPrq8jnYZkydql8PhV4H_ho&KRTB&23025-CAESEPrq8jnYZkydql8PhV4H_ho&KRTB&23386-CAESEPrq8jnYZkydql8PhV4H_ho
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6603968377792390772&KRTB&23263-6603968377792390772
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4740650124262738589
.exelator.com/ Name: EE
Value: "35031a21eb97978e4b75868b42594974"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHY1MDYMNHIMDXJ0tzS3CLVJMnc1MLMIsnEyNTSxNLcZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVywAswJcw1asCS%252FKDN9kYvr4qKUNMZFJcWngg8lfQEA%252BfwmqQ%253D%253D"
.brand-display.com/ Name: _knxq_
Value: 97fdc9a8-35d7-0ed8-6a872f1f.1669767648.0.1669767648.1669767648
.company-target.com/ Name: tuuid
Value: ceed7b58-a8cd-4c90-bf5f-62828cb63cb3
.company-target.com/ Name: tuuid_lu
Value: 1669767649
.casalemedia.com/ Name: CMTS
Value: 1104
.mathtag.com/ Name: uuid
Value: a6106386-a1e2-4200-9511-6488d57009d2
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:a6106386-a1e2-4200-9511-6488d57009d2&KRTB&16736-uid:a6106386-a1e2-4200-9511-6488d57009d2&KRTB&23019-uid:a6106386-a1e2-4200-9511-6488d57009d2&KRTB&23208-uid:a6106386-a1e2-4200-9511-6488d57009d2
.pubmatic.com/ Name: PugT
Value: 1669767647
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a5a42043-64dc-4dc3-5ae7-6c9c55b3bf7d.FSqRdFLuESlS%2FDQVtFUIteNylGqFlwWFp4Zv0jJZ42A
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ApaQgQ2TcTcNa52ycVbO_fYrHJoY.AlCceNf9%2F9%2FwB%2F6X6QIv9z%2BUJ6xU22n7abslH5TpF4Y
.amazon-adsystem.com/ Name: ad-id
Value: A4TCtdjhTklAvffwNx0iYmo
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

5 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Message:
Access to fetch at 'https://b1t-eudc1.zemanta.com/t/imp/view/TO5K6SYKKSVHKFUMFN525I7YY6GM5YKARVTPSZXZBQZPMVZTITQVCF372I7EXBSULU4GQDY7JXYTFPSYMBZ5QFC2HQ6FY3QR3G2CQUJOPTUPWRZIZOHOEUACPV4HTDQYXYZRIMIXLO6H3IX3B3JOADS3XAMLCPIJUEWIAWRI7NFHQVYDWO3JWQYIZFW35BLUNIB7QXJXPIZT3LBTA7CLHYQPR3LFLUD6H3EOXVXCIQ3KOPWHDNFRA3FLK2NXJVT7OUPXNK6RIOBZ3NWKMX6ZN7LYZMQSGGYYQS6BUITINVCOOGYQ2RN7BOB5SI7MOJ4DL6UBIBCT4UXR2MF5D2TLG2PIHDEQKN5YOHO2K3L7UGAOC6QO6JTQ/?' from origin 'https://celebwell.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://b1t-eudc1.zemanta.com/t/imp/view/TO5K6SYKKSVHKFUMFN525I7YY6GM5YKARVTPSZXZBQZPMVZTITQVCF372I7EXBSULU4GQDY7JXYTFPSYMBZ5QFC2HQ6FY3QR3G2CQUJOPTUPWRZIZOHOEUACPV4HTDQYXYZRIMIXLO6H3IX3B3JOADS3XAMLCPIJUEWIAWRI7NFHQVYDWO3JWQYIZFW35BLUNIB7QXJXPIZT3LBTA7CLHYQPR3LFLUD6H3EOXVXCIQ3KOPWHDNFRA3FLK2NXJVT7OUPXNK6RIOBZ3NWKMX6ZN7LYZMQSGGYYQS6BUITINVCOOGYQ2RN7BOB5SI7MOJ4DL6UBIBCT4UXR2MF5D2TLG2PIHDEQKN5YOHO2K3L7UGAOC6QO6JTQ/?
