www.starpenstacks.com Open in urlscan Pro
2606:4700::6812:b6a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.starpennystocks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Effective URL:
https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Submission: On March 15 via api (March 15th 2022, 8:31:55 am UTC) from US — Scanned from DE

Summary HTTP 103 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 18 domains to perform 103 HTTP transactions. The main IP is 2606:4700::6812:b6a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.starpenstacks.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 15th 2021. Valid for: a year.

This is the only time www.starpenstacks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:20f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6812:b6a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
31	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2.21.142.172 2.21.142.172	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	70.42.32.159 70.42.32.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:fb:... 2a02:26f0:fb:59f::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	213.202.235.10 213.202.235.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	213.254.244.26 213.254.244.26	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
103	22

1 2606:4700::6812:20f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.starpennystocks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:b6a (United States)

ASN13335 (CLOUDFLARENET, US)

www.starpenstacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.142.172 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-172.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:fb:59f::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.10 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

at.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.26 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	479 KB
14	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	130 KB
10	starpenstacks.com www.starpenstacks.com	347 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	206 KB
5	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 460 tps.doubleverify.com — Cisco Umbrella Rank: 444 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 9304	100 KB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	143 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	37 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 1897 tr.outbrain.com — Cisco Umbrella Rank: 1782	4 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 251	33 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8832	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	67 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1243	63 KB
1	bahn.de at.bahn.de — Cisco Umbrella Rank: 83120	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	649 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1619	1 KB
1	starpennystocks.com 1 redirects www.starpennystocks.com	285 B
103	18

	Domain	Requested by
24	tpc.googlesyndication.com	googleads.g.doubleclick.net www.starpenstacks.com tpc.googlesyndication.com pagead2.googlesyndication.com
16	pagead2.googlesyndication.com	www.starpenstacks.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	www.starpenstacks.com	www.starpenstacks.com
6	s0.2mdn.net	www.starpenstacks.com googleads.g.doubleclick.net s0.2mdn.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	tr.outbrain.com	amplify.outbrain.com www.starpenstacks.com
2	tpsc-frc.doubleverify.com	cdn.doubleverify.com
2	cdn.doubleverify.com	s0.2mdn.net www.starpenstacks.com
2	googleads4.g.doubleclick.net	www.starpenstacks.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.starpenstacks.com
2	fonts.googleapis.com	www.starpenstacks.com googleads.g.doubleclick.net
1	tps.doubleverify.com	cdn.doubleverify.com
1	code.createjs.com	s0.2mdn.net
1	at.bahn.de	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	amplify.outbrain.com	www.starpenstacks.com
1	secure.gravatar.com	www.starpenstacks.com
1	ajax.googleapis.com	www.starpenstacks.com
1	www.starpennystocks.com	1 redirects
103	26

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-15` - `2022-11-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
at.bahn.de GeoTrust TLS RSA CA G1	`2021-12-06` - `2022-12-30`	a year	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh

This page contains 19 frames:

Primary Page: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Frame ID: 8785676CD1232865072E791339786BD3
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html
Frame ID: 35F834A967B6AD1EA35E3DA01211B900
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=9539990666&adk=1784735162&adf=2227106891&pi=t.ma~as.9539990666&w=400&fwrn=4&fwrnh=100&lmt=1647225087&rafmt=3&psa=0&format=400x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F09%2F29%2Fcelebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647333108513&bpp=20&bdt=542&idt=154&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&correlator=8690182913679&frm=20&pv=2&ga_vid=1606493767.1647333109&ga_sid=1647333109&ga_hid=1992917200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=367&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531398%2C44750773%2C31064858%2C31065469&oid=2&pvsid=2711929121835451&pem=937&tmod=1637548438&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5QVejdJusS&p=https%3A//www.starpenstacks.com&dtd=172
Frame ID: 688B2BBCCBE914DF9942456F57571CC6
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=1027493446&adk=2171511035&adf=2908574772&pi=t.ma~as.1027493446&w=349&fwrn=4&fwrnh=100&lmt=1647225087&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F09%2F29%2Fcelebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647333108534&bpp=5&bdt=563&idt=162&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280&correlator=8690182913679&frm=20&pv=1&ga_vid=1606493767.1647333109&ga_sid=1647333109&ga_hid=1992917200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531398%2C44750773%2C31064858%2C31065469&oid=2&pvsid=2711929121835451&pem=937&tmod=1637548438&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VPyxcfebPC&p=https%3A//www.starpenstacks.com&dtd=166
Frame ID: D8E396B672AB00DD5A346CAE0A509746
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=5482577920&adk=2016359606&adf=1497098137&pi=t.ma~as.5482577920&w=349&fwrn=4&fwrnh=100&lmt=1647225087&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F09%2F29%2Fcelebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647333108539&bpp=4&bdt=568&idt=166&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=8690182913679&frm=20&pv=1&ga_vid=1606493767.1647333109&ga_sid=1647333109&ga_hid=1992917200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531398%2C44750773%2C31064858%2C31065469&oid=2&pvsid=2711929121835451&pem=937&tmod=1637548438&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BQX35D4Vdy&p=https%3A//www.starpenstacks.com&dtd=169
Frame ID: 41685C8C2FEEB7F313BB6187C51D255D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&adk=1812271804&adf=3025194257&lmt=1647225087&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F09%2F29%2Fcelebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647333108576&bpp=1&bdt=605&idt=137&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280%2C349x280&nras=1&correlator=8690182913679&frm=20&pv=1&ga_vid=1606493767.1647333109&ga_sid=1647333109&ga_hid=1992917200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531398%2C44750773%2C31064858%2C31065469&oid=2&pvsid=2711929121835451&pem=937&tmod=1637548438&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=143
Frame ID: 6D1AD6A5923F135A4E1FE5B41CA7ADBE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5F9A97D8F1BEC57B15CA3B0625C94E72
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1
Frame ID: DF9A2270F22D039DBCEBF5465392D76C
Requests: 14 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsucJtAyU_KuTvkLDiI7pJViDEPIn1c3xUPywXCLODtRa54-Cu9TNg7SGSbxPi5LifT4v2OHOzNOE8D9Wg0in1jQ6CjyMDW219H81X7UaVnq2V385XjJfWASpgJSj4WUD6sghaIPSDkWue4okiwZgxjAxJ9yf-KZsAnYFvYI4Ph1EeBX5tRB9EvHNcG3vbp3cDBwhMGnBTtTDFDRRVTzqRpFR7cyJuriKhOw6xzsTaJL0PmzL9LanWYWIuPMAOvgxl_C3ARPAnutbmSL_uArhezmXvskKK1iZbSetgPxXnYqPWRdAT_gGHt1khwvYhRf6gVOoiAVb6h0nFwGR1vKgrgu8f2oKJlB1eq2oYlldFZZWq4Nr02JtoXAEHaCknH1BjDHfk6bFay-jF2N-G1RcFonxj5WqXZQKMWyImZQNK4X3SmVNYdw3vV-1ZHw_hPK214qSrGpiHRboYQG0h4yVf3t6pKqACPvRvMp52DSeJuYv8DcPk-8AymwN_xrjkmlXhjL7hg5W7g5ngGYEQYQqxWG9vRHpkV24Wt3X_Yl1CT5yJdDlU1P85bX_7GppH701x0Kf3L9COhMHgM3RrfoSCFb9DvmLW5FVg5oIkcGocOJ7vv1kfq7RcnQQgdEwgIJRvZY1eEt-6kGNrNU6lTjnQwJxCjSZpuqvRWFJXd-y4NHUBPBq423aFtS48OF3Q-kYGPptVTkxXSG0pPlRUQOU5eWLE08iktx8OS5exng0BP36IF25-csR4GzRQCrxg3zv6jTOXfN53PP-6gCBvlx2CQVBOOfiMrfvScnMeD7pya8qsa-P4bJ9o3KH3znZqlCk70vCP8YmLjfedFT-DLWBd-RO0SRnMu-axMEu1i47GkZQMy_MsbzU7730OnKkDiHV8BWwV5LV-uGfKqwGhBt69xaW4XwqRV-i2RUFz99hIHRaFuZo6lpmpvxY-EWNMdAijiEvxK8Cg15lPUEbdZSdimv_omS7DqGt-qnmVnIQVOXbZddVvf7TejgcfqA_h2ZYyhzJVR3B8FHZ-hXN85iLg7iUmf05Sg-w6WopTN7LdYRPaCbfxsJFdjIoN1bGQBb9pfjLjE0H0ZmR59Ns8ygrNUFgmapBh7eSpNRRo30QJ5HEbM4EruhVVENkOdVxv9UWM8CHS-vQH9OYxRL7f-S6kg5b1s&sai=AMfl-YQ6A5vQ6a7hT_Migc6jItJKJvt-7txd2vNcu0CGOV9yVLitmg4cTTYnkw&sig=Cg0ArKJSzOA0DfveRB0tEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 7EE0134BB3B82C1F8B9CDA1F719E1E59
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js
Frame ID: 22C0AF19AD1240FF7E405828B40C9752
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuPIEi-7-cd-xx5-NzM4B9FdDcfbBn6zg57Rq1CmIsmwfNe6bI-GyAHroG7qtPh3H67f7gpqigTgV1siMi7aKf_D3nOXCBttx7MV_MtVCoWLze0GMH5IQte0II2SUrIn0j9NhIJn87uSoEViFXUxr7CnEzglnsoia65EoAxhBMnqsKbz8L7gK-zGvjNrU1xXJeOBAKwlSBm6Ag1sIY5x66vZnWsofvKMZm_jEI3APksGGBpywYx6J9nmXn1BKZRLGBMQFazj0IfYU3SBaQDUo2jPkxFLA7-3ieECfp2s5_fGdVq6iZg_vKx6QoA-ZRfoVRZ45tWYqYHnc9VBsDh9WTLZdJ9NdJAAwuAQtY-kZxYNDhucntaTUrygmj-O_QuVc_RLF8mRlQcuyv74KCm8xoTfltN9YiSTtEPxaq2EJCH3vkopLPSisIbPgZY4xIKjT2uOGry4qELYLRhxvI5uetRnEeU-93dja1rhDq8JwbsFZLKLrNX8GZvhC5QaGxWPbD_PshCxPQDkHilBYNx0S8Em885RNbKtNdDWXdNp3nK0xlXz9QUEOId8Gq8mO1913Z2fFQyN38AsTdd-YGblTNbAoHHRcMziSOXyRPwL71124HnGusn1UwiRURTAWEL1_8mxjrVOMOrALP4MeS5pPjTdZfz7MQCKcTr9Ea6vT3UyKs8eXf2W5WQFPHt0n7BkA7jeKttwymwg1OhYPJqnT5-Pj8CjkCc8Y6dYnxwkIvJE8HypEq8BB0wKPXlFPEzVM-o7kY0kfGzkjLbUewvnjNvV4AWypsblwFdpIkT79rCj1FHPPtmD7B7a8gXYA_YUM1c_Z_0UCb_wgP4MbV2Dd7TBhtRV3RBjra8W5X9lveRT0jL9jTAF0rTeWQDQIukOMjXxfwAuOrNFz46sjEjmpKKoUP099kR0ZFiZug6fSv9VZonA9I3lM-PtEFAXPSbta5xM0RdEpO-FUtpWJQY1nhhLp0fQr8m9ZaP15qrMxZEyZfSIznc-JKNzHHC1qX_efWND3uJ-FAiVpOfiG8m2qwhE_sko4HK7e2TlZxABH26ze7cE3AhgVQNl4qeZp9DY23rBOsZj40YL3tiBhe7gFqMSrEh_apGf2RsNTytfgVpM9gQxgjdkQBGjfuF9YrdUfMQ6bNhcEacHEelcWlttGThR3YNqZyoUNcKtmXAEAUVjDqG&sai=AMfl-YRO0WxbZVE_vBQ8K8J_tF6GsyK_Aj29mOIj9E8B_Or-cFC25jopLIu9jw&sig=Cg0ArKJSzIoJAsoyCcpFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: CF153CD534F34359AAA9F04F45541022
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 536A4983F0ABBF5E9320A40A177CA0AA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/8650961/1630571419258/300x250_EU_DE_BANNER_1/300x250_EU_DE_BANNER_1/MBV_EU_DE_Banner_1_Generic%20EU_300x250.html
Frame ID: D2D3E1AFC0693D8E03D6B6075D9243B0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9394EC6FA12B7E4342735819305E6182
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 442E5170AC4E1DCDEBF68F934EF1D939
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2375.js
Frame ID: 55A419D40F4E5C5C00CD113601A66476
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js
Frame ID: F93550D187E43246C14DC31B00FD5238
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 64AF599AAD01A476DB7DAFC809D5AF7A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F6F944033E91E0154596977F3FE719AE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Celebrities That Have Aged Flawlessly And Perfectly - It's Hard To Believe Their Real Age - StarPenStacks

