urlscan.io logo urlscan.io
SecurityTrails logo

www.saultstar.com Open in urlscan Pro
34.111.249.109  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Submission: On December 21 via manual from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 132 IPs in 13 countries across 111 domains to perform 600 HTTP transactions. The main IP is 34.111.249.109, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.saultstar.com.
TLS certificate: Issued by GTS CA 1D4 on December 17th 2023. Valid for: 3 months.
This is the only time www.saultstar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34.111.249.109 396982 (GOOGLE-CL...)
1 34.149.157.221 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
6 13.32.22.213 16509 (AMAZON-02)
3 23.201.255.110 16625 (AKAMAI-AS)
1 18.239.36.121 16509 (AMAZON-02)
40 34.117.54.29 396982 (GOOGLE-CL...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 18.239.83.50 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2600:9000:238... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
5 13.107.6.158 8068 (MICROSOFT...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 13.227.219.6 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.215.22.18 16625 (AKAMAI-AS)
1 2a04:4e42:200... 54113 (FASTLY)
2 5 18.65.39.56 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 35.241.9.51 15169 (GOOGLE)
6 12 185.89.211.84 29990 (ASN-APPNEX)
9 34.107.254.252 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 99.83.154.140 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:e0:... 13335 (CLOUDFLAR...)
5 34.226.133.115 14618 (AMAZON-AES)
2 13.32.119.77 16509 (AMAZON-02)
1 172.64.152.89 13335 (CLOUDFLAR...)
18 52.28.203.152 16509 (AMAZON-02)
8 3.123.201.131 16509 (AMAZON-02)
2 34.120.63.153 396982 (GOOGLE-CL...)
2 20 104.18.36.155 13335 (CLOUDFLAR...)
3 25 216.52.2.30 30282 (AS-INAPCD...)
1 6 35.227.252.103 15169 (GOOGLE)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2602:803:c003... 26667 (RUBICONPR...)
2 35.244.193.51 396982 (GOOGLE-CL...)
1 2600:9000:219... 16509 (AMAZON-02)
2 15 67.220.226.234 16509 (AMAZON-02)
27 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 18.185.12.185 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
3 52.58.18.253 16509 (AMAZON-02)
5 2.19.105.180 16625 (AKAMAI-AS)
4 95.101.149.233 16625 (AKAMAI-AS)
3 20 34.98.64.218 396982 (GOOGLE-CL...)
3 3 18.159.158.145 16509 (AMAZON-02)
3 5 34.96.105.8 396982 (GOOGLE-CL...)
2 5 52.210.76.92 16509 (AMAZON-02)
4 4 98.98.134.243 21859 (ZEN-ECN)
3 4 54.77.9.4 16509 (AMAZON-02)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
2 2a00:1450:400... 15169 (GOOGLE)
2 198.47.127.19 3257 (GTT-BACKB...)
19 24 142.250.185.226 15169 (GOOGLE)
11 52.223.40.198 16509 (AMAZON-02)
1 4 209.54.182.161 16509 (AMAZON-02)
4 4 2620:116:800d... 16509 (AMAZON-02)
1 1 45.137.176.88 60350 (VP)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
25 2600:9000:20a... 16509 (AMAZON-02)
6 7 37.157.3.26 198622 (ADFORM)
15 18 69.173.144.138 26667 (RUBICONPR...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::645 54113 (FASTLY)
1 18.155.153.73 16509 (AMAZON-02)
1 1 74.121.140.211 30419 (MEDIAMATH...)
3 198.47.127.205 62713 (AS-PUBMATIC)
1 2 178.250.1.9 44788 (ASN-CRITE...)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 34.251.97.118 16509 (AMAZON-02)
3 185.64.191.210 62713 (AS-PUBMATIC)
2 3 34.91.62.186 396982 (GOOGLE-CL...)
2 2 69.173.144.165 26667 (RUBICONPR...)
1 18.155.145.48 16509 (AMAZON-02)
3 2600:1f18:44f... 14618 (AMAZON-AES)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2606:4700:440... 13335 (CLOUDFLAR...)
4 2a04:4e42:600... 54113 (FASTLY)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 6 2a05:d018:d29... 16509 (AMAZON-02)
1 145.40.97.67 54825 (PACKET)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
1 2600:9000:236... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 18.245.86.124 16509 (AMAZON-02)
1 13.227.217.72 16509 (AMAZON-02)
6 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 18.66.112.32 16509 (AMAZON-02)
1 143.204.98.87 16509 (AMAZON-02)
4 2a04:4e42:400... 54113 (FASTLY)
1 63.34.81.234 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
25 2a02:26f0:480... 20940 (AKAMAI-ASN1)
31 52.211.175.25 16509 (AMAZON-02)
1 57.128.96.120 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
1 185.170.60.41 27381 (CASALE-MEDIA)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 1 193.135.9.127 48314 (IP-PROJECTS)
1 1 89.163.240.122 24961 (MYLOC-AS ...)
20 2a00:1450:400... 15169 (GOOGLE)
7 104.18.38.76 13335 (CLOUDFLAR...)
4 2600:9000:223... 16509 (AMAZON-02)
17 2a00:1450:400... 15169 (GOOGLE)
4 4 34.199.75.211 14618 (AMAZON-AES)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 2 13.32.27.83 16509 (AMAZON-02)
3 3 193.0.160.131 54312 (ROCKETFUEL)
2 3 35.244.174.68 396982 (GOOGLE-CL...)
1 2607:ae80:192... 26558 (FREEWHEEL)
1 1 35.208.249.213 19527 (GOOGLE-2)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 34.120.133.55 396982 (GOOGLE-CL...)
2 142.250.185.130 15169 (GOOGLE)
4 2600:9000:209... 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
4 46.228.174.115 56396 (AMOBEE)
3 69.173.144.137 26667 (RUBICONPR...)
1 3.127.90.98 16509 (AMAZON-02)
2 3.229.111.75 14618 (AMAZON-AES)
2 2607:f350:3:2... 27630 (AS-XFERNET)
3 52.202.25.219 14618 (AMAZON-AES)
5 107.23.71.155 14618 (AMAZON-AES)
11 2600:1f18:1ac... 14618 (AMAZON-AES)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
3 198.47.127.20 62713 (AS-PUBMATIC)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
1 1 141.94.170.64 16276 (OVH)
2 2 3.71.149.231 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.227 15169 (GOOGLE)
1 95.101.148.20 16625 (AKAMAI-AS)
1 151.101.129.108 54113 (FASTLY)
1 1 80.77.87.162 46636 (NATCOWEB)
1 1 82.145.213.8 39832 (NO-OPERA)
6 6 18.197.41.124 16509 (AMAZON-02)
2 2 3.121.73.47 16509 (AMAZON-02)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 1 8.2.110.134 46636 (NATCOWEB)
1 1 99.83.190.102 16509 (AMAZON-02)
1 34.249.200.254 16509 (AMAZON-02)
1 1 69.173.151.100 26667 (RUBICONPR...)
4 4 46.228.174.117 56396 (AMOBEE)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 34.197.163.191 14618 (AMAZON-AES)
2 2 151.101.2.49 54113 (FASTLY)
4 4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 54.211.244.166 14618 (AMAZON-AES)
2 35.158.80.62 16509 (AMAZON-02)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.186.201.99 15169 (GOOGLE)
1 1 52.3.160.15 14618 (AMAZON-AES)
1 2404:6800:400... 15169 (GOOGLE)
600 132
1    34.111.249.109 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.249.111.34.bc.googleusercontent.com
www.saultstar.com
1    34.149.157.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    13.32.22.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-213.fra56.r.cloudfront.net
c.amazon-adsystem.com
3    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
1    18.239.36.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-121.ams58.r.cloudfront.net
cdn.adsafeprotected.com
40    34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com
dcs-static.gprod.postmedia.digital
fem.gprod.postmedia.digital
1    2606:4700:3037::ac43:9bd7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    18.239.83.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-50.ams58.r.cloudfront.net
ak.sail-horizon.com
2    2606:4700:20::ac43:44eb (United States)

ASN13335 (CLOUDFLARENET, US)
tags.catapultx.com
2    2600:9000:238d:9800:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
4    2606:4700::6812:5eb (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
config.lrcontent.com
5    13.107.6.158 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: bingforbusiness.com
edge-auth.microsoft.com
1    2606:4700:4400::ac40:9256 (United States)

ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
2    13.227.219.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-6.ams54.r.cloudfront.net
config.aps.amazon-adsystem.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    23.215.22.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-18.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2a04:4e42:200::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
5    18.65.39.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-56.ams1.r.cloudfront.net
sb.scorecardresearch.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
12    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
9    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    2606:4700::6811:7711 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
2    99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
1    2606:4700:20::681a:3e (United States)

ASN13335 (CLOUDFLARENET, US)
events.qortex.ai
2    2606:4700:e0::ac40:6020 (United States)