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://celebwell.com/news-yanet-garcia-in-bathing-suit-celebrates-fifa-world-cup/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13435' from origin 'https://celebwell.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13435
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a5143.casalemedia.com
aax-dtb-cf.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
api.parsely.com
api.rlcdn.com
as-sec.casalemedia.com
b1-eudc1.zemanta.com
b1t-eudc1.zemanta.com
bd7f17abb391430f745a486b60e91610.safeframe.googlesyndication.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.parsely.com
celebwell.com
cm.g.doubleclick.net
d30qdagvt44524.cloudfront.net
d3div1mtym39ic.cloudfront.net
d5p.de17a.com
d9jj3mjthpub.cloudfront.net
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
graph.instagram.com
grid.bidswitch.net
gu.dyntrk.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.sv.rkdms.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
karma.mdpcdn.com
loada.exelator.com
match.adsrvr.org
p1.parsely.com
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.wp.com
platform.instagram.com
region1.google-analytics.com
rtb.adentifi.com
s.amazon-adsystem.com
s.company-target.com
scontent.cdninstagram.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
stas.outbrain.com
stats.g.doubleclick.net
stats.wp.com
sync.mathtag.com
sync.srv.stackadapt.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
widgets.outbrain.com
widgets.zemanta.com
www.eatthis.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
x.bidswitch.net
zem.outbrainimg.com
api.rlcdn.com
b1t-eudc1.zemanta.com
104.18.33.19
13.224.195.78
13.225.85.39
13.225.87.188
135.125.160.77
141.94.171.213
142.250.186.34
146.75.118.132
151.101.130.132
151.101.65.108
172.64.151.162
172.64.154.237
18.156.195.47
18.194.231.91
185.29.132.241
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.80.39.216
192.0.66.80
192.0.76.3
192.132.33.46
198.47.127.20
2001:4860:4802:34::36
213.155.156.168
213.227.153.221
213.227.153.223
23.205.235.133
23.35.236.201
23.35.237.86
2600:9000:206f:7e00:d:2820:3bc0:93a1
2600:9000:20eb:c400:11:1ed0:3900:21
2600:9000:21f3:3400:11:e0c9:84c0:21
2600:9000:21f3:f000:19:bcbe:a700:21
2602:803:c003:200::41
2606:4700:10::6816:14d1
2606:4700::6810:5714
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:400c:c08::9a
2a03:2880:f21c:81c4:face:b00c:0:43fe
2a03:2880:f245:e0:face:b00c:0:4420
2a03:2880:f273:cd:face:b00c:0:43fe
3.75.15.124
34.111.151.213
34.120.133.55
34.193.201.64
34.91.62.186
34.96.71.22
35.71.131.137
37.157.3.30
37.252.171.84
52.46.128.147
54.147.255.25
54.155.18.159
54.158.154.2
54.164.3.34
54.78.254.47
64.202.112.191
69.173.144.138
69.173.144.165
85.91.45.57
031e11b32c0221096f28542792e193129b288959e337d8219899375edd2514c7
03258938a9b5e89469863cad098af4e9e022e081d26e3af0f8378b97d8407655
03ff2c15abeeb32f4ce3e6bc0eecabb825d0d4057e766547234728b700f191f3
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08f1159ba20036e83e7d3c06fa872465d8a208369bc3bc7935c32e9022932787
097617c815c046a3464f318f247aa72daed4586e237c53293626be78522b6562
0c1284380e252e5a1d73725a9b59c8a1b6e2fd269da798344308d56b71e80aa8
0d3fd60e80f18f6b8a3b0a3cfec13dcbdaf3e710db09b170096ab1c163dda39c
12c8a1221205ae39748899da67c7cb7a9a3da2105e24424efc2f8804e08b7410
159bd804f3a207ce59088ef63f186ba5b3d906d5245b7bfa882a6a6c3f6a9314
16f01757f1b5bf036cae51885b0c1794418033ec269ee616e48e9865e678805d
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1bd909ab08aeeeb48e7dbe8faa7197336d6770ec1094f2e0c6b6e1a0a6c448a5
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
23beda30424ac7c49957ce15299d0199803995498851441548cf89108a12871b
273f8b05b6788804555695475dedf8aea7fec225f791a2e14fc06f82f2700a09
285a3410b6c9daa6ec89ea2baf9c18290c37377fea84957c59211418a575717e
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2ca69feef28c20ecd1ceecd849a2d43b1579310195a5d9bd469e2266b84f868f
2d188799a741bfe980341481a48f71cb72ada9ff98f64e75ec2d53d706300a0b
2da6165225e429c1a994985dd850984b08ecf31f1ec7a12fcb89bfe2ef97e7cb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3b2f7523a5b11f6c4eeddef43719b156c1593505cda2795da2933d156c2010ff
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42301a379f3e59ad5e10a552a6939578b9e12be574df21fc27cf30f1a3c47899
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