Page URL History Show full URLs

https://www.starpennystocks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-b... HTTP 301
https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-b... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

103
Requests

100 %
HTTPS

73 %
IPv6

18
Domains

26
Subdomains

22
IPs

3
Countries

1632 kB
Transfer

4255 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.starpennystocks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/ HTTP 301
https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 85

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

103 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Redirect Chain

https://www.starpennystocks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/

28 KB
8 KB

85ms
30ms

Document
text/html

2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2c27a9b2574911d0d8686d6ebe29e2b779d6e927d20a807ea5eb70693bd515e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 15 Mar 2022 08:31:48 GMT
content-type: text/html; charset=UTF-8
x-pingback: https://www.starpenstacks.com/xmlrpc.php
link: <https://www.starpenstacks.com/?p=5016>; rel=shortlink
cf-cache-status: HIT
age: 108021
last-modified: Mon, 14 Mar 2022 02:31:27 GMT
expires: Tue, 15 Mar 2022 12:31:48 GMT
cache-control: public, max-age=14400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6ec3e518eb809b1b-FRA
content-encoding: br

Redirect headers

date: Tue, 15 Mar 2022 08:31:48 GMT
location: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
cache-control: max-age=3600
expires: Tue, 15 Mar 2022 09:31:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6ec3e5186a84693f-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 140ms
46ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d402b35e6e0d996cc57dfb1f40a87b672f1eb4dfe0744da6d9c40b0d26592815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 06:33:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Mar 2022 08:31:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Mar 2022 08:31:48 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 134ms
41ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 17:42:21 GMT

GET
H2 200 autoptimize_7c6966f76c3f477af241c5493ad4e337.css
www.starpenstacks.com/wp-content/cache/autoptimize/css/ 197 KB
35 KB 31ms
31ms Stylesheet
text/css 2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.starpenstacks.com/wp-content/cache/autoptimize/css/autoptimize_7c6966f76c3f477af241c5493ad4e337.css
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7081b1d0b4c2ca10e4ae7d454d7bd1c23701c31fa4390c99d68efc99b30af51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Dec 2020 03:35:57 GMT
server: cloudflare
age: 121745
cf-polished: origSize=202489
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Sun, 05 Mar 2023 08:31:48 GMT
cache-control: public, max-age=30672000
cf-ray: 6ec3e5193bf09b1b-FRA
cf-bgj: minify

GET
H2 200 autoptimize_b6c6357df97615cbf9cc51f79364d686.css
www.starpenstacks.com/wp-content/cache/autoptimize/css/ 849 B
462 B 25ms
24ms Stylesheet
text/css 2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.starpenstacks.com/wp-content/cache/autoptimize/css/autoptimize_b6c6357df97615cbf9cc51f79364d686.css
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 512abfd0af424c443f98064c7a76cb739464f558adccb169f45ac436b13c1e08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Jun 2020 07:43:29 GMT
server: cloudflare
age: 121745
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Sun, 05 Mar 2023 08:31:48 GMT
cache-control: public, max-age=30672000
cf-ray: 6ec3e5193bf29b1b-FRA
cf-bgj: minify

GET
H2 200 jquery-3.4.1.min.js Show response
www.starpenstacks.com/wp-content/plugins/jquery-updater/js/ 86 KB
31 KB 30ms
29ms Script
application/javascript 2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.starpenstacks.com/wp-content/plugins/jquery-updater/js/jquery-3.4.1.min.js?ver=3.4.1
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Mar 2020 03:57:43 GMT
server: cloudflare
age: 517028
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 6ec3e5193bf39b1b-FRA
expires: Tue, 15 Mar 2022 12:31:48 GMT

GET
H2 200 autoptimize_single_c7118e30e58e22e72a0eca8ec9336599.js Show response
www.starpenstacks.com/wp-content/cache/autoptimize/js/ 14 B
127 B 26ms
26ms Script
application/javascript 2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.starpenstacks.com/wp-content/cache/autoptimize/js/autoptimize_single_c7118e30e58e22e72a0eca8ec9336599.js?ver=4.9.20+2.4.20
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b16f328161f671c5374c717a038def5bba21a4f37cdfb3509cda60ec262cf5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:48 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jun 2020 07:43:27 GMT
server: cloudflare
age: 517028
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Sun, 05 Mar 2023 08:31:48 GMT
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ec3e5193bf59b1b-FRA
content-length: 14
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 180ms
93ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137392462-9

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c3a3a8dfc0771b4dd9b0ee43e8c9fcd12a4ba22ac833a6fc9352b58d7f7f374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36963
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Mar 2022 08:31:48 GMT

GET
H2 200 STARPENSTACKS-SMALL.png
www.starpenstacks.com/wp-content/uploads/2021/01/ 2 KB
2 KB 28ms
28ms Image
image/webp 2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.starpenstacks.com/wp-content/uploads/2021/01/STARPENSTACKS-SMALL.png
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34cd6ca5ac2b03924176600b5d9c754403d06665a5731eb279515d542cc4ff95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:48 GMT
cf-cache-status: HIT
age: 120013
cf-polished: origFmt=png, origSize=4767
last-modified: Tue, 05 Jan 2021 10:04:25 GMT
content-disposition: inline; filename="STARPENSTACKS-SMALL.webp"
content-length: 2062
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6ec3e51a5d7e9b1b-FRA
expires: Tue, 15 Mar 2022 12:31:48 GMT

GET
H2 200 cover.jpg
www.starpenstacks.com/wp-content/uploads/2018/10/ 165 KB
166 KB 669ms
667ms Image
image/jpeg 2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.starpenstacks.com/wp-content/uploads/2018/10/cover.jpg
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 858a6392b5b1630ef2ae16de6ba96ef735c5b53faf2aff936abcf4064a0f06b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:49 GMT
cf-cache-status: MISS
last-modified: Thu, 03 Jan 2019 09:43:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6ec3e51a9de29b1b-FRA
content-length: 169389
expires: Tue, 15 Mar 2022 12:31:49 GMT