ASN13335 (CLOUDFLARENET, US)
api.fouanalytics.com
5    34.226.133.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-133-115.compute-1.amazonaws.com
pixel.adsafeprotected.com
2    13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net
aax.amazon-adsystem.com
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
18    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
8    3.123.201.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-201-131.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
20    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
25    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
ce.lijit.com
6    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2602:803:c003:200::91 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    2600:9000:2190:d000:15:2b26:f200:93a1 (United States)

ASN16509 (AMAZON-02, US)
placement-prd.jwpltx.com
15    67.220.226.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
27    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a8fd85fde9378c09afa02287010769df.safeframe.googlesyndication.com
4    18.185.12.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
postmedia.hub.loginradius.com
8    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    52.58.18.253 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-18-253.eu-central-1.compute.amazonaws.com
match.sharethrough.com
5    2.19.105.180 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-105-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
20    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
eu-u.openx.net
us-u.openx.net
postmedia-d.openx.net
3    18.159.158.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-158-145.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
5    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
5    52.210.76.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-76-92.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
4    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
4    54.77.9.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-9-4.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
24    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
11    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
4    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
25    2600:9000:20a0:e600:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
7    37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
18    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
8    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
1    18.155.153.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-153-73.ham50.r.cloudfront.net
c.jsrdn.com
1    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    34.251.97.118 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-97-118.eu-west-1.compute.amazonaws.com
a.audrte.com
3    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    18.155.145.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-145-48.ham50.r.cloudfront.net
s.jsrdn.com
3    2600:1f18:44f0:4848:c843:e803:e83b:7cec (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:4700:4400::ac40:91b1 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.ribn.com
4    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
identity.mparticle.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
6    2a05:d018:d29:3601:d9af:10ed:ca45:5b1a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    2600:9000:236e:2600:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2606:4700:3033::6815:325a (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
experiences.mrf.io
1    18.245.86.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-124.fra60.r.cloudfront.net
get.s-onetag.com
1    13.227.217.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-217-72.ams54.r.cloudfront.net
cdn.parsely.com
6    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.ch
2    18.66.112.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-32.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.98.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net
signal-beacon.s-onetag.com
4    2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)
jssdks.mparticle.com
1    63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
p1.parsely.com
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
25    2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
a.jsrdn.com
31    52.211.175.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
i.jsrdn.com
1    57.128.96.120 (Sartrouville, France)

ASN16276 (OVH, FR)
PTR: haproxy04.cl11.ovh.mrf.io
events.newsroom.bi
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    185.170.60.41 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a1110.casalemedia.com
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    193.135.9.127 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
1    89.163.240.122 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm45.as.net
cm.adsafety.net
20    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
7    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
4    2600:9000:223e:6800:0:2f8e:a8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
d14c63magvk61v.cloudfront.net
17    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    34.199.75.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-75-211.compute-1.amazonaws.com
i.liadm.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
2    13.32.27.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-83.fra56.r.cloudfront.net
live.rezync.com
3    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    2607:ae80:192:1::173 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
2    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads4.g.doubleclick.net
4    2600:9000:2093:9000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2a02:26f0:3500:11::215:14d7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)
targeting.unrulymedia.com
3    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    3.127.90.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-90-98.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    3.229.111.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-111-75.compute-1.amazonaws.com
reachms.bfmio.com
2    2607:f350:3:2569:0:10:0:200a (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
3    52.202.25.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-25-219.compute-1.amazonaws.com
livecomments.viafoura.co
5    107.23.71.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-71-155.compute-1.amazonaws.com
livecomments.viafoura.co
i.viafoura.co
notifications.viafoura.co
11    2600:1f18:1aca:4281:5c29:1117:1290:d127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
3    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel.onaudience.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
5    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    172.217.16.227 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s28-in-f3.1e100.net
csi.gstatic.com
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
6    18.197.41.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-41-124.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    3.121.73.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-73-47.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
1    99.83.190.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: aacb0a264e514dd48.awsglobalaccelerator.com
getpublica.com
1    34.249.200.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-200-254.eu-west-1.compute.amazonaws.com
www.getpublica.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    34.197.163.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-163-191.compute-1.amazonaws.com
aorta.clickagy.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    2a02:fa8:8806:21::1720 (Singapore)