477b4dae3c40b7d681801c51420c286fdef54dcb150d9c18ef6dd8aba24e97bb
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c9677d237284e37c57e59182c2ad3fa28524cce813ead1def8e9db85799d481
4e4532ba02cfad3b9aab3fbe24ccd840c8ace39e51a2e0d451f95641bdd2ad91
50fc1acf8fec0d4a07ad306ce573d7d060c2b3355f2e9db17df36c124295d890
527858ce1bb19dae6c14b76fcdcfad610ded25359054df165c6855de46dd3f77
53b6474d6bf20a899ee17c59f34e31d89ed46a612d73a06143a3344bcdf0c175
548005b1d32066c8d7ab7b2f74d0d066d2607dc63bb3b6604ac7bc6f0eb38207
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c2687de64bd6df6f87c864412becc0ba8c43282e84fd5ef7949c347498b2c1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56aa7052b7cd411c7df0555668e14f85c39ee7b3051e959232ca206425643024
5800f312944709b8d8e2e638a4c64704be610892c2fd06e962ac74b222615e19
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5
5f025aeb2b8a345245a0f8b16d8dcc936ecd39dacda76546d7915534fa01c6f7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65756236417b5ba4b29cd46161b4d435c8b158ffa5ff3ca582e6d0a7ba63004f
685a94ab271639b11517df241f5def3402c6c4cbc6303b5058e95ee0c031516a
6987a1b33bb2627d402f7150018cafe3e64d164c475becab16c7554ae78710c0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4b4f2fc1cb95cd17e7694be1d45ce6adb54c7ff4642532380fea9959a0bc8f
6daf5f0885ae8720ac86aa292d9b555de675e117ea318dc4b6fdd200b715d7e9
727b3ff0c716fa8e38788e3dab83691b06edf37ca523b826f9ef67700021516b
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8373a52f04bc16518619631ca44c5d4fab17e01c21212e878ea0e15108515938
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
88a1610f1d519a4560b00bc1bedeaabaa557628bc00213b802c3184c5ec22f18
8bcf9a2d833eb44fca72ad4cf060ddef063d3d6e4bb2266e6eb3e906c6bb2dac
8bffc125c88dd0f2fc9d380d90aba524eff607ae9dc865d9e7d358cf8e417c00
8c40a706260efeaba896252a781d44b54631f570534785bc0c804d23d875a1c3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90701e4fd0c893d0a7ab1c395c26f51258cd0b0845ab6796b3f91ed59e7c65fa
97ac7434dfd269ff7ab1408ef101803ee0a844259bc65ff0ceede9e613ea9be6
9b7c9bb91016a0d17171d9a9307591530d2211c64f33104a1b87299a6b386f95
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9c1616e7ea7fdd51ae7a08f8ba8863ca7191e07e4c1d8b8f8127ec72f9b7253f
9d8c1bec2d3e70de1b9611f6b60c969fb47c80234cd50f5fb974f8f8d51f6897
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2c269f2fc6ca280eb656d7e23141b51a82703c33ec8f4b1b280bcd2011c054a
a3cf4861c7d0c966f0ed6564f6aad6b28cbd3421a9ca4f60e2246848d249f196
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a6c39f60bae626fb60e79338adfebfdc94ae19a9988711bfc6958886ff2acbc7
aa6f5c5c40c439bc098e2b5f432120acf43450b13858c961e771fd2f749ce224
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2768c812d4deaef371d53201f4548e5cc903b0519691646fa7230f1074d0f14
b31ada1046743817e7c081ca2b02a18a9c359a442ac4a9b19954bdcb4b4c1c65
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4fa5a6f9ea5c7c2fa476086459b388d08794012cc5b170665dd708101eb15bd
b8a5194875e00e028f9f9363ec690e922253615984880ff67357d6760de8c338
bcada8069f9edddd6c9e8e412f7a7d251d20c106a25cb3cd4427ad366e6fead0
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da
c05a202bfec3c0e8fdba6936f9cf8ac41bcafd546ce89f29d16d6e347963fd6b
c0e0215c7fe056073f99bf27d9fd944e42b66ea744145702492533ff449ea121
c1c70a67942e5b0f15c969709fd256d7910327572a8da9f32d5415c9714279c5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa9e89468331f6c5c472d63abd12cb40e10139f4b2ac15709d3b1ba48f5f655
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dd2c3903ec6dffa7a4fe9572af07225c4390627c37991836894d66cd8bfb900e
e18bf494d9162e5b6182d93485d724af7d6e5f001ad4df72cf337fc612da4f96
e2e8c353902203d42b22f79784d48da53d84634ab393ae04791a23c3cbdd0dc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5dc8133e1cf7b2eae532cef83bf6ac1eb20784d22feafc39713aebf7ba8bbfb
e9ab67ec001634e9d890170262e1ac5e94b687af8a41775b745c315da18eb3a5
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f254eb93b015455a3c89aaf970631bc989fe2bd387f79e871b514992359651aa
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f832a3f9fb50dfb245accbfe1f55d83f4330332a2a1b1640888d253398b95bb9
fa9c291f736b48f4e77e9f1a8388014c04e8438a04ed28d9dbdf738a1a3fa40f
fac8d871bdb4a11d934d3ea72c118e1666f4d753171e5cb5dc765291f7ea0836
fd4c1fc24b5764c74a734a8b6d1b3bd09c11c4926ede5a9739606a853e8bd7f7
fe7d1bc7e0b1b69c6c30a48047089c915de77bcd62e15693c3149e350b136052