GET
H2 200 8db64465bbe66bf9c844d59d713c466d
secure.gravatar.com/avatar/ 1 KB
1 KB 22ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/8db64465bbe66bf9c844d59d713c466d?s=50&d=mm&r=g
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ec626d1355ef5d84689c88b2ec9e383fa16b0be9c068fe5fc913be061542edbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 15 Mar 2022 08:31:48 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="8db64465bbe66bf9c844d59d713c466d.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/8db64465bbe66bf9c844d59d713c466d?s=50&d=mm&r=g>; rel="canonical"
content-length: 1128
expires: Tue, 15 Mar 2022 08:36:48 GMT

GET
H2 200 P45-NIKI-TAYLOR.jpg
www.starpenstacks.com/wp-content/uploads/2018/12/ 47 KB
47 KB 31ms
30ms Image
image/webp 2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.starpenstacks.com/wp-content/uploads/2018/12/P45-NIKI-TAYLOR.jpg
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35ba5af336a7a0c347e2c23b5d0a73817f46647ee118a8661e869cc9062bc4b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:48 GMT
cf-cache-status: HIT
age: 108020
cf-polished: qual=85, origFmt=jpeg, origSize=66170
last-modified: Fri, 28 Dec 2018 06:15:11 GMT
content-disposition: inline; filename="P45-NIKI-TAYLOR.webp"
content-length: 47638
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6ec3e51a9de59b1b-FRA
expires: Tue, 15 Mar 2022 12:31:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
53 KB 177ms
88ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eed9dbb4fe60fb903a06b17d72363ffa543c942dedb030f650a0bf45f67d18b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53807
x-xss-protection: 0
server: cafe
etag: 850441908602431524
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Mar 2022 08:31:49 GMT

GET
H2 200 autoptimize_9ef9e84a199daf85209ab04ae5566b85.js Show response
www.starpenstacks.com/wp-content/cache/autoptimize/js/ 174 KB
49 KB 33ms
31ms Script
application/javascript 2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.starpenstacks.com/wp-content/cache/autoptimize/js/autoptimize_9ef9e84a199daf85209ab04ae5566b85.js
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 458fe424a737af83d485e3394e48fd16ffa75628add301b13e9d761f014d7254

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 05:08:13 GMT
server: cloudflare
age: 121745
cf-polished: origSize=177868
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Sun, 05 Mar 2023 08:31:48 GMT
cache-control: public, max-age=30672000
cf-ray: 6ec3e51a9deb9b1b-FRA
cf-bgj: minify

GET
H2 200 /
www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/2/ 0
8 KB 27ms
26ms Other
text/html 2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/2/
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-pingback: https://www.starpenstacks.com/xmlrpc.php
date: Tue, 15 Mar 2022 08:31:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Mar 2022 02:31:29 GMT
server: cloudflare
age: 108019
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 6ec3e51a9ded9b1b-FRA
link: <https://www.starpenstacks.com/?p=5016>; rel=shortlink
expires: Tue, 15 Mar 2022 12:31:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 77 KB
31 KB 54ms
49ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MR5SQCC

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05c8437ed3c4b1bc4d5f58371cabc75d1c0fa35b75d291f5b26d19d3057013de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31185
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Mar 2022 08:31:48 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 33ms
8ms Script
application/x-javascript 2.21.142.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.142.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 08:31:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 12:30:38 GMT
Server: AkamaiNetStorage
ETag: "23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Tue, 15 Mar 2022 08:51:48 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v28/ 16 KB
17 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.starpenstacks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:46:04 GMT
x-content-type-options: nosniff
age: 553545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:06:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 22:46:04 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 373ms
82ms Script
application/javascript 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00f735510dc960290610c963674757a995
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 08:31:49 GMT
content-encoding: gzip
X-TraceId: 5559df8fe6ee0fa2bf0121fdc6d7f92f
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 388ms
86ms Image
image/gif 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00f735510dc960290610c963674757a995&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F09%2F29%2Fcelebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age%2F&optOut=false&bust=05500958338268844
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 08:31:49 GMT
Cache-Control: no-cache
X-TraceId: 3f3f4d7be8b4ff6a18a5ae4dcbadeaaf
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 397ms
88ms Image
image/gif 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00f735510dc960290610c963674757a995&obApiVersion=1.1&obtpVersion=1.6.0&name=viewcontent&dl=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F09%2F29%2Fcelebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age%2F&optOut=false&bust=010727998866036903
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 08:31:49 GMT
Cache-Control: no-cache
X-TraceId: ff2d145c8a0f4c965da9fc4460b57f21
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 133ms
37ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137392462-9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3419
date: Tue, 15 Mar 2022 07:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 15 Mar 2022 09:34:50 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ 292 KB
105 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9355985142493728&plah=www.starpenstacks.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0965b428ce26477449f65a680a07a85aa8fe82db035a5279a239045d134bac29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107542
x-xss-protection: 0
server: cafe
etag: 6887112957029833986
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Mar 2022 08:31:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/ Frame 35F8 10 KB
5 KB 62ms
61ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Mon, 14 Mar 2022 23:41:54 GMT
expires: Mon, 28 Mar 2022 23:41:54 GMT
cache-control: public, max-age=1209600
age: 31795
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 95ms
47ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1992917200&t=pageview&_s=1&dl=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F09%2F29%2Fcelebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age%2F&ul=en-us&de=UTF-8&dt=Celebrities%20That%20Have%20Aged%20Flawlessly%20And%20Perfectly%20-%20It%27s%20Hard%20To%20Believe%20Their%20Real%20Age%20-%20StarPenStacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=743231030&gjid=1104846646&cid=1606493767.1647333109&tid=UA-137392462-9&_gid=1096533727.1647333109&_r=1&gtm=2ou370&z=1648254400

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.starpenstacks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 08:31:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.starpenstacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
649 B 153ms
47ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.starpenstacks.com&callback=_gfp_s_&client=ca-pub-9355985142493728

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9355985142493728&plah=www.starpenstacks.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

cd9880cc649f45d811fbe49682e746ba7b493e8263385ef71f0266bd30f3b4f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 132ms
48ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.starpenstacks.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 08:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
47ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.starpenstacks.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 08:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 688B 71 KB
28 KB 348ms
347ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=9539990666&adk=1784735162&adf=2227106891&pi=t.ma~as.9539990666&w=400&fwrn=4&fwrnh=100&lmt=1647225087&rafmt=3&psa=0&format=400x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F09%2F29%2Fcelebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647333108513&bpp=20&bdt=542&idt=154&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&correlator=8690182913679&frm=20&pv=2&ga_vid=1606493767.1647333109&ga_sid=1647333109&ga_hid=1992917200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=367&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531398%2C44750773%2C31064858%2C31065469&oid=2&pvsid=2711929121835451&pem=937&tmod=1637548438&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5QVejdJusS&p=https%3A//www.starpenstacks.com&dtd=172

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b730778ea339219bc09528cb6ff7ce5188badc9514e9aeb7cce16bfc21b9aefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Mar 2022 08:31:49 GMT
server: cafe
content-length: 28803
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Mar 2022 08:31:49 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D8E3 72 KB
30 KB 575ms
575ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=1027493446&adk=2171511035&adf=2908574772&pi=t.ma~as.1027493446&w=349&fwrn=4&fwrnh=100&lmt=1647225087&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F09%2F29%2Fcelebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647333108534&bpp=5&bdt=563&idt=162&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280&correlator=8690182913679&frm=20&pv=1&ga_vid=1606493767.1647333109&ga_sid=1647333109&ga_hid=1992917200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531398%2C44750773%2C31064858%2C31065469&oid=2&pvsid=2711929121835451&pem=937&tmod=1637548438&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VPyxcfebPC&p=https%3A//www.starpenstacks.com&dtd=166

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42f702e41588d71c7d79cf80aeb374e49cbde5a455b726a598752e602bf2869d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Mar 2022 08:31:49 GMT
server: cafe
content-length: 30674
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Mar 2022 08:31:49 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4168 59 KB
26 KB 692ms
692ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=5482577920&adk=2016359606&adf=1497098137&pi=t.ma~as.5482577920&w=349&fwrn=4&fwrnh=100&lmt=1647225087&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F09%2F29%2Fcelebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647333108539&bpp=4&bdt=568&idt=166&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=8690182913679&frm=20&pv=1&ga_vid=1606493767.1647333109&ga_sid=1647333109&ga_hid=1992917200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531398%2C44750773%2C31064858%2C31065469&oid=2&pvsid=2711929121835451&pem=937&tmod=1637548438&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BQX35D4Vdy&p=https%3A//www.starpenstacks.com&dtd=169

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e31991649a9f4131c2ee5a9d09a0efef45b6b49922654f9a900b684a240121a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Mar 2022 08:31:50 GMT
server: cafe
content-length: 26960
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Mar 2022 08:31:50 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D1A 110 KB
36 KB 440ms
439ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&adk=1812271804&adf=3025194257&lmt=1647225087&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F09%2F29%2Fcelebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647333108576&bpp=1&bdt=605&idt=137&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280%2C349x280&nras=1&correlator=8690182913679&frm=20&pv=1&ga_vid=1606493767.1647333109&ga_sid=1647333109&ga_hid=1992917200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531398%2C44750773%2C31064858%2C31065469&oid=2&pvsid=2711929121835451&pem=937&tmod=1637548438&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=143

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a203ee7a04deae32dc355c842aabbdde830b0e93878dad440c1ff72cae404332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Mar 2022 08:31:49 GMT
server: cafe
content-length: 36469
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Mar 2022 08:31:49 GMT
cache-control: private

GET
H2 200 2817156430364241895
tpc.googlesyndication.com/daca_images/simgad/ Frame 688B 31 KB
31 KB 154ms
50ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/2817156430364241895