ASN41041 (VCLK-EU-SE, US)
openx2-match.dotomi.com
casale-match.dotomi.com
1    54.211.244.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-244-166.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    35.158.80.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-80-62.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.186.201.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.201.186.35.bc.googleusercontent.com
dsp-ap.eskimi.com
1    52.3.160.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-160-15.compute-1.amazonaws.com
sync.ipredictive.com
1    2404:6800:4002:82e::2003 (Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
Apex Domain
Subdomains		 Transfer
58 jsrdn.com
c.jsrdn.com — Cisco Umbrella Rank: 15566
s.jsrdn.com — Cisco Umbrella Rank: 16203
a.jsrdn.com — Cisco Umbrella Rank: 9183
i.jsrdn.com — Cisco Umbrella Rank: 16159
626 KB
43 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
pubads.g.doubleclick.net — Cisco Umbrella Rank: 414
275 KB
41 postmedia.digital
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 83868
dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 104504
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 124762
315 KB
36 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
a8fd85fde9378c09afa02287010769df.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
368 KB
34 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3461
ads.rubiconproject.com — Cisco Umbrella Rank: 2324
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2134
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 788
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3385
345 KB
29 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
164 KB
26 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
u.openx.net — Cisco Umbrella Rank: 672
eu-u.openx.net — Cisco Umbrella Rank: 2473
us-u.openx.net — Cisco Umbrella Rank: 491
postmedia-d.openx.net — Cisco Umbrella Rank: 175076
4 KB
26 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1931
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
7 KB
25 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 13686
530 KB
25 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
ce.lijit.com — Cisco Umbrella Rank: 835
33 KB
22 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
4 MB
21 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
a1110.casalemedia.com — Cisco Umbrella Rank: 367760
dsum.casalemedia.com — Cisco Umbrella Rank: 1364
56 KB
21 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3936
pixel.adsafeprotected.com — Cisco Umbrella Rank: 718
static.adsafeprotected.com — Cisco Umbrella Rank: 602
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
215 KB
17 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
349 KB
17 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image2.pubmatic.com — Cisco Umbrella Rank: 859
simage4.pubmatic.com — Cisco Umbrella Rank: 1304
image4.pubmatic.com — Cisco Umbrella Rank: 1224
46 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
acdn.adnxs.com — Cisco Umbrella Rank: 610
26 KB
11 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 13913
livecomments.viafoura.co — Cisco Umbrella Rank: 15200
i.viafoura.co — Cisco Umbrella Rank: 13734
notifications.viafoura.co — Cisco Umbrella Rank: 16183
6 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
data.adsrvr.org — Cisco Umbrella Rank: 5064
2 KB
11 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1054
match.sharethrough.com — Cisco Umbrella Rank: 495
6 KB
10 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2205
cdn.permutive.com — Cisco Umbrella Rank: 2932
53 KB
9 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 6243
identity.mparticle.com — Cisco Umbrella Rank: 2987
jssdks.mparticle.com — Cisco Umbrella Rank: 5600
100 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
627 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2693
2 KB
7 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1640
45 KB
7 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
dmp.adform.net — Cisco Umbrella Rank: 2870
4 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
2 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 776
dis.criteo.com — Cisco Umbrella Rank: 550
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
8 KB
5 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 805
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
831 B
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
2 KB
5 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1618
718 B
5 gstatic.com
fonts.gstatic.com
csi.gstatic.com Failed
52 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
6 KB
5 microsoft.com
edge-auth.microsoft.com — Cisco Umbrella Rank: 79297
307 KB
4 dotomi.com
openx2-match.dotomi.com — Cisco Umbrella Rank: 4429
casale-match.dotomi.com — Cisco Umbrella Rank: 2999
1 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
api.rlcdn.com — Cisco Umbrella Rank: 983
1 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
2 KB
4 cloudfront.net
d14c63magvk61v.cloudfront.net
3 MB
4 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4856
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6028
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 6234
20 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2112
3 KB
4 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
2 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
2 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
2 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
3 KB
4 loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 125626
1 KB
4 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 61690
config.lrcontent.com — Cisco Umbrella Rank: 24348
100 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
2 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
3 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
193 KB
3 google.ch
www.google.ch — Cisco Umbrella Rank: 30501
622 B
3 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 9391
experiences.mrf.io — Cisco Umbrella Rank: 10349
58 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
1 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
1 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1100
2 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1498
contextual.media.net — Cisco Umbrella Rank: 665
10 KB
3 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
lexicon.33across.com — Cisco Umbrella Rank: 1596
5 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
967 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
624 B
2 getpublica.com
getpublica.com — Cisco Umbrella Rank: 3669
www.getpublica.com — Cisco Umbrella Rank: 28196
142 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2269
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1234
1 KB
2 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2225
2 KB
2 bfmio.com
reachms.bfmio.com — Cisco Umbrella Rank: 5862
486 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
62 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
1 KB
2 turn.com
d.turn.com — Cisco Umbrella Rank: 1349
ad.turn.com — Cisco Umbrella Rank: 773
850 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
216 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3052
p1.parsely.com — Cisco Umbrella Rank: 2300
22 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1010
522 B
2 ribn.com
assets.ribn.com — Cisco Umbrella Rank: 119895
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
92 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24651
498 B
2 fouanalytics.com
api.fouanalytics.com — Cisco Umbrella Rank: 10995
792 B
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 3421
474 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
3 KB
2 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2808
23 KB
2 catapultx.com
tags.catapultx.com — Cisco Umbrella Rank: 43171
15 KB
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
469 B
1 eskimi.com
dsp-ap.eskimi.com — Cisco Umbrella Rank: 17656
410 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
1 KB
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1768
428 B
1 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 2606
593 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
831 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1072
518 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1022
621 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2916
419 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3215
439 B
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 592
544 B
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1586
63 KB
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 11359
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 902
373 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
655 B
1 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 21125
1 KB
1 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 30222
823 B
1 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7439
853 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1398
523 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
187 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
649 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1031
739 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1383
424 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1414
680 B
1 jwpltx.com
placement-prd.jwpltx.com
203 B
1 qortex.ai
events.qortex.ai — Cisco Umbrella Rank: 18269
1 prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 168411
218 B
1 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2994
20 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042
17 KB
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 137075
112 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 3527
33 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 7773
3 KB
1 saultstar.com
www.saultstar.com
38 KB
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
600 111
Domain Requested by
35 dcs-static.gprod.postmedia.digital www.saultstar.com
dcs-static.gprod.postmedia.digital
31 i.jsrdn.com
27 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
micro.rubiconproject.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
www.saultstar.com
s0.2mdn.net
www.googletagservices.com
25 a.jsrdn.com c.jsrdn.com
a.jsrdn.com
www.saultstar.com
25 cdn.viafoura.net fem.gprod.postmedia.digital
cdn.viafoura.net
24 cm.g.doubleclick.net 19 redirects u.openx.net
aax-eu.amazon-adsystem.com
googleads.g.doubleclick.net
ap.lijit.com
20 imasdk.googleapis.com a.jsrdn.com
imasdk.googleapis.com
18 ce.lijit.com ap.lijit.com
aax-eu.amazon-adsystem.com
us-u.openx.net
18 c2shb.pubgw.yahoo.com micro.rubiconproject.com
17 s0.2mdn.net www.saultstar.com
imasdk.googleapis.com
s0.2mdn.net
ap.lijit.com
15 aax-eu.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ap.lijit.com
ssum-sec.casalemedia.com
u.openx.net
ads.pubmatic.com
14 us-u.openx.net 1 redirects u.openx.net
postmedia-d.openx.net
ap.lijit.com
us-u.openx.net
12 pixel.rubiconproject.com 10 redirects aax-eu.amazon-adsystem.com
11 dt.adsafeprotected.com
10 match.adsrvr.org ssum-sec.casalemedia.com
u.openx.net
aax-eu.amazon-adsystem.com
googleads.g.doubleclick.net
js-sec.indexww.com
10 ib.adnxs.com 4 redirects 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
micro.rubiconproject.com
aax-eu.amazon-adsystem.com
a.jsrdn.com
acdn.adnxs.com
9 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
9 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
8 www.googletagmanager.com fem.gprod.postmedia.digital
www.googletagmanager.com
jssdkcdns.mparticle.com
www.saultstar.com
8 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.saultstar.com
s0.2mdn.net
8 btlr.sharethrough.com micro.rubiconproject.com
7 ssum-sec.casalemedia.com 1 redirects aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
www.saultstar.com
js-sec.indexww.com
7 ap.lijit.com 3 redirects micro.rubiconproject.com
aax-eu.amazon-adsystem.com
ap.lijit.com
7 securepubads.g.doubleclick.net www.saultstar.com
securepubads.g.doubleclick.net
www.googletagservices.com
6 x.bidswitch.net 6 redirects
6 livecomments.viafoura.co cdn.viafoura.net
6 js-sec.indexww.com a.jsrdn.com
ssum-sec.casalemedia.com
micro.rubiconproject.com
6 region1.analytics.google.com www.googletagmanager.com
6 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
aax-eu.amazon-adsystem.com
postmedia-d.openx.net
6 token.rubiconproject.com 5 redirects eus.rubiconproject.com
6 c1.adform.net 5 redirects ads.pubmatic.com
6 rtb.openx.net 1 redirects micro.rubiconproject.com
a.jsrdn.com
postmedia-d.openx.net
6 c.amazon-adsystem.com www.saultstar.com
c.amazon-adsystem.com
5 pubads.g.doubleclick.net imasdk.googleapis.com
5 match.prod.bidr.io 2 redirects aax-eu.amazon-adsystem.com
postmedia-d.openx.net
ssum-sec.casalemedia.com
5 tr.blismedia.com 3 redirects ap.lijit.com
postmedia-d.openx.net
5 ads.pubmatic.com aax-eu.amazon-adsystem.com
ads.pubmatic.com
micro.rubiconproject.com
ap.lijit.com
5 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.saultstar.com
5 sb.scorecardresearch.com 2 redirects www.saultstar.com
fem.gprod.postmedia.digital
5 edge-auth.microsoft.com www.saultstar.com
edge-auth.microsoft.com
5 fem.gprod.postmedia.digital www.saultstar.com
fem.gprod.postmedia.digital
4 targeting.unrulymedia.com a.jsrdn.com
4 static.adsafeprotected.com pixel.adsafeprotected.com
www.saultstar.com
4 i.liadm.com 4 redirects
4 d14c63magvk61v.cloudfront.net
4 jssdks.mparticle.com jssdkcdns.mparticle.com
4 identity.mparticle.com jssdkcdns.mparticle.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 cms.quantserve.com 4 redirects
4 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
aax-eu.amazon-adsystem.com
4 pixel.tapad.com 3 redirects aax-eu.amazon-adsystem.com
4 sync.crwdcntrl.net 3 redirects ads.pubmatic.com
4 pixel-sync.sitescout.com 4 redirects
4 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
micro.rubiconproject.com
4 postmedia.hub.loginradius.com fem.gprod.postmedia.digital
auth.lrcontent.com
3 sync.1rx.io 3 redirects
3 prebid-server.rubiconproject.com a.jsrdn.com
3 idsync.rlcdn.com 2 redirects ssum-sec.casalemedia.com
3 p.rfihub.com 3 redirects
3 www.googletagservices.com securepubads.g.doubleclick.net
s0.2mdn.net
3 www.google.ch
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 api.viafoura.co cdn.viafoura.net
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 image2.pubmatic.com ads.pubmatic.com
3 simage2.pubmatic.com ads.pubmatic.com
3 eu-u.openx.net 1 redirects u.openx.net
us-u.openx.net
3 creativecdn.com 3 redirects
3 rtb.mfadsrvr.com 3 redirects
3 match.sharethrough.com aax-eu.amazon-adsystem.com
3 htlb.casalemedia.com micro.rubiconproject.com
a.jsrdn.com
3 fonts.gstatic.com fonts.googleapis.com
2 casale-match.dotomi.com 2 redirects
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 openx2-match.dotomi.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 a.sportradarserving.com 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 ups.analytics.yahoo.com 2 redirects
2 uipglob.semasio.net 1 redirects aax-eu.amazon-adsystem.com
2 simage4.pubmatic.com ads.pubmatic.com
2 gum.criteo.com 1 redirects static.criteo.net
2 config.lrcontent.com auth.lrcontent.com
2 apex.go.sonobi.com a.jsrdn.com
2 reachms.bfmio.com a.jsrdn.com
2 static.criteo.net micro.rubiconproject.com
static.criteo.net
2 googleads4.g.doubleclick.net www.saultstar.com
2 secure.adnxs.com 2 redirects
2 live.rezync.com 2 redirects
2 www.facebook.com
2 googleads.g.doubleclick.net micro.rubiconproject.com
pagead2.googlesyndication.com
2 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
2 sdk.mrf.io www.saultstar.com
sdk.mrf.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 capi.connatix.com 1 redirects aax-eu.amazon-adsystem.com
2 assets.ribn.com www.googletagmanager.com
www.saultstar.com
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 pixel-eu.rubiconproject.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 dis.criteo.com 1 redirects ads.pubmatic.com
2 image6.pubmatic.com ads.pubmatic.com
2 www.google.com tpc.googlesyndication.com
2 u.openx.net 1 redirects aax-eu.amazon-adsystem.com
2 lexicon.33across.com cdn-ima.33across.com
micro.rubiconproject.com
2 prebid.media.net micro.rubiconproject.com
a.jsrdn.com
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 api.fouanalytics.com tags.catapultx.com
www.saultstar.com
2 api.sail-personalize.com ak.sail-horizon.com
2 cdn.jsdelivr.net micro.rubiconproject.com
securepubads.g.doubleclick.net
2 ads.rubiconproject.com micro.rubiconproject.com
securepubads.g.doubleclick.net
2 config.aps.amazon-adsystem.com c.amazon-adsystem.com
2 auth.lrcontent.com www.saultstar.com
cdn.viafoura.net
2 cdn.jwplayer.com www.saultstar.com
cdn.jwplayer.com
2 tags.catapultx.com www.saultstar.com
tags.catapultx.com
2 fonts.googleapis.com www.saultstar.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 sync.ipredictive.com 1 redirects
1 dsp-ap.eskimi.com 1 redirects
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 data.adsrvr.org ap.lijit.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 www.getpublica.com ap.lijit.com
1 getpublica.com 1 redirects
1 cs.krushmedia.com 1 redirects
1 bh.contextweb.com 1 redirects
1 t.adx.opera.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 acdn.adnxs.com micro.rubiconproject.com
1 postmedia-d.openx.net micro.rubiconproject.com
1 contextual.media.net micro.rubiconproject.com
1 image4.pubmatic.com aax-eu.amazon-adsystem.com
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com aax-eu.amazon-adsystem.com
1 mug.criteo.com
1 notifications.viafoura.co cdn.viafoura.net
1 i.viafoura.co cdn.viafoura.net
1 tlx.3lift.com a.jsrdn.com
1 code.createjs.com s0.2mdn.net
1 api.rlcdn.com js-sec.indexww.com
1 ad4m.at ssum-sec.casalemedia.com
1 trace.mediago.io 1 redirects
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 d.turn.com 1 redirects
1 cm.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 a1110.casalemedia.com micro.rubiconproject.com
1 experiences.mrf.io sdk.mrf.io
1 events.newsroom.bi sdk.mrf.io
1 p1.parsely.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 cdn.parsely.com www.googletagmanager.com
1 get.s-onetag.com www.googletagmanager.com
1 live.primis.tech aax-eu.amazon-adsystem.com
1 prebid.a-mo.net aax-eu.amazon-adsystem.com
1 px.ads.linkedin.com aax-eu.amazon-adsystem.com
1 s.jsrdn.com c.jsrdn.com
1 dmp.adform.net 1 redirects
1 sync.mathtag.com 1 redirects
1 c.jsrdn.com fem.gprod.postmedia.digital
1 jssdkcdns.mparticle.com fem.gprod.postmedia.digital
1 s.company-target.com 1 redirects
1 sync.adotmob.com 1 redirects
1 a8fd85fde9378c09afa02287010769df.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 placement-prd.jwpltx.com
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 bidder.criteo.com micro.rubiconproject.com
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 events.qortex.ai tags.catapultx.com
1 cdn.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 ssl.p.jwpcdn.com cdn.jwplayer.com
1 secure.cdn.fastclick.net www.saultstar.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app fem.gprod.postmedia.digital
1 ak.sail-horizon.com www.saultstar.com
1 www.npttech.com www.saultstar.com
1 cdn.adsafeprotected.com www.saultstar.com
1 micro.rubiconproject.com www.saultstar.com
1 smartcdn.gprod.postmedia.digital www.saultstar.com
1 www.saultstar.com
0 match.adsby.bidtheatre.com Failed ssum-sec.casalemedia.com
600 187
Subject Issuer Validity Valid
saultstar.com
GTS CA 1D4		 2023-12-17 -
2024-03-16		 3 months crt.sh
gprod.postmedia.digital
GTS CA 1D4		 2023-11-03 -
2024-02-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
npttech.com
GTS CA 1P5		 2023-10-30 -
2024-01-28		 3 months crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M02		 2023-12-04 -
2024-12-30		 a year crt.sh
catapultx.com
GTS CA 1P5		 2023-12-14 -
2024-03-13		 3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-29 -
2024-04-28		 a year crt.sh
edge-auth.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2023-11-28 -
2024-11-22		 a year crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-11-06 -
2024-02-04		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-30 -
2024-09-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.prmutv.co
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
api.permutive.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01		 2023-04-25 -
2024-05-23		 a year crt.sh
qortex.ai
GTS CA 1P5		 2023-12-20 -
2024-03-19		 3 months crt.sh
fouanalytics.com
E1		 2023-11-07 -
2024-02-05		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-17 -
2024-04-10		 6 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-11-27 -
2024-02-25		 3 months crt.sh
jwpltx.com
Amazon RSA 2048 M03		 2023-10-12 -
2024-11-09		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.loginradius.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-12 -
2024-11-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
viafoura.com
Amazon RSA 2048 M02		 2023-08-08 -
2024-09-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
jssdkcdns.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-02 -
2024-06-02		 a year crt.sh
*.jsrdn.com
Amazon RSA 2048 M02		 2023-09-16 -
2024-10-14		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-29 -
2023-12-28		 3 months crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-08 -
2024-06-08		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M03		 2023-11-28 -
2024-12-26		 a year crt.sh
*.s-onetag.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
*.google.ch
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
jssdks.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-09-16 -
2024-10-17		 a year crt.sh
a.jsrdn.com
R3		 2023-11-26 -
2024-02-24		 3 months crt.sh
ssl03.cert.cl11.k8s.mrf.io
R3		 2023-11-30 -
2024-02-28		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
tls.adobe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-08 -
2024-03-10		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh