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=9539990666&adk=1784735162&adf=2227106891&pi=t.ma~as.9539990666&w=400&fwrn=4&fwrnh=100&lmt=1647225087&rafmt=3&psa=0&format=400x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F09%2F29%2Fcelebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647333108513&bpp=20&bdt=542&idt=154&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&correlator=8690182913679&frm=20&pv=2&ga_vid=1606493767.1647333109&ga_sid=1647333109&ga_hid=1992917200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=367&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531398%2C44750773%2C31064858%2C31065469&oid=2&pvsid=2711929121835451&pem=937&tmod=1637548438&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5QVejdJusS&p=https%3A//www.starpenstacks.com&dtd=172

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6690063753cf86f41f2ebd53b3e035972311fd23ad9aef538056195e9fe5dcc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 12:16:28 GMT
x-content-type-options: nosniff
age: 72921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31737
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 14:21:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Mar 2023 12:16:28 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 688B 19 KB
8 KB 141ms
39ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 08:28:39 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 688B 2 KB
1 KB 146ms
48ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 08:28:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 688B 117 KB
36 KB 150ms
56ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 08:31:49 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 688B 15 KB
6 KB 142ms
44ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 08:26:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 688B 0
0 72ms
70ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcnbI9U4wYsvrF9Wt9u8Pls-W2AXChvCpaIn3n_uXD7fVy6aWDhABIOiOpDdgleKQgqAHoAG5-p_UA8gBAqkCJ1CNWiXRoj6oAwHIA8kEqgS5Ak_Qa27ayMJ4UX3_v4Kr9nZWWPknd5rWxwkKcRF_YNWE-inl6FSLne-gTKBkKCE30fHRhucHzkg6wOaUeaZ42xMFDhuB0NEeABtbhRtT7qGWuBwymaZDwRoS-iQe8ylkbzAj9GMrM5piPZHvnwYqAc9bl1WLbeV6FPC6u4xNAZ4ChvKDYEqc3LKodqISD6AYLWebxKd__JLR_PXUMieBA6fGUy3_s6cGJfMSxrzWc61xLcB0Gf9DluiLm-3Ax_Ab1CzT8fG0mdnLdB-5hLO252b0_GeiWhD2Q3oJ6C1AGsk7MyQVfwAb7YXTu3AP5IpfW7bPDr5R9_rMIFw_N23aK8_raant3hH0G4VLNt_--f1_eMMnCgcjG0tMyTIJlNgjMmDRYWyX3DAG076ODtCO3BAuZinW1gvYRHbABJ3am5fZA5IFBAgEGAGSBQQIBRgEoAYCgAevheArqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQyf8C0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTkzNTU5ODUxNDI0OTM3MjgYAA&sigh=Ad89XmDOvAs&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=9539990666&adk=1784735162&adf=2227106891&pi=t.ma~as.9539990666&w=400&fwrn=4&fwrnh=100&lmt=1647225087&rafmt=3&psa=0&format=400x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F09%2F29%2Fcelebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647333108513&bpp=20&bdt=542&idt=154&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&correlator=8690182913679&frm=20&pv=2&ga_vid=1606493767.1647333109&ga_sid=1647333109&ga_hid=1992917200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=367&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531398%2C44750773%2C31064858%2C31065469&oid=2&pvsid=2711929121835451&pem=937&tmod=1637548438&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5QVejdJusS&p=https%3A//www.starpenstacks.com&dtd=172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 15 Mar 2022 08:31:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Mar 2022 08:31:49 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 688B 28 KB
12 KB 191ms
96ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca7f23edc5a250dd23a0e499b3aa451f9dbc6bafc91faf8da2c7245bb05de1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 22:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35427
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11802
x-xss-protection: 0
server: cafe
etag: 8307557220395963033
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 22:41:22 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ 151 KB
54 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ebc84713fbeab44693fc518ef25f194b1663e7b6c9f48ad6c105ab2eb4226ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55006
x-xss-protection: 0
server: cafe
etag: 14208637268447410582
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Mar 2022 08:31:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5F9A 143 B
163 B 40ms
39ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=9539990666&adk=1784735162&adf=2227106891&pi=t.ma~as.9539990666&w=400&fwrn=4&fwrnh=100&lmt=1647225087&rafmt=3&psa=0&format=400x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F09%2F29%2Fcelebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647333108513&bpp=20&bdt=542&idt=154&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&correlator=8690182913679&frm=20&pv=2&ga_vid=1606493767.1647333109&ga_sid=1647333109&ga_hid=1992917200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=367&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531398%2C44750773%2C31064858%2C31065469&oid=2&pvsid=2711929121835451&pem=937&tmod=1637548438&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5QVejdJusS&p=https%3A//www.starpenstacks.com&dtd=172

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 15 Mar 2022 08:06:49 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 95ms
48ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.starpenstacks.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 08:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 97ms
49ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.starpenstacks.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 08:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/ Frame DF9A 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Mon, 14 Mar 2022 23:56:52 GMT
expires: Mon, 28 Mar 2022 23:56:52 GMT
cache-control: public, max-age=1209600
age: 30898
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 688B 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7904c4a9e376675e1fe46f493350ae9d8c99d07c5e03e8cacd3b4dcfa0045624

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7EE0 0
0 168ms
72ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsucJtAyU_KuTvkLDiI7pJViDEPIn1c3xUPywXCLODtRa54-Cu9TNg7SGSbxPi5LifT4v2OHOzNOE8D9Wg0in1jQ6CjyMDW219H81X7UaVnq2V385XjJfWASpgJSj4WUD6sghaIPSDkWue4okiwZgxjAxJ9yf-KZsAnYFvYI4Ph1EeBX5tRB9EvHNcG3vbp3cDBwhMGnBTtTDFDRRVTzqRpFR7cyJuriKhOw6xzsTaJL0PmzL9LanWYWIuPMAOvgxl_C3ARPAnutbmSL_uArhezmXvskKK1iZbSetgPxXnYqPWRdAT_gGHt1khwvYhRf6gVOoiAVb6h0nFwGR1vKgrgu8f2oKJlB1eq2oYlldFZZWq4Nr02JtoXAEHaCknH1BjDHfk6bFay-jF2N-G1RcFonxj5WqXZQKMWyImZQNK4X3SmVNYdw3vV-1ZHw_hPK214qSrGpiHRboYQG0h4yVf3t6pKqACPvRvMp52DSeJuYv8DcPk-8AymwN_xrjkmlXhjL7hg5W7g5ngGYEQYQqxWG9vRHpkV24Wt3X_Yl1CT5yJdDlU1P85bX_7GppH701x0Kf3L9COhMHgM3RrfoSCFb9DvmLW5FVg5oIkcGocOJ7vv1kfq7RcnQQgdEwgIJRvZY1eEt-6kGNrNU6lTjnQwJxCjSZpuqvRWFJXd-y4NHUBPBq423aFtS48OF3Q-kYGPptVTkxXSG0pPlRUQOU5eWLE08iktx8OS5exng0BP36IF25-csR4GzRQCrxg3zv6jTOXfN53PP-6gCBvlx2CQVBOOfiMrfvScnMeD7pya8qsa-P4bJ9o3KH3znZqlCk70vCP8YmLjfedFT-DLWBd-RO0SRnMu-axMEu1i47GkZQMy_MsbzU7730OnKkDiHV8BWwV5LV-uGfKqwGhBt69xaW4XwqRV-i2RUFz99hIHRaFuZo6lpmpvxY-EWNMdAijiEvxK8Cg15lPUEbdZSdimv_omS7DqGt-qnmVnIQVOXbZddVvf7TejgcfqA_h2ZYyhzJVR3B8FHZ-hXN85iLg7iUmf05Sg-w6WopTN7LdYRPaCbfxsJFdjIoN1bGQBb9pfjLjE0H0ZmR59Ns8ygrNUFgmapBh7eSpNRRo30QJ5HEbM4EruhVVENkOdVxv9UWM8CHS-vQH9OYxRL7f-S6kg5b1s&sai=AMfl-YQ6A5vQ6a7hT_Migc6jItJKJvt-7txd2vNcu0CGOV9yVLitmg4cTTYnkw&sig=Cg0ArKJSzOA0DfveRB0tEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 15 Mar 2022 08:31:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 7EE0 106 KB
38 KB 141ms
40ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 12:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71048
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Mar 2022 12:47:42 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7EE0 41 KB
15 KB 133ms
81ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 13:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 13:40:29 GMT

GET
H3 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 7EE0 32 KB
13 KB 118ms
67ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=1027493446&adk=2171511035&adf=2908574772&pi=t.ma~as.1027493446&w=349&fwrn=4&fwrnh=100&lmt=1647225087&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F09%2F29%2Fcelebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647333108534&bpp=5&bdt=563&idt=162&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280&correlator=8690182913679&frm=20&pv=1&ga_vid=1606493767.1647333109&ga_sid=1647333109&ga_hid=1992917200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531398%2C44750773%2C31064858%2C31065469&oid=2&pvsid=2711929121835451&pem=937&tmod=1637548438&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VPyxcfebPC&p=https%3A//www.starpenstacks.com&dtd=166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684506d9d8135537d90392d008a89c4b57a6878ab17f88d66153a630bbe773dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13100
x-xss-protection: 0
server: cafe
etag: 17326570059298415575
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:55:24 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 7EE0 2 KB
1 KB 132ms
80ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 08:28:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7EE0 117 KB
36 KB 157ms
110ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 08:31:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 7EE0 15 KB
6 KB 103ms
52ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 08:26:58 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 7EE0 19 KB
8 KB 110ms
60ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 08:28:39 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5F9A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

103ms
101ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Mar 2022 08:31:50 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Mar 2022 08:31:50 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Mar 2022 08:31:50 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 22C0 35 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:38:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 06:38:04 GMT

GET
H2 200 f0bb7a1f705d608239f854e986aba8ab.js Show response
www.gstatic.com/mysidia/ Frame DF9A 9 KB
4 KB 146ms
55ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f0bb7a1f705d608239f854e986aba8ab.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dddfdcef973923c7b6cbd4534237ab3dcdc76a8aa3d6d03619566261e0b3e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 10:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3745
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 10:04:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 10:14:15 GMT

GET
H2 200 91e0c874f9703d67138113c8fcce6f41.js Show response
www.gstatic.com/mysidia/ Frame DF9A 8 KB
4 KB 145ms
56ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/91e0c874f9703d67138113c8fcce6f41.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d144e3cedf9b96679caf134416822a66a20c41a61f5569ae0ff09779581fe69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 21:56:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3714
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 07:55:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 21:56:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DF9A 8 KB
892 B 96ms
48ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 06:33:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Mar 2022 08:31:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Mar 2022 08:31:50 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame DF9A 2 KB
904 B 53ms
40ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 08:27:53 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame DF9A 19 KB
8 KB 55ms
42ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 08:28:39 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame DF9A 2 KB
1 KB 90ms
77ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 08:28:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF9A 117 KB
36 KB 115ms
106ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 08:31:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame DF9A 15 KB
6 KB 60ms
47ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 08:26:58 GMT

GET
H2 200 35849274faa25b88196bf3c3ff2d72d2.js Show response
www.gstatic.com/mysidia/ Frame DF9A 28 KB
12 KB 125ms
37ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/35849274faa25b88196bf3c3ff2d72d2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 18:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11831
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 07:55:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 18:51:47 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CF15 0
0 69ms
69ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuPIEi-7-cd-xx5-NzM4B9FdDcfbBn6zg57Rq1CmIsmwfNe6bI-GyAHroG7qtPh3H67f7gpqigTgV1siMi7aKf_D3nOXCBttx7MV_MtVCoWLze0GMH5IQte0II2SUrIn0j9NhIJn87uSoEViFXUxr7CnEzglnsoia65EoAxhBMnqsKbz8L7gK-zGvjNrU1xXJeOBAKwlSBm6Ag1sIY5x66vZnWsofvKMZm_jEI3APksGGBpywYx6J9nmXn1BKZRLGBMQFazj0IfYU3SBaQDUo2jPkxFLA7-3ieECfp2s5_fGdVq6iZg_vKx6QoA-ZRfoVRZ45tWYqYHnc9VBsDh9WTLZdJ9NdJAAwuAQtY-kZxYNDhucntaTUrygmj-O_QuVc_RLF8mRlQcuyv74KCm8xoTfltN9YiSTtEPxaq2EJCH3vkopLPSisIbPgZY4xIKjT2uOGry4qELYLRhxvI5uetRnEeU-93dja1rhDq8JwbsFZLKLrNX8GZvhC5QaGxWPbD_PshCxPQDkHilBYNx0S8Em885RNbKtNdDWXdNp3nK0xlXz9QUEOId8Gq8mO1913Z2fFQyN38AsTdd-YGblTNbAoHHRcMziSOXyRPwL71124HnGusn1UwiRURTAWEL1_8mxjrVOMOrALP4MeS5pPjTdZfz7MQCKcTr9Ea6vT3UyKs8eXf2W5WQFPHt0n7BkA7jeKttwymwg1OhYPJqnT5-Pj8CjkCc8Y6dYnxwkIvJE8HypEq8BB0wKPXlFPEzVM-o7kY0kfGzkjLbUewvnjNvV4AWypsblwFdpIkT79rCj1FHPPtmD7B7a8gXYA_YUM1c_Z_0UCb_wgP4MbV2Dd7TBhtRV3RBjra8W5X9lveRT0jL9jTAF0rTeWQDQIukOMjXxfwAuOrNFz46sjEjmpKKoUP099kR0ZFiZug6fSv9VZonA9I3lM-PtEFAXPSbta5xM0RdEpO-FUtpWJQY1nhhLp0fQr8m9ZaP15qrMxZEyZfSIznc-JKNzHHC1qX_efWND3uJ-FAiVpOfiG8m2qwhE_sko4HK7e2TlZxABH26ze7cE3AhgVQNl4qeZp9DY23rBOsZj40YL3tiBhe7gFqMSrEh_apGf2RsNTytfgVpM9gQxgjdkQBGjfuF9YrdUfMQ6bNhcEacHEelcWlttGThR3YNqZyoUNcKtmXAEAUVjDqG&sai=AMfl-YRO0WxbZVE_vBQ8K8J_tF6GsyK_Aj29mOIj9E8B_Or-cFC25jopLIu9jw&sig=Cg0ArKJSzIoJAsoyCcpFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 15 Mar 2022 08:31:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CF15 41 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 13:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 13:40:29 GMT

GET
H3 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame CF15 32 KB
13 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=5482577920&adk=2016359606&adf=1497098137&pi=t.ma~as.5482577920&w=349&fwrn=4&fwrnh=100&lmt=1647225087&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F09%2F29%2Fcelebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647333108539&bpp=4&bdt=568&idt=166&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=8690182913679&frm=20&pv=1&ga_vid=1606493767.1647333109&ga_sid=1647333109&ga_hid=1992917200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531398%2C44750773%2C31064858%2C31065469&oid=2&pvsid=2711929121835451&pem=937&tmod=1637548438&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BQX35D4Vdy&p=https%3A//www.starpenstacks.com&dtd=169

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684506d9d8135537d90392d008a89c4b57a6878ab17f88d66153a630bbe773dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13100
x-xss-protection: 0
server: cafe
etag: 17326570059298415575
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:55:24 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame CF15 2 KB
1 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 08:28:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF15 117 KB
36 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 08:31:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame CF15 15 KB
6 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 08:26:58 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame CF15 19 KB
8 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 08:28:39 GMT

GET
H3 200 17564538849819845758
s0.2mdn.net/simgad/ Frame CF15 67 KB
67 KB 88ms
40ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17564538849819845758

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34af82c92a140161a46b061029b547cb113ec8f65e6e213da6eba56a78b32eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 02:29:26 GMT
x-content-type-options: nosniff
age: 21744
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68265
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 15:04:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Mar 2023 02:29:26 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 536A 22 KB
8 KB 45ms
41ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Mar 2022 22:16:44 GMT
expires: Tue, 14 Mar 2023 22:16:44 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 36906
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 7EE0 8 KB
4 KB 72ms
7ms Script
application/javascript 2a02:26f0:fb:59f::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13361095&cmp=25152005&sid=443002&plc=325420292&num=&adid=&advid=8650961&adsrv=1&btreg=517510715&btadsrv=doubleclick&crt=157032784&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59f::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a86eea3bd77a07092b4af88e3dd54272f8118190aaba5fef3bd04dd8a5490ae4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 08:31:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Mar 2022 11:57:53 GMT
Server: Microsoft-IIS/10.0
ETag: "80f6c1bde332d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3291

GET
H3 200 MBV_EU_DE_Banner_1_Generic%20EU_300x250.html Show response
s0.2mdn.net/8650961/1630571419258/300x250_EU_DE_BANNER_1/300x250_EU_DE_BANNER_1/ Frame D2D3 6 KB
2 KB 43ms
41ms Document
text/html 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8650961/1630571419258/300x250_EU_DE_BANNER_1/300x250_EU_DE_BANNER_1/MBV_EU_DE_Banner_1_Generic%20EU_300x250.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60a78e55a60dd51144a79b2ab4e7da7375fb522e90b6012a2dcf3eb0d8653f6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 2309
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Mar 2022 07:18:05 GMT
expires: Wed, 16 Mar 2022 07:18:05 GMT
cache-control: public, max-age=86400
age: 4425
last-modified: Thu, 02 Sep 2021 08:30:19 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK ai.aspx Show response
at.bahn.de/ Frame DF9A 43 B
1 KB 91ms
21ms Fetch
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://at.bahn.de/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=16464515404&cb=1384458965