This page contains 78 frames:

Primary Page: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Frame ID: E1F459D583CAE900B8BFA2EF80F39BA0
Requests: 266 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v93.0/xd.html
Frame ID: B564B36604299C4935C6AA6A1D5103F8
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
Frame ID: BB29A03A9945DBAAE34202B8D5495EF2
Requests: 1 HTTP requests in this frame

Frame: https://a8fd85fde9378c09afa02287010769df.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 26227869EE99733F714F73122CEE276A
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: FB22C7544EC9D2A92F563A67D8A81163
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 8D1D08A2532ED991229790EC9841D5FB
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 0ADE1E9641CF0007657F09B3D4DED824
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: B1835B44C24D83576EE0335A6A49363F
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: 08753CC2AB4B9BE991874593F6E61E5D
Requests: 20 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 62375B6433FBDDC56CD0EE7DF7939581
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=5148106858807832576&ex=appnexus.com
Frame ID: C927E241700DD9D9764D491ABCC9BE03
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: FDFBDF7256ADF80B18AF127B851BA498
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 70958C48EF06792512027276138AD012
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 746D9830969C83E25117840AF8023EEE
Requests: 2 HTTP requests in this frame

Frame: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=5301acca-d909-42b9-830f-6b0ff75d51aa&send_session_started=true&client_id=9e0f1475-e4d9-4f30-8a31-99ca6d85282f&locale=en-US&context=signin
Frame ID: 95ECC943EE020F682331C67630B871F0
Requests: 4 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e1136584-122e-4f00-b0ab-7f8ae3b8941f&gdpr=0&gdpr_consent=
Frame ID: 239B2F7590B1209E9488095CC80A2F40
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 87E1ECB5A7F7E0BCEF820F6BD9C2FB13
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UID24CFB76E-4F04-4690-9211-6A07901FE725
Frame ID: A85B45A5D0CFFE236794562694429F01
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=4811995650&chanId=21733580793&placementId=6404573011&pubCreative=138455016757&pubOrder=3265484082&cb=945831159&custom=story&custom2=1&adsafe_par&impId=0304ef4d-9feb-11ee-8ef6-0ad1c86a73cb
Frame ID: 9BD2234FA35ABA30CB09370EEC5E94A4
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvieB25I1m33oRtCPklY7_YKQ_oA6lvs0aQJny5hp87FyiDJELJaX7NhcnSG3L1ih6-fdwwXGi2JKWqZ5pX9y8ntuA9HVv_hJ8muPy9UiKWPFK14xEh4l8s7QMFOZAK_-8a_KtEb9XyBF2u3_2MChO8QCzo3_BJvMMdAMYX6Jz4Ahqz44gIXhQNuuE7O-3Rc6XFMANHUa93twhonxVRgaQrLBwj3GP3BseW1JfK17ery04FqcZuiXzP5wIsbSLw3VKRy-Bea40wNx13p04TwBxJ_830rTiL1QC5LRf_1HfGVGcYJyjG0_TwywsyjVqwLexeUQETmjhnREvTv7NfvqN4sK3m7hKOnSfe6oXWt9qSRJ_3IPy7LIjVjOafaeKfUcZv077htjj6pCP6UTU3LQ&sai=AMfl-YQ6NfNiDFekJkM39PZ87P-S3kqa1U_qCRvgx4dJCS0gSoloZU07g5Rj9zycwzzKxVfbBPUthBsR5ZW63UXQrULB7OGuN2x-koA8hCqlT_uJeLuEJRwBdxgsgfH2d2ZvaxD_fThv8g8RucVOzONNwwA&sig=Cg0ArKJSzAseggPMCDgHEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: A87B0419BC18B503199D0F54085C1968
Requests: 7 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=1x1&pubId=4946417229&chanId=21733580793&placementId=6123534386&pubCreative=138406246893&pubOrder=3089429980&cb=1596192753&custom=story&custom2=2&adsafe_par&impId=0304ef4e-9feb-11ee-8ef6-0ad1c86a73cb
Frame ID: 2107F63E3D3547B67D6A94007E3461FC
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9cmMB7WavlCQ1NICUutyNiZW-XU50DpJg_Gu3kxjgOTgz_AeTnvniCOlLG9q59cwT6CCUwRdjEdRUbKtOdvlCE_rN1xruRrXezKuWxvxG2zYvM77gIzdcTM-U6MLzgHq-0qKOHpcghvLmiGdWi5RnojKq6UmEta4fJkBmKNMCfdX6BByvO4ihad8Tmp1ANOCl3uTnbA4hNOvyn8juO8cvvp4_MqqkopsSPM0s62Xqx2F1eoo-B6uITrnPdxFI6OH0EgeVTGoZdQLrxSP5-KCJu31eILm6lw7cY3jNejHW3EWKh-EDAEiwm_aXFicELumQ4ria0djgBkXWVaSHLZnkvjXx04vAVIvp4e0yD79SATBjKvpsHy_0VqNxJTld7PJtZ29bLSAJo42d0cIS2MeNmg&sai=AMfl-YSG8VRFTk4cwA9ip3hgZ437OoadR3ydCg4u8g1IqfFfNZNr3mMOmYJegKsdu6dK5hySVcR5pRspFRXMWLz-pzEg9VvoEQyi776QBmVg7kJqN8X9CB7G7QfWasQAD6_Ym0KuWPYvadcCNOZaqxsG_68&sig=Cg0ArKJSzDv2PfsuIZdEEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 0AA632E72D80854DB24122063C5188D6
Requests: 19 HTTP requests in this frame