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.10 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://at.bahn.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Di, 15 Mrz 2022 08:31:50 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 15 Mar 2022 08:31:49 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DF9A 0
0 70ms
70ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cnpun9U4wYuWGGrWhlQedrJT4C7yU7Ohoq77K6tUPv-EeEAEg6I6kN2CV4pCCoAegAazN46QByAEBqQKO_GdEmWuyPqgDAcgDywSqBL4CT9DOyANDjeqoxqzZ1WvONLFf3rpOtAgXPGjAi10TApe5P97dZohdbE0awxqszZslWjL_mHRuBP8M_-dG_8gKqjoFKgcO-fG9ErdnwHEuL5o5DlHS6srft6Okj2Xj49l8dABLaMfZMkVN5JoTM1x17MQNlcGhmIhLdAjb5fpBihVwfVmGAhRickal9WyYtHNPbQOJ-JtmpXrWzTJnpSMxApb-FuUso2yYBYPXrhATAnct6oa0GmRKiG4TAUYXb2JU9R3_GEERJNrWqku1OKAbNVuwawBxTD2ugEVaHhWVp2vj2TwHtJr_Xw66VzhIc0OEphExNYBBCwOJkpUX0SLkJqyWTUcnrnshkZsedN7GjYycG8eHSoZjllIKCJ7GO8T5_QX2exz1z_lqAChZyPql2Gt9jsQfxd4H1w05sCHlwATvi7GCgQSSBQQIBBgBkgUECAUYBIAHvLKc2wKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCYjQjSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTM1NTk4NTE0MjQ5MzcyOBgA&sigh=cL_wRJDkb-I&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 15 Mar 2022 08:31:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9394 143 B
163 B 40ms
39ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 15 Mar 2022 08:06:49 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1501
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7EE0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98fd41df520860f23ff9fe6ce8ae5fcb21c66e91f3b17d851070bfad46e5031b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DF9A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93accfaf0f231cb1d32ab1825ca44f664a063af23a9b326d9585724f902de2c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 442E 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Mar 2022 22:16:44 GMT
expires: Tue, 14 Mar 2023 22:16:44 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 36906
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CF15 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5af054b3e0d9a0ee035e9edd6820ace42e126f35d44d8df567b4dbc6d78c13aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame D2D3 236 KB
63 KB 91ms
19ms Script
text/javascript 2a02:26f0:6c00::210:ba12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/8650961/1630571419258/300x250_EU_DE_BANNER_1/300x250_EU_DE_BANNER_1/MBV_EU_DE_Banner_1_Generic%20EU_300x250.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:50 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Tue, 15 Mar 2022 08:46:50 GMT

GET
H3 200 MBV_EU_DE_Banner_1_Generic%20EU_300x250.js Show response
s0.2mdn.net/8650961/1630571419258/300x250_EU_DE_BANNER_1/300x250_EU_DE_BANNER_1/ Frame D2D3 152 KB
31 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8650961/1630571419258/300x250_EU_DE_BANNER_1/300x250_EU_DE_BANNER_1/MBV_EU_DE_Banner_1_Generic%20EU_300x250.js?1630080130682

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8650961/1630571419258/300x250_EU_DE_BANNER_1/300x250_EU_DE_BANNER_1/MBV_EU_DE_Banner_1_Generic%20EU_300x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44ddbde0ea3b7f3f5f1af9029a960cdf7401396d3e17a5b6558252791945d0fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8650961/1630571419258/300x250_EU_DE_BANNER_1/300x250_EU_DE_BANNER_1/MBV_EU_DE_Banner_1_Generic%20EU_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31404
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 08:30:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Mar 2022 07:18:05 GMT

GET
H/1.1 200
OK dv-measurements2375.js Show response
cdn.doubleverify.com/ Frame 55A4 511 KB
95 KB 11ms
9ms Script
application/javascript 2a02:26f0:fb:59f::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2375.js
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/09/29/celebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59f::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ddf16c461e55282bdeb11c642d461bd1e5f2e23730769c98d20cd69847792182

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 08:31:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Mar 2022 10:08:51 GMT
Server: Microsoft-IIS/10.0
ETag: "80fb6b82d432d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96638

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 536A 35 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:38:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 06:38:04 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9394
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

109ms
108ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Mar 2022 08:31:50 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Mar 2022 08:31:50 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Mar 2022 08:31:50 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame F935 35 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:38:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 06:38:04 GMT

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 442E 35 KB
14 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:38:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 06:38:04 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 55A4 2 KB
1 KB 236ms
12ms Script
text/javascript 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=66&ttfrms=46&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DDE2CA6%3FDE24%3CD%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DDE2CA6%3FDE24%3CD%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6EU2%26C%3Dl9EEADTbpTauTauHHH%5DDE2CA6%3FDE24%3CD%5D4%40%3ETaua_a_Tau_hTauahTau46%3D63C%3AE%3A6D%5CE92E%5C92G6%5C2865%5C7%3D2H%3D6DD%3DJ%5C2%3F5%5CA6C764E%3DJ%5C%3AED%5C92C5%5CE%40%5C36%3D%3A6G6%5CE96%3AC%5CC62%3D%5C286Tau&srcurlD=0&aUrlD=-1&ssl=https:&dfs=219&ddur=74&uid=1647333109880602&jsCallback=dvCallback_1647333109880109&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=280&winw=336&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2375&tgjsver=2375&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9355985142493728%26output%3Dhtml%26h%3D280%26slotname%3D1027493446%26adk%3D2171511035%26adf%3D2908574772%26pi%3Dt.ma~as.1027493446%26w%3D349%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1647225087%26rafmt%3D3%26psa%3D0%26format%3D349x280%26url%3Dhttps%253A%252F%252Fwww.starpenstacks.com%252F2020%252F09%252F29%252Fcelebrities-that-have-aged-flawlessly-and-perfectly-its-hard-to-believe-their-real-age%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D1%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.%26dt%3D1647333108534%26bpp%3D5%26bdt%3D563%26idt%3D162%26shv%3Dr20220308%26mjsv%3Dm202203030101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D400x280%26correlator%3D8690182913679%26frm%3D20%26pv%3D1%26ga_vid%3D1606493767.1647333109%26ga_sid%3D1647333109%26ga_hid%3D1992917200%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D938%26ady%3D115%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759842%252C42531398%252C44750773%252C31064858%252C31065469%26oid%3D2%26pvsid%3D2711929121835451%26pem%3D937%26tmod%3D1637548438%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DVPyxcfebPC%26p%3Dhttps%253A%2F%2Fwww.starpenstacks.com%26dtd%3D166&fcifrms=6&brh=2&sdf=2&dvp_epl=478&noc=4&ctx=13361095&cmp=25152005&sid=443002&plc=325420292&crt=157032784&btreg=517510715&btadsrv=doubleclick&adsrv=1&advid=8650961&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=6248870560.321911&dvp_tukv=77564345444.7694&dvp_uuid=48726846796.85956&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=482214507944
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2375.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 084e451016632bc45043584cec59ab73277cfa0213bc8f5dd4261f0293d26856

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 08:31:50 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 03/14/2022 08:31:50

GET
H3 200 MBV_EU_DE_Banner_1_Generic%20EU_300x250_atlas_P_1.png
s0.2mdn.net/8650961/1630571419258/300x250_EU_DE_BANNER_1/300x250_EU_DE_BANNER_1/images/ Frame D2D3 4 KB
4 KB 41ms
40ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8650961/1630571419258/300x250_EU_DE_BANNER_1/300x250_EU_DE_BANNER_1/images/MBV_EU_DE_Banner_1_Generic%20EU_300x250_atlas_P_1.png?1630080130577

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7202e96ec0b28100e802f15231f15a727060f14347164bd11b877abf868f9d93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8650961/1630571419258/300x250_EU_DE_BANNER_1/300x250_EU_DE_BANNER_1/MBV_EU_DE_Banner_1_Generic%20EU_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:18:06 GMT
x-content-type-options: nosniff
age: 4424
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4089
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 08:30:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Mar 2022 07:18:06 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 102ms
54ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220308&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

714c793e0e9ccf859dcc8d00bb15cce0a00d4dd4f888a0ea5945682ef6d6a140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 08:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10532
x-xss-protection: 0

GET
H3 200 MBV_EU_DE_Banner_1_Generic%20EU_300x250_atlas_NP_1.jpg
s0.2mdn.net/8650961/1630571419258/300x250_EU_DE_BANNER_1/300x250_EU_DE_BANNER_1/images/ Frame D2D3 65 KB
65 KB 48ms
47ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8650961/1630571419258/300x250_EU_DE_BANNER_1/300x250_EU_DE_BANNER_1/images/MBV_EU_DE_Banner_1_Generic%20EU_300x250_atlas_NP_1.jpg?1630080130577

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19da90db75719f291bed43a95f55c995df1755f77e801df95aac3bf2132ebc96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8650961/1630571419258/300x250_EU_DE_BANNER_1/300x250_EU_DE_BANNER_1/MBV_EU_DE_Banner_1_Generic%20EU_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:18:06 GMT
x-content-type-options: nosniff
age: 4425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66162
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 08:30:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Mar 2022 07:18:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 08:31:51 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7EE0 42 B
64 B 64ms
63ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvM9hQp-PgUbuZPQF0brMaqAzjgxaxf56x7qHKkacBxxsgfWb3TpHlr3z82FGhvsnu-1jp1u_QST9i6-RVrJUPozqKHPcgMJZSVAr3vykm9HW9AlAkUfAPb-bt6CnRDVmlG5AShCxfPj-7Dl5PbYaZA-kxi_IjmOMihxAgao_Fpdw&sai=AMfl-YQg3QzvjEZNk0IdTEMoNN-LO5_5MNPJR_q78m3bbSUf8C7k1MAvM3FJ2YwEBdLUv5IbHY65c4QPxETl&sig=Cg0ArKJSzNiB89htkPQMEAE&id=lidar2&mcvt=1036&p=0,0,280,336&mtos=1036,1036,1036,1036,1036&tos=1036,0,0,0,0&v=20220314&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2171511035&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647333109346&rpt=313&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 08:31:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 64AF 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Mar 2022 07:53:16 GMT
expires: Wed, 15 Mar 2023 07:53:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F6F9 783 B
535 B 56ms
56ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9aea45b533234cd4425508c935451deeae32ac56d3a0f69aead03033dac515ab