Frame: https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=5
Frame ID: F442F79E1D125C0295062FD776DBCB9A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI61wgIQlZTUAhi3usFsMAE&v=APEucNWw4Yqn4JE5gd4uxbmc9p71sWgp0B9OhFDVM1dFYlWCilrfNHVmG_gCfibeznxtV2KrR7ObwpNveafvHvRLCRZAb-CX_w
Frame ID: E2508F92F65AB36FBA087A788011C812
Requests: 3 HTTP requests in this frame

Frame: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Frame ID: DAFA92B83993156A9D496F4CC3D6946F
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184635&gdpr=0
Frame ID: 2F81C5281BF8606531D214572506FACA
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4D721491EAC09A5AB1C803F1015ED9B8
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: FB04BB7A9D90D87176827F7B39B24823
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FF37E010FD0064F2543B2B78BA3BD548
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1641032752205660160/index.html?e=69&leftOffset=0&topOffset=0&c=QJieSQ8HT8&t=1&renderingType=2&ev=01_250
Frame ID: 46B5C5DFD61F26FC12BD1A34C5B510DF
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 326C1393A40F6F1E7F5CB5D1C52943C7
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C8BDDCB4F1F08E50EB555F703AA06B8A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.saultstar.com
Frame ID: 9E4320F88A0FBF60B03A9ED1E2573922
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 3D03CB08EE94B526D649FCB112941185
Requests: 1 HTTP requests in this frame

Frame: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Frame ID: 93C88442766AF5039BEDC9E56A763D7E
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: DA23C76FAB7B79B720F6F8E24E52CD2A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 512FB8A4E87BAB9DA7713BDC0038DEF0
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 8CDD7A9D8AC4FA89BD4FB57F4AB3B7BC
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: 5E4EE1B58D89A5F0FD8660FA97E8F2BC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D023BBBF23E92C79F8E831E87C278404
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-LoopMe_rx_n-baidu_n-MediaNet_n-Beeswax_smrt_3lift_n-Outbrain
Frame ID: 0C30BEEAC4AE6FC09BC976C801E90F5C
Requests: 1 HTTP requests in this frame

Frame: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Frame ID: C080C913A44894A09181B87831331349
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: FAF4CCCEDD833BEF6B3C83B6510C80DD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 983529C5EFF06E6205122E12C45304F3
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=24CFB76E-4F04-4690-9211-6A07901FE725&gdpr=0&gdpr_consent=
Frame ID: 3FB3AC005C6742C49CE3C52CC7F28EE3
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=24CFB76E-4F04-4690-9211-6A07901FE725&redir=true&gdpr=0&gdpr_consent=
Frame ID: C2F6C38164DC1C704F569B7895CD3E4C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Rvg8U0H_NgNdqGIGR68pBRH_Ml5d-j1eSPo-X7fc
Frame ID: 9DD1F865B82D05D3E562A63D6FA64E45
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5148106858807832576&gdpr=0&gdpr_consent=
Frame ID: 5F7FC08C884D09AC90789A881A489E3D
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UID24CFB76E-4F04-4690-9211-6A07901FE725
Frame ID: 7B02A072F27B7D9943FC6644F21271F7
Requests: 1 HTTP requests in this frame

Frame: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Frame ID: B92E009E5E0256E675B01A3121B8D208
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: 3113BF8AF59695EED3070D9F2F66C0AE
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 74252200231D903C1BCF4177F554534F
Requests: 1 HTTP requests in this frame

Frame: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Frame ID: 5CFF86C09DDDF867F0D5DD7AE30E8C4E
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: AC1E05742247AC16B96DB9BBB8A39199
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/control/omweb-v1.js
Frame ID: 4D62121F3ABF628EEA0C05D66FB76579
Requests: 1 HTTP requests in this frame

Frame: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Frame ID: DA071E562544A57C1DD40E2DBAB6A22C
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: 5B816C4A0BEFD9C8B5EA34836FC55F93
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F0E03C2CFC58C7963B5419FF162B8C74
Requests: 1 HTTP requests in this frame

Frame: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Frame ID: EBFD753F37CF34320FFECB50D6E99497
Requests: 5 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13402707
Frame ID: 790304F78C9499E8F20364C1F54C0FAD
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 953ADFEB509FEE45497ECDCCE07E8BA8
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: 1D738FA4DC22FF3314B0B0FEB9A610D4
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9A617C5D31F758A48DE02BB51D01DC2B
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2012%2C2034%2C2033%2C2055%2C172%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C237%2C459%2C70%2C97%2C55%2C77%2C2023%2C2022%2C3012%2C262%2C461%2C244%2C201%2C2039%2C246%2C4%2C203%2C326%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 926A25C6F1416D222FE7F37BC00755D8
Requests: 1 HTTP requests in this frame

Frame: https://postmedia-d.openx.net/w/1.0/pd
Frame ID: 21D1CFDFB8C19821DB3DE340C488E191
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 625621B92EB24A02620FEFCDD1D07A7C
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.saultstar.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A3A88E42B46012397423990110E5997D
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 3718642F4F54A58CB0CEA3655384E63D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 4EC3E7BBC316CE06C79F756199D8E86B
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: F8853F51395600D5DD359EEDB7F3AB54
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: AAF0C7C8799C15A68DEE0ECCDF8BB48E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 15B071F430382E09779C3681671A1200
Requests: 1 HTTP requests in this frame

Frame: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Frame ID: 2DF2F91CAB8FEF224077BCF2EC21CD8D
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: 62AE5E0A98C40504D069E62685D9B812
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 67156E59CF9EC45F44AFF185ED91A0BA
Requests: 1 HTTP requests in this frame

Frame: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Frame ID: 17031D3FC417F6E07775DD3DAAEFABE3
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: AFDACB54AB3814B2E4858CB979E61465
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 09D2992FBB8419FD382409403E2508A0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Thessalon band office blocking election appeal process, officials say | Sault StarSault StarUser

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

600
Requests

83 %
HTTPS

36 %
IPv6

111
Domains

187
Subdomains

132
IPs

13
Countries

12081 kB
Transfer

32169 kB
Size

186
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://sb.scorecardresearch.com/cs/10276888/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 81
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703154220948&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&c8=Thessalon%20band%20office%20blocking%20election%20appeal%20process%2C%20officials%20say%20%7C%20Sault%20Star&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703154220948&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&c8=Thessalon%20band%20office%20blocking%20election%20appeal%20process%2C%20officials%20say%20%7C%20Sault%20Star&c9=
Request Chain 120
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
Request Chain 130
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 134
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 135
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=5148106858807832576&ex=appnexus.com
Request Chain 136
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 138
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=a6c3e51b-5aaa-4810-a384-25f0c2621ff4
Request Chain 140
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?3pid=AABVI07LCCQAABMhZqz8jQ&pid=85&gdpr=0
Request Chain 141
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&gdpr=0&gdpr_consent=
Request Chain 142
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=DifhqhqJ9gQ-Tl4WO97X2V_dp4knFp5NiohxkKCJUrQ&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 147
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYQSLZvLl7V8PbUJjgqsXgAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZYQSLZvLl7V8PbUJjgqsXgAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGLmbFMwthk0PZstCyADzEE&google_cver=1
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECkOKyoQbgghLWPPKGMe8E8&google_cver=1
Request Chain 151
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=46JQCeSlWln48g5c4vVFX7SlXgT4oFEE7aDBk1Ii
Request Chain 152
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 154
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718965422&external_user_id=afea7fd7-e912-4080-892c-7d867dc70c9b
Request Chain 160
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6532060127062799210
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWY2ZTk3MTQtZTU2Ny02ZGVmLTZmMGUtMTEwNGEwNzljYzI1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWY2ZTk3MTQtZTU2Ny02ZGVmLTZmMGUtMTEwNGEwNzljYzI1&google_tc=
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC1iJlQ0a3kSBqSf7JWuOPc&google_cver=1
Request Chain 175
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e1136584-122e-4f00-b0ab-7f8ae3b8941f&gdpr=0&gdpr_consent=
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JM-3bk8ERpCSEWoHkB_nJQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 179
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=24CFB76E-4F04-4690-9211-6A07901FE725&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=24CFB76E-4F04-4690-9211-6A07901FE725&gdpr=0&gdpr_consent=&ct=y
Request Chain 180
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3852661937
Request Chain 181
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=24CFB76E-4F04-4690-9211-6A07901FE725 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OGE0WDFCei05US1Ram10T1pXQUd1VDNMUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=1492244624634415535&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjRDRkI3NkUtNEYwNC00NjkwLTkyMTEtNkEwNzkwMUZFNzI1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBVdpQ15IFF3t565IaJmmhk&google_cver=1
Request Chain 185
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1492244624634415535
Request Chain 187
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&khaos=LQF21RQD-T-B1QW HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=LQF21RQD-T-B1QW&ex=d-rubiconproject.com&status=ok
Request Chain 203
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQF21RQD-T-B1QW&ex=d-rubiconproject.com&status=ok
Request Chain 204
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQF21RQD-T-B1QW
Request Chain 205
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWNiZTFhNzk0MjE0MmMwZTI1NjAwZmVhZGI1M2Q1NThjMzY3MjFhYw
Request Chain 206
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=11otcMJ0Tji83jD5S2K0QQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=11otcMJ0Tji83jD5S2K0QQ
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELpvR7-p7huwv79kKrHnWtc&google_cver=1
Request Chain 208
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/WaE33VE_7v0o306sG4LBsw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2Cg4B8BE2oI0lvVmO9HWRrj9EfdKnzTo2rogGg--~A
Request Chain 209
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFGMjFSUUQtVC1CMVFX HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEuzsddulk4K99VQTshAWP0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFGMjFSUUQtVC1CMVFX&google_push=
Request Chain 210
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1vsuh7IlTNWEhfJJ1Y649g&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1vsuh7IlTNWEhfJJ1Y649g
Request Chain 212
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQF21RQD-T-B1QW
Request Chain 213
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQF21RQD-T-B1QW HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQF21RQD-T-B1QW
Request Chain 214
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQF21RQD-T-B1QW
Request Chain 215
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQF21RQD-T-B1QW
Request Chain 216
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQF21RQD-T-B1QW&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQF21RQD-T-B1QW&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 217
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQF21RQD-T-B1QW
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEL0hzhf14o-3WuXm56AtVj8&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEL0hzhf14o-3WuXm56AtVj8&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=e17503c86d4dd9d0a5d7f4daa763ba47&uid=e17503c86d4dd9d0a5d7f4daa763ba47&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 303
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYQSLZvLl7V8PbUJjgqsXgAA%265227&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYQSLZvLl7V8PbUJjgqsXgAA%265227&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=3108082c6c2b4cf0b5decfeb937888f0 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8170217125147634428 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=3108082c-6c2b-4cf0-b5de-cfeb937888f0 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=ca61c801-b422-425e-9ee9-9d7f73572182%3A1703154223.9806619&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dca61c801-b422-425e-9ee9-9d7f73572182%253A1703154223.9806619%26_%3D1703154223.982471&cb=1703154223.9825017 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831682305669&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dca61c801-b422-425e-9ee9-9d7f73572182%253A1703154223.9806619%26_%3D1703154223.982471 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=ca61c801-b422-425e-9ee9-9d7f73572182%3A1703154223.9806619&_=1703154223.982471 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdjYTYxYzgwMS1iNDIyLTQyNWUtOWVlOS05ZDdmNzM1NzIxODI6MTcwMzE1NDIyMy45ODA2NjE5EAAaDQiwpJCsBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJ4Ry7sYnYJklu7fv_5x30k&google_cver=1
Request Chain 305
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5148106858807832576
Request Chain 307
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1492244624634415535&expiration=1704363822
Request Chain 308
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f5ef61ca483ff5d02uyojv00lqf21t8a
Request Chain 310
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEw0c71oMBdgWz25f7R1cl8&google_cver=1
Request Chain 386
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=saultstar.com&sn=ChromeSyncframe&so=0&topUrl=www.saultstar.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=0jchiHxjKzUzK1ZJT3hhVThoa3pEdGJ4NUhmcUl1WUd4VENGbjhGdkZqVFBqQjc2SmdvVzdsSzNMaXFXZERpa0RkV2J4OWpRRDdoZUdCeVR5Nmd1c3Q2ZW9wdmJRWVBWek5FWmNRTHkxVUw5alpwZURYcHJTOUlsK09ueHYzRXRxR1EwM1ZPWlJSaFNLZzhEYllyUWlSVnhoSzJRdlJRL1UyN09UU0VPbTBkSW9RUmF5eDVCNzN1dGVzV2dnRU42NXJONXptWlZVdm1FTzlwMWo4bW5mRkVtWFRFc0w4cVM3YjdyaTZ2UUdzRmVvdDZzOXdXdTMzS2w3K0o3MHc3YmlxTWFXU2FOQWdxVld0Wm9ETmJwTzJLTVl1RDJtOWxkWWtrVExLQy8xejdHQk1adz18&cppv=2
Request Chain 445
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Rvg8U0H_NgNdqGIGR68pBRH_Ml5d-j1eSPo-X7fc
Request Chain 446
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5148106858807832576&gdpr=0&gdpr_consent=
Request Chain 449
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=24CFB76E-4F04-4690-9211-6A07901FE725&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=24CFB76E-4F04-4690-9211-6A07901FE725&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 450
  • https://pixel.onaudience.com/?partner=214&mapped=24CFB76E-4F04-4690-9211-6A07901FE725&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 453
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=24CFB76E-4F04-4690-9211-6A07901FE725&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-p4eaDipE2uWx_aLApdcEDr9IDDb.kF0-~A&gdpr=0
Request Chain 501
  • https://cs.admanmedia.com/c01d0246d79eba64b8a7cca07e5b7dc7.gif?puid=cfe797c9-3bde-40a0-be4b-5152f6c16709&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DqUVJTHutDLcyGRS8xfsW2M4g%26source_user_id%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=qUVJTHutDLcyGRS8xfsW2M4g&source_user_id=7d15ccd1-17f2-4e59-a227-d95803d49e1c&gdpr=0&gdpr_consent=
Request Chain 502
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=5148106858807832576
Request Chain 505
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SDI0dnVQWkhZNnNiUlRuSFNfQ2NkQmZR&gdpr=0
Request Chain 506
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&gdpr=0&gdpr_consent=
Request Chain 507
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?3pid=OPU3c6c278813bc4cdea7a6462599ad9b93&gdpr=0&gdpr_consent=&pid=103
Request Chain 508
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=6584122D2DAB8414788550E8BLIS&gdpr=0&gdpr_consent=
Request Chain 509
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=9da368c1-8ea5-4617-a99a-fd2fcfeae893&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=f01d5a6e-8214-490c-8e61-0954ecef49c3&gdpr=&gdpr_consent=&us_privacy=
Request Chain 510
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=y9bdgjZml1fN&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 511
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://getpublica.com/usermatch/did=6aa2cf85-e4c2-5567-a579-204435430218KrushID=6aa2cf85-e4c2-5567-a579-204435430218 HTTP 301
  • https://www.getpublica.com/usermatch/did=6aa2cf85-e4c2-5567-a579-204435430218KrushID=6aa2cf85-e4c2-5567-a579-204435430218
Request Chain 513
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=5148106858807832576&gdpr=0&gdpr_consent=
Request Chain 514
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LQF21RQD-T-B1QW&gdpr=0
Request Chain 515
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=z3C_H8h3tU_UIOFKzieqSZh3sRLUcr4SwXL4fEkd
Request Chain 516
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQF21RQD-T-B1QW&gdpr=0
Request Chain 517
  • https://um.simpli.fi/lj_match?r=1703154226628&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=7DD430A8B53B4C809DD734663E0CCC03
Request Chain 519
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1703154226905 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5736065238 HTTP 302
  • https://sync.1rx.io/usersync/turn/8170217125147634428?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1e47fa13-08a2-46b9-8e53-fd58209a9b7a-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-1e47fa13-08a2-46b9-8e53-fd58209a9b7a-003 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-1e47fa13-08a2-46b9-8e53-fd58209a9b7a-003
Request Chain 520
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SDI0dnVQWkhZNnNiUlRuSFNfQ2NkQmZR&gdpr=0 HTTP 302
  • https://s0.2mdn.net/dot.gif?gdpr=0
Request Chain 521
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=H24vuPZHY6sbRTnHS_CcdBfQ&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:8b265751633741c747cda48647c16948
Request Chain 522
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=a6c3e51b-5aaa-4810-a384-25f0c2621ff4
Request Chain 525
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZYQSMgAIje0DIQBU HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZYQSMgAIje0DIQBU&_test=ZYQSMgAIje0DIQBU
Request Chain 526
  • https://tr.blismedia.com/v1/api/sync/openx HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=6584122D2DAB8414788550E8BLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D6584122D2DAB8414788550E8BLIS HTTP 302
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=6584122D2DAB8414788550E8BLIS HTTP 307
  • https://pixel.rubiconproject.com/exchange/sync.php?p=blismedia HTTP 302
  • https://tr.blismedia.com/v1/dpusync/6?uid=LQF21RQD-T-B1QW
Request Chain 528
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=38c4d4ef496a159e&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAI7GvJ3IcojgNq4cSKAAAAAAA&expiration=1703240626&nuid={OX_USER_ID}&is_secure=true
Request Chain 529
  • https://sync.srv.stackadapt.com/sync?nid=268&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=MIBurtXwXfNq7otgA4NejrAKagk
Request Chain 530
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=HFfO4oWWimWcmgcKuYI4_w==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 532
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dopenx%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=openx&user_id=k-4wLqfqn7W4McDctvA0SbxdxgYY_7ScnyW3ftyw&gdpr=&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=f01d5a6e-8214-490c-8e61-0954ecef49c3&gdpr=&gdpr_consent=&us_privacy=
Request Chain 533
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=DifhqhqJ9gQ-Tl4WO97X2V_dp4knFp5NiohxkKCJUrQ&pi=openx&gdpr=0
Request Chain 534
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1Pm6SNP-sBjPqeQd1a6vHoP-tEXP-7tF2vvhe2S6
Request Chain 547
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D%7BOPENX_ID%7D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=ca3a3563-b96f-0ad5-0db5-f55a9845fa79 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=ca3a3563-b96f-0ad5-0db5-f55a9845fa79 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662089531975746
Request Chain 548
  • https://dsp-ap.eskimi.com/pixelGet?ex=14&gdpr=0&dest=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539901412%26val%3D%7Bdmp_id%7D%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=539901412&val=6b7c0c78-ffce-47a3-a324-27a620b857fb&gdpr=0&gdpr_consent=
Request Chain 549
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=b18b99e5-cbbf-4078-a1d2-817a462357b1
Request Chain 550
  • https://um.simpli.fi/ox_match/gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=7DD430A8B53B4C809DD734663E0CCC03
Request Chain 551
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&gdpr=0&gdpr_consent=
Request Chain 552
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=5107433831682305669
Request Chain 553
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYQSLZvLl7V8PbUJjgqsXgAA%265227&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Request Chain 555
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB
Request Chain 556
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=6cadaa375721181d&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIkR3GV0d_YwNnn2oMAAAAAAA&expiration=1703240626&is_secure=true
Request Chain 557
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEw0c71oMBdgWz25f7R1cl8&google_cver=1
Request Chain 560
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433831682305669