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-/PYdhN4fN1CjZwatCt76Mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 15 Mar 2022 08:31:51 GMT
date: Tue, 15 Mar 2022 08:31:51 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-/PYdhN4fN1CjZwatCt76Mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CF15 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRf81sGn4eieeKNgHbGYwkeW7Ii6sfs16Xs40lKnr3yNGxAT6zoDFfLZGJ0JmohuaTGIEvmDFkxlHFTUuvz1fag1uTm8niKBhP1YtPZ6ml5YSbZdzz2X7QwHKM6c3VoMswmW25d4GDsiqtcsJ6US_cA6ZujvwimxCPAL5smG0LTw&sai=AMfl-YSanf0G1Bdi8ygd-yGApVvPrXG_9PX6hThvW4HH_O70UEv8Uk-YLQlwvHF7DH3YWRGrVaaw89xu89AP&sig=Cg0ArKJSzFIfJTulu5bgEAE&id=lidar2&mcvt=1013&p=0,0,280,336&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20220314&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2016359606&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647333109502&rpt=234&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 08:31:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 442E 0
20 B 68ms
68ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIgK19U4wYtKjGaOLlQfapoXQCgAAAAA4AeAEAg&bg=!jo2ljcnNAAb7UztL-1M7ACkAdvg8WrwpC-WouMwz8LV2PyZNTEscDIMoKZ5dpYm_zqAlU_VUPy67GwIAAAHvUgAAAAxoAQeZAw3CO2w9VTJIkrBEQO1jGNK-BQ4_I00zlrhnO61aM43_Im7mH5iMcfa3igf2UILkPbBrjI8yWMBoFX8ZxlHT6NsRVGzDf2stNDJ5gAKQY2oH2XFlGdXQ37Lmd9_g3Epz4bAVPGwPwFiBCyfcpvW4Pon_OqUb6LpTSUZzBqD_l9J1eMSXDztnMoESeNs45y1qYQWSRZsOuR6Y1S9aS5H96agD8r-fHx-k6rshoQNbWJpUS05YaUFXd9k36x_q4I5oPyBgsBd2fpJ6SiX7sVjxogZodfbU3c9y-_xrFwX4Axe-8rUu-iGK4PvrMltE_LkJ3VknghxAoUn7gIMI5mrYnkVzU-dO5EBxbVvnJLkJVd2wQp18cJl5EOAZQUF7GuH3aGG6mu64BNqrZvKgB5whF04amSPRqYrrdh5QXPmXJ2QAKQB5S4LNbzkfqzbnJ2BnXz6dRoHMMeq7RiwXx3jopclnGS3ui32Ni711Uis-2tNPln1gkHVpQ7u79DE5K35kwm9e5M9kx8LzmIBdtn_nO4PGYwzkkV8oiRq5UGPTfgrI7TWAwxr9YPZtCO3ln07i6NzAAvsvJlj6Suqtj3fe4U0s_sNaGfHL-s5j4J76TTx4zjycgVECbbgXgNgwWFrVd2mpJg2yLEHNQX9vEupXK95Io6XPCipL2jdKXK8I44E72_9d2WpLsIzNYFA-zwSr3x5plyUzkna93tB3-aC2bT_roOuPN1gZf9C8GCsg-2vc8bsMM2weTWdLSZYteao1qspE9j9ur8ih-OUl_GJTZNnvCVRB2SgQ0XOiNDAXOys2yOAvTMzZAVElwr45Qd9I1wD0_n8wIKAfMok2UDsXH6yEkcPZaOamLomm0YK06iOiCcgCjfyo19h6gn2IzxDrONHt0NwGxpHkQtJBlZgausR_79tGE4y89uXCy5OJMUsCTW1tZZVTDr6ZzLmc2TKMvSIi4GljLI-EpvEVClxVySsIr-GSfnE9qKWPrgvY3DlkNw6Yz5ePkuDAo8EwiCYMb-DoZ7u_6LRcMIJmSIFH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 08:31:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DF9A 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNcgttfPXdAE_uL3dp6z6Bf4ek_Zoyb6ZF-NC1PiOaPEEKmO14lzsCchJjozbXRWQSevzgjXhpj8YoYN5K6mC7LOwR3dXLsxVEf1NHFnK-NJA7Z-m9iA&sai=AMfl-YSJ9OK9iEUgXddAcKf7G7Cf3rD_SxkOcFVubS0uX3t_OArz4avtugEkqjzxrTfSGe5kinAUIhFCJGNy&sig=Cg0ArKJSzJTnG_LpkHZLEAE&id=lidar2&mcvt=1010&p=0,0,124,1005&mtos=161,728,1010,1010,1010&tos=161,567,282,0,0&v=20220314&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647333109314&rpt=499&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 08:31:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 536A 0
20 B 62ms
62ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8aBy9U4wYvaEGZC5b_CLiegGAAAAADgB4AQC&bg=!CQqlCk7NAAb7UztL-1M7ACkAdvg8Wr1xbRkbDyGJCSBY5HjG0K8XjUcDcCJ5kR_5l1qyNreQHpXWSAIAAAIzUgAAAANoAQeZA0FBLYeGtoWWYbkGU5zm4bsjeG04yiYD8TCD5FYoqijU-Q0GJ_BUTae-QYLQ3iGmgcJHXoQEJNG0wQgZJYoow2nTqo40_ckaYtfX-9vdOb_kn80yONYP0zDen5uL_WGZsFoLufglWr6QA1ecO8DC55X6jiDlljyfQWW9Y3WNvzc3orHMenToPsoXosrQ9J8oknhRbB07k7ff9X9Rc8JGVI8gQ1n0hgDWwaDYtR8BkmDRzzmjGUrKIt4JaU-9ZxDMA07J0NTLZtUTZgn_GS19nqFlp4ufgH1JZ8Q47zsRr8pf5iiPFgedcNaWiAI5xpArL-CSBP4CDyyLvSQuQEowDh0mF9BDsG6xb_zVg298evMwNKwQD6AQ0KUCKm4U5vXUAQCUGP62f6i0grBDLeQUBXkmFGqeV4xtNRWSMTq45fW0GAaOIgtjdNyoA87tgVoyfVy8ft6h2AAX9_HwQzsTxFLnZEu08EahEZBAQokfdm0YytNmTbddj2ZROKiBHLksMkqz6R4rXyiQXr76bjW8ll6QxDBdHu1N97RHfg-ZZ7FJfxuZaNEtjBoT6V4hiVfc1gzIVKkhUuqF8fNYbZjiVSsaMs1OcQpPijYpSHzj5HJ8n9-svXX7O47ZMi4xwSCpuyz3yfv0ARU0W_RJZg45i7INGqU16_zeve_Pd7LZPvdzJaA1mTVLz9gGuGzZMrCnTpUeK4b1mvVtpGUQ27dYnRFI1jEgyAtXHr77SExx5dho0YiFczJmoKNYSZ_oTMWX0XwqWFE6FkOTJ19T8NqkruBiq3_aAposGxTzfwzxHLBPJJthi_uGUnutRVMfzGQpHqwaa5nBTPFkvnM9Jjm_UbVrXHONHCEAraQLf4iBgAi_LhGOCOCoytg2b9x6WhCLBLSzr7pHV48U6NFlY2Oa30cLi4noAS6ewNZ3Mfvepzt01au--0Ocrs2__ivXheUUEPTiygJcyRqWfIgNTjhhQlFScp7T0QV0GbnNqgOu4jzpZ1E7ybXf6taEITHN6HgghutIK3z1uMciUH0Y6TZpSk-yAe72bWJ69Qw8D7vPqIAw8CacmY3_R3K0KibmOI_LdT3DKeMEMGjRFiJj7a66mMYaYw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 08:31:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F6F9 0
0 93ms
92ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220308&jk=2711929121835451&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 64AF 35 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:38:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 06:38:04 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 64AF 0
9 B 39ms
39ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qtXlrw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:31:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 63ms
63ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220308&jk=2711929121835451&bg=!9fal9rLNAAb7UztL-1M7ACkAdvg8WnClIPXByGqm_iH2mgqzbNXzdfbmaIGXJQKm2CGD8PGh8HfA2QIAAAB0UgAAAAJoAQcKAIDd4UZqr0uoD_cFktNoYr5kq8d3p7AJ55C_a92WCWX9lFFeIu9qcpwI5SXu2NnwDtOKNRMA6iG3FqoRBiCtuLEMgI3d37oX00cJj38diOd_mQXemXk3MQAmqSELw_172XOpA-i9eyOtOWs41qQG7h6Jt1Lh0pXgBEAbMqKCXIK0GpkC-4CWGh5zn-2qmn9vI3vckUXxzuqiOGKue2EZoBD08UqZuwOBO5y_AGyEhSHN9Hq-rnOBCHbyg88H5TdlQbn13pf1JJy-dIpshv9Azk5u_Wz1JpKnsq45EFPNPhE7znd35r9FAXSHudystKRkEDuCa8LvFgr6iWQDoMINpexHEYQTiMeXVs7svy-9BylfEZDUzIDY50zPICXIiPPLfvC6BmtL4vmeyFhFRK4L1XpEi5be8ob1MYHT8QJed8J-WR45ya1PkhXDcKOYK1PgV5WWZ2gmX4SrfmzS_aCG5myJQ9C59ZktNG5w-axEx4vmPlDtX_ix3uh-ZuSJJyqiPUgGldf3OBsyzPm-g21J-lw9rZGKWoZFTj7xhwRsIPsHu1ZNci2oWHKCfxoBp9nsOnl4kSofrqKyNLCE8wt7HwNPmC6Z48ez_mPQGP1aLZAGJBVzOH8BS5WmHdOZxE1fOcI1oDYyMn8wT75ov8F4mGmZ7BI4i-F-1xYcqQQFznhRGFHSJeE2bfenXYsZ8NNUAtZbjnuFXImM8N2IKUDdzGJ4JcpXWU4v5xNvP6rvtqaMhx6orznMK1mN9dX-GdJs3alfuGyt_RhfjE3ZJWMUbPZn3TQm4Z8-F04JKiSB4cmVFnb7ZGIBhmgbmniFqarqRdcde3428XaA7QaK-7GRFyUC069iVunqDQLGggVeS3BEpCDRAAU5y___UCE8Fb_ypkfh2tZSeZuZvmXybHitdJqTd2Pkjs0JJlm55YGhhGfeMNtbMk2AFihB9uddP3W4e76UDE0gZbDLesPUC_0-CQYpv9eyTnCNpfVPpjT1Kkki88N5x3lF7sJsJG87y6WglntRo7lw6pgXEbTqFj4qVRfaHZ3xQod4A47qXMjG3xcKIsCa7JSIAireJD9mYnpMN4VgiCJkf-9w3ZB7pJUpT2wgdBlGDT7XU5mgfxISmz_yH_hI41prW6ZiqlKrfkNuzXnOh80aPiTj6CDvy9jNONlSn_UX7rb5PKGx7c-Ngas