600 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request thessalon-band-office-blocking-election-appeal-process-officials-say
www.saultstar.com/news/ 		176 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
5b349f9bb9034e3014cf0cd81256fd311b1ee8343a466ba4b952d2e5486376d5
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=180
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Thu, 21 Dec 2023 10:23:39 GMT
expires
Thu, 21 Dec 2023 10:28:30 GMT
last-modified
Thu, 21 Dec 2023 10:23:30 GMT
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-dcs-cache-page
MISS
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
x-envoy-upstream-service-time
3
x-frame-options
SAMEORIGIN
x-pmd-backend
pmd-nginx-proxy-85ff6bc9fc-49rvn
x-pmd-cache
HIT
ThessalonWelcomeSign-e1703012440100.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/ThessalonWelcomeSign-e1703012440100.jpg?quality=90&strip=all&w=564&h=423&type=webp&sig=w6FhJFvftdnlH5C6J7oqYA
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
0dbbfd058984d216b2371b90276638dcf0b3c97d89dcf96b253b46ac849c46f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Thu, 21 Dec 2023 10:23:40 GMT
via
1.1 google
server
nginx/1.18.0
etag
"b285de02d28faa36ce0a41bf1e334dc93ca836bc"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-7b4b5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51042
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
24e2db472b47c82ae28a7dfeb21ee6133e43bdd4ff9adfc8f8e4d1096508ac6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Dec 2023 10:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 10:23:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Dec 2023 10:23:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dcb5420dbe7c1f1990d3c691ed99327aca0d45c90183a612b6e6032511686561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29215
x-xss-protection
0
server
cafe
etag
124 / 19712 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 10:23:40 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:37:35 GMT
content-encoding
gzip
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C2
age
2766
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
5Swf3RNfIB3AAjv1DEe6oJMFeELF3hIY4ncVx0_GcnnXLwdFD5HB8g==
14648.js
micro.rubiconproject.com/prebid/dynamic/ 		2 MB
267 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
14f0222e2679a5d08a8af2fec9ee923dbf2e9fb4c9f462a25dcf255f7bc75d02

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:40 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-14648_postmedia_pbjs.js
content-type
text/javascript;charset=UTF-8
cache-control
public, must-revalidate, max-age=14400
content-length
272794
expires
Thu, 21 Dec 2023 22:10:12 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-121.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 04:05:28 GMT
Content-Encoding
gzip
Via
1.1 ae0d2a327c332a4081a71ea179abdd70.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
AMS58-P2
Age
454693
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
Poif0g_gm1dYU85gsesa7xNDX_infOtpCAYZuh_A8NIYqmRARJrcyA==
output.e13822da2ca5.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/ 		29 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.e13822da2ca5.css
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e13822da2ca587d1d53b050cb267bbfea098e785e496dfb833bf4ae38555a087

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:48 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
138352
x-guploader-uploadid
ABPtcPovBNcORlCJLQIwjj0AQf-u4MZ00gIS1j-cUHvLXT9mTqa5xylj5BIMznjh6FYpQSNUABH05WZhS_Pr_Z_CrLsWQA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2527
last-modified
Tue, 19 Dec 2023 19:46:05 GMT
server
UploadServer
etag
W/"e294df1b7807772797bf8455e49389d1"
vary
Accept-Encoding
x-goog-generation
1703015165240881
x-goog-hash
crc32c=7LFLRw==, md5=4pTfG3gHdyeXv4RV5JOJ0Q==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
29809
accept-ranges
none
output.c9fe1e8e609f.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/ 		90 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.c9fe1e8e609f.css
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
97d2d059b018df2d5e0dedab47f242e427c537c972c2bd3b013e44b6ec569f00

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:24:01 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
133179
x-guploader-uploadid
ABPtcPqUTdQe45BHzAL-NYVaG1Rm3BtEWjv4tdHfjRrBedPXg5tPuKxQgjY5PmRMbtNv7r6OZ_qZj1Ny0sXjZxjO4PzhLL1P8F6x
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14547
last-modified
Tue, 19 Dec 2023 19:46:04 GMT
server
UploadServer
etag
W/"df5eb9b3119bc5e8644c315cb923e553"
vary
Accept-Encoding
x-goog-generation
1703015164623657
x-goog-hash
crc32c=0YCwvg==, md5=3165sxGbxehkTDFcuSPlUw==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
91724
accept-ranges
none
output.da2c731b0d2c.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/ 		60 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.da2c731b0d2c.css
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
63680c6a3dd302c0eaa4d475e9b6f360e6d1eba0b23943f6b4eeead3eda8b270