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 08:31:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 55A4 0
258 B 25ms
7ms Ping
text/plain 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=2b853bea88c84e528e0e029b8489b519&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_atali=1&vdur=239&eoid=8&msrjs=2375&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=74&tetms=11&msltms=24&vltms=239&sei=290&vetms=184&engms=1&engisel=1&ttfurm=2468&cbust=1647333112306734
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2375.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Pragma: no-cache
Date: Tue, 15 Mar 2022 08:31:12 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Vary: Origin
Expires: 03/14/2022 08:31:53

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 55A4 0
258 B 7ms
7ms Ping
text/plain 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=2b853bea88c84e528e0e029b8489b519&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=10&ismms=60&isumms=59&isvelg=1&nvr=6&elmtp=1&isbxdms=2560&b0=305&b11=2378&adhgt=280&adwdth=336&norwdth=336&norhgt=280&engisel=1&vsos=5&dvp_vsosnmr=16&lftb=2683&sftb=2683&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=280&cwdth=336&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1260&isuiabvms=1260&ispmxpms=1260&iscvmvms=1260&engalms=58&engscrlms=433&dvp_pageEng=true&dvp_dpr=1&cbust=1647333113305761
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2375.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Pragma: no-cache
Date: Tue, 15 Mar 2022 08:31:37 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Vary: Origin
Expires: 03/14/2022 08:31:53

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.starpenstacks.com/	1970-01-20 19:06:45	Name: _ga Value: GA1.2.1606493767.1647333109
.starpenstacks.com/	1970-01-20 01:36:59	Name: _gid Value: GA1.2.1096533727.1647333109
.starpenstacks.com/	1970-01-20 01:35:33	Name: _gat_gtag_UA_137392462_9 Value: 1
www.starpenstacks.com/	1970-01-20 01:35:33	Name: outbrain_cid_fetch Value: true
.starpenstacks.com/	1970-01-20 10:57:09	Name: __gads Value: ID=4531ae5bcddb7287-22b21f6d5ccd006d:T=1647333109:RT=1647333109:S=ALNI_MYWbdND8H4-wxvjrrG8lMr3qHxGqA
.doubleclick.net/	1970-01-20 10:57:09	Name: IDE Value: AHWqTUnzrotN6VVRlTfLdaUnEJBgzb8BaNr79lYinaZuLvd6fbal82y1ajAMmHiYF1A
.doubleclick.net/	1970-01-20 01:35:36	Name: DSID Value: NO_DATA
at.bahn.de/	1970-01-20 03:45:09	Name: exactag_new_gk Value: f7410a75c32849b5a651c680a14d376e%7c14.05.2022+08%3a31%3a50
at.bahn.de/	1970-01-20 05:54:45	Name: exactag_new_uk Value: 5b1ff23f3ed841e9815876dcda4dacf0%7c
at.bahn.de/	1969-12-31 23:59:59	Name: session_session Value: db6005d64a4e44a0bedec4bc

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-9355985142493728&fa=1&ifi=5&uci=a!5&btvi=2&xpc=mSSYqU1BDf&p=https%3A//www.starpenstacks.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
amplify.outbrain.com
at.bahn.de
cdn.doubleverify.com
code.createjs.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
secure.gravatar.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
tr.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.starpennystocks.com
www.starpenstacks.com
142.250.185.162
142.250.186.162
2.21.142.172
213.202.235.10
213.254.244.26
2606:4700::6812:20f
2606:4700::6812:b6a
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:802::2008
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:803::2006
2a00:1450:4001:809::200a
2a00:1450:4001:812::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:831::200a
2a02:26f0:6c00::210:ba12
2a02:26f0:fb:59f::4469
2a04:fa87:fffe::c000:4902
70.42.32.159
05c8437ed3c4b1bc4d5f58371cabc75d1c0fa35b75d291f5b26d19d3057013de
084e451016632bc45043584cec59ab73277cfa0213bc8f5dd4261f0293d26856
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0965b428ce26477449f65a680a07a85aa8fe82db035a5279a239045d134bac29
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0dddfdcef973923c7b6cbd4534237ab3dcdc76a8aa3d6d03619566261e0b3e63
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19da90db75719f291bed43a95f55c995df1755f77e801df95aac3bf2132ebc96
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
2d144e3cedf9b96679caf134416822a66a20c41a61f5569ae0ff09779581fe69
2e31991649a9f4131c2ee5a9d09a0efef45b6b49922654f9a900b684a240121a
2ebc84713fbeab44693fc518ef25f194b1663e7b6c9f48ad6c105ab2eb4226ff
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
34af82c92a140161a46b061029b547cb113ec8f65e6e213da6eba56a78b32eb7
34cd6ca5ac2b03924176600b5d9c754403d06665a5731eb279515d542cc4ff95
35ba5af336a7a0c347e2c23b5d0a73817f46647ee118a8661e869cc9062bc4b8
3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9
42f702e41588d71c7d79cf80aeb374e49cbde5a455b726a598752e602bf2869d
44ddbde0ea3b7f3f5f1af9029a960cdf7401396d3e17a5b6558252791945d0fd
458fe424a737af83d485e3394e48fd16ffa75628add301b13e9d761f014d7254
4b16f328161f671c5374c717a038def5bba21a4f37cdfb3509cda60ec262cf5f
4c3a3a8dfc0771b4dd9b0ee43e8c9fcd12a4ba22ac833a6fc9352b58d7f7f374
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
512abfd0af424c443f98064c7a76cb739464f558adccb169f45ac436b13c1e08
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5af054b3e0d9a0ee035e9edd6820ace42e126f35d44d8df567b4dbc6d78c13aa
60a78e55a60dd51144a79b2ab4e7da7375fb522e90b6012a2dcf3eb0d8653f6e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6690063753cf86f41f2ebd53b3e035972311fd23ad9aef538056195e9fe5dcc6
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
684506d9d8135537d90392d008a89c4b57a6878ab17f88d66153a630bbe773dc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
714c793e0e9ccf859dcc8d00bb15cce0a00d4dd4f888a0ea5945682ef6d6a140
7202e96ec0b28100e802f15231f15a727060f14347164bd11b877abf868f9d93
7904c4a9e376675e1fe46f493350ae9d8c99d07c5e03e8cacd3b4dcfa0045624
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
858a6392b5b1630ef2ae16de6ba96ef735c5b53faf2aff936abcf4064a0f06b8
93accfaf0f231cb1d32ab1825ca44f664a063af23a9b326d9585724f902de2c1
98fd41df520860f23ff9fe6ce8ae5fcb21c66e91f3b17d851070bfad46e5031b
9aea45b533234cd4425508c935451deeae32ac56d3a0f69aead03033dac515ab
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a203ee7a04deae32dc355c842aabbdde830b0e93878dad440c1ff72cae404332
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2c27a9b2574911d0d8686d6ebe29e2b779d6e927d20a807ea5eb70693bd515e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a86eea3bd77a07092b4af88e3dd54272f8118190aaba5fef3bd04dd8a5490ae4
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a
b730778ea339219bc09528cb6ff7ce5188badc9514e9aeb7cce16bfc21b9aefa
c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4
ca7f23edc5a250dd23a0e499b3aa451f9dbc6bafc91faf8da2c7245bb05de1f7
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
cd9880cc649f45d811fbe49682e746ba7b493e8263385ef71f0266bd30f3b4f1
d402b35e6e0d996cc57dfb1f40a87b672f1eb4dfe0744da6d9c40b0d26592815
d7081b1d0b4c2ca10e4ae7d454d7bd1c23701c31fa4390c99d68efc99b30af51
d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e
ddf16c461e55282bdeb11c642d461bd1e5f2e23730769c98d20cd69847792182
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
ec626d1355ef5d84689c88b2ec9e383fa16b0be9c068fe5fc913be061542edbc
eed9dbb4fe60fb903a06b17d72363ffa543c942dedb030f650a0bf45f67d18b6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

www.starpenstacks.com Open in urlscan Pro 2606:4700::6812:b6a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

100 %HTTPS

73 %IPv6

18 Domains

26 Subdomains

22 IPs

3 Countries

1632 kBTransfer

4255 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.starpenstacks.com Open in urlscan Pro
2606:4700::6812:b6a Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

100 %
HTTPS

73 %
IPv6

18
Domains

26
Subdomains

22
IPs

3
Countries

1632 kB
Transfer

4255 kB
Size

10
Cookies

103 HTTP transactions
4 data transactions