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:59:46 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
138234
x-guploader-uploadid
ABPtcPoQYiUGSXI6UeZMcWLBGnWfWVYwLKGdwganO59yEQHvBT1-JPwXzfuWa4fPsT0184jGPS_t019Qjz_UWr_HCx0w-OS2e8SU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6935
last-modified
Tue, 19 Dec 2023 19:46:05 GMT
server
UploadServer
etag
W/"f0c78d66217c22bd4b2fa08c57b607ff"
vary
Accept-Encoding
x-goog-generation
1703015165050324
x-goog-hash
crc32c=RFPrqg==, md5=8MeNZiF8Ir1LL6CMV7YH/w==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
61432
accept-ranges
none
output.947fef637c83.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/ 		96 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.947fef637c83.css
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e068ed36b40d6e523255e13ab786d4bc18777f1f59d9d396d81e0b6a0b61dcb1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:20:40 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
136980
x-guploader-uploadid
ABPtcPoSN41BD1m4qxtCVbuArIjBDg3YZthswHfvHFqNSzewMb-y4V0zeItphqXWIDX72S7l8nDvjqtE9uio0udto6lzpPO7Ax25
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14581
last-modified
Tue, 19 Dec 2023 19:46:02 GMT
server
UploadServer
etag
W/"60460a724ad1e3337b369483b615b151"
vary
Accept-Encoding
x-goog-generation
1703015162934042
x-goog-hash
crc32c=BzODyg==, md5=YEYKckrR4zN7NpSDthWxUQ==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
98604
accept-ranges
none
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9bd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:40 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
XXGH5XRBF7H9WFW4
age
5359
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Yhlvp6DX1vIPAMIi4JarPJi3fLbFCzlvmu0h4rK021bJz+RNV94FipSrMz6P6nClXY0Rblwtm9U=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLdDuQpphynB2rl7QMYbN0tk4Byj210J1dN%2BdzRZyyIoLg%2FbUbPXXT5D%2BHhm7ZU6%2FJe0uwD%2FmaCz6GlJjz7BXwf2PsMI498b6Po%2FbZ397DecM1b%2FlitdR%2BP4vHic6NK3pWRYSc51ahuSS84OEiw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
838f6935baf30e5f-MXP
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-50.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:17:15 GMT
content-encoding
gzip
via
1.1 4a345f25fcb995602afaf132ccf353de.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 21:44:22 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P5
age
386
x-amz-server-side-encryption
AES256
etag
W/"edee28fbd3a5c9f3c17e0333554b5646"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
DIKU7elQGfY9VLTaGD5TKSOM-cxKQ_F51QT7Cgn383zh_10Ez1BJjw==
fem.js
fem.gprod.postmedia.digital/v93.0/ 		380 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v93.0/fem.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cae693444d5c4b70988da3ee41b0c3809de3f7701f474183ed8a446be6c970a5

Request headers

Referer
Origin
https://www.saultstar.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:20:10 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1702321262
age
137010
x-guploader-uploadid
ABPtcPqLfL5iIwmxKumauLShFvR3e7breNb5g_fe204DOsmn26kp6CmqHamMz15BMt6qT93jx-jVLUb6tug-1r9gm1FzlDVIGWMw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109093
last-modified
Mon, 11 Dec 2023 19:02:01 GMT
server
UploadServer
etag
W/"614b2d032ff8e38b1fff2badbf038f1a"
vary
Accept-Encoding
x-goog-generation
1702321321950203
x-goog-hash
crc32c=K4lC0Q==, md5=YUstAy/444sf/yutvwOPGg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
389565
accept-ranges
none
content-type
application/javascript
bootstrapper
tags.catapultx.com/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/bootstrapper?group-id=C7zB1XPx1US7bnRi538v3g&video-container=.jw-wrapper
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
eaa1fe6daa6d6efa271e07a942dd6cd521cf367b0f2a1470512f43dc315ad50c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:40 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 13 Dec 2023 15:58:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tb%2BQc6GS5RrRfzXBaa2NdXkUUdZkIwVKjxefIrJu5EGdl52mRYMMO0D3ADpepYnbzUeIgCIGCIBJYNA323wSRgGXklj269VSqoQ9yglMIYuAGnJAIMGuowQ41PT3tzZkuBMx7U1uDMivJ1%2BhlWlFwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
838f69363d19bad6-MXP
embed.js
cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/ 		58 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:9800:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
98fee98ab91e6436e07c57bd9bdbed6a0c0b6bdb0744c190be256826a634c22f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:40 GMT
content-encoding
gzip
via
1.1 de7a608ee8aa91b02488536faf8169a0.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-robots-tag
noindex, indexifembedded
content-length
22520
x-amz-cf-id
ss1HvZ_hrPopM7SkbERrCQossQnxsoEIlK8c96w8u8cKopWrhr2NEA==
icon-close-black.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/ 		378 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/icon-close-black.svg
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
15b54a90686829d59ef0c2bc6a9e2e82b6a11536be56acf2b4ff414b081c891d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:50 GMT
x-goog-meta-goog-reserved-file-mtime
1703014127
age
138350
x-guploader-uploadid
ABPtcPqhN2hjcvg_tToi2HQp8PdtHKW4HzI7qPt9-Wis6D7qfbbL59i1ZOTfPHTX9nNXuvPwaQAegudV0LQy8Ho4n_yrlp2HC448
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
378
last-modified
Tue, 19 Dec 2023 19:46:52 GMT
server
UploadServer
etag
"6b517647b75beac7cede4e634ea51094"
x-goog-generation
1703015212474784
x-goog-hash
crc32c=wbQwCg==, md5=a1F2R7db6sfO3k5jTqUQlA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
378
accept-ranges
bytes
icon-circle-email.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/ 		976 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/icon-circle-email.svg
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2a647bbfb5c6723ca10f9833ae08d3381b0061f982959571e56a55d7768cb7a5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
x-goog-meta-goog-reserved-file-mtime
1703014127
age
138349
x-guploader-uploadid
ABPtcPrZJTMLUf6KxdzB9QISpst_B6FoiqZIhki58dNSEz2HWy5PpxQhpFtmtzNDQTH3HadBI0UTCRHipP7I6BgwlyQYpOgpVOYh
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
976
last-modified
Tue, 19 Dec 2023 19:47:12 GMT
server
UploadServer
etag
"bef02ad8b1f137bbb303cefe8614b69f"
x-goog-generation
1703015232214519
x-goog-hash
crc32c=ZVCajw==, md5=vvAq2LHxN7uzA87+hhS2nw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
976
accept-ranges
bytes
icon-soc-tw.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/icon-soc-tw.svg
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e1068d8250da38213c867fca5b86b32fba9485824eae22362ae681635d78e187

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:58:46 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014127
age
138294
x-guploader-uploadid
ABPtcPq3qOSfCdZF3ao-UJieWWA44Fg5zV69oqxBCAQfHoaEMu8HdHQIc6tD3OWzn6N7HOcCh-HmVPARs5JDdqAfrXqJ7jtxbsjD
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1017
last-modified
Tue, 19 Dec 2023 19:47:12 GMT
server
UploadServer
etag
W/"59c4d1356a9382038a45033f82556d0d"
vary
Accept-Encoding
x-goog-generation
1703015232668238
x-goog-hash
crc32c=shBKYA==, md5=WcTRNWqTggOKRQM/glVtDQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2948
accept-ranges
none
icon-soc-rdit.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/icon-soc-rdit.svg
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1fb82c9bb456f6d5336430ebb3d5b1e596ceb303ee99690f0c9187aa13a0cd43

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014127
age
138349
x-guploader-uploadid
ABPtcPrmII9XAeofOqOYERjfiv5yb3TrBc0fnaxCj9eTShgR3xREsrxhbltHrZuJ4uEypMzmfslzVA93CfBLsSpNerkh-g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
803
last-modified
Tue, 19 Dec 2023 19:47:12 GMT
server
UploadServer
etag
W/"0304b8d3870cc1f4f888574a14022da4"
vary
Accept-Encoding
x-goog-generation
1703015232443769
x-goog-hash
crc32c=GJubKw==, md5=AwS404cMwfT4iFdKFAItpA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2135
accept-ranges
none
icon-soc-pin.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/ 		2 KB
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/icon-soc-pin.svg
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
73ce21104cbd5c5d38a7f58633f41f6aaf3cf9bb58d2166935871115df10086f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014127
age
138349
x-guploader-uploadid
ABPtcPrIEqKVzywlJfn--Zr8BtR6_ZDWfLV96LTYsntJr96M0Hoy3jmr4tT1B6cmd_mrTs5uREOQYWbQKl0DmbmHbXgJamubNxnn
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
753
last-modified
Tue, 19 Dec 2023 19:47:12 GMT
server
UploadServer
etag
W/"7dbe30e1f3c16e83b217e86f8fe87986"
vary
Accept-Encoding
x-goog-generation
1703015232423635
x-goog-hash
crc32c=CmGx6w==, md5=fb4w4fPBboOyF+hvj+h5hg==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1904
accept-ranges
none
icon-soc-li.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/ 		739 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/icon-soc-li.svg
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
73f5cb8f7a137847e41aeb849588174535651b6e140d8b13575f46fff0c496a2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
x-goog-meta-goog-reserved-file-mtime
1703014127
age
138349
x-guploader-uploadid
ABPtcPon8h8bDXlOLVVDyjsHLYZZiEGMyfElSbDcSa0m40y14Mmxjic0j3ThE75ZsbaT5uPeDnshdcm2j5KbaN1JUDkrc445-sLv
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
739
last-modified
Tue, 19 Dec 2023 19:47:12 GMT
server
UploadServer
etag
"071e5c7f2df5f3dc2b856b2576752f1c"
x-goog-generation
1703015232436737
x-goog-hash
crc32c=PfZM8A==, md5=Bx5cfy3189wrhWsldnUvHA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
739
accept-ranges
bytes
icon-soc-tblr.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/ 		479 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/icon-soc-tblr.svg
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bd42ab1e963caae23b78541c50e8b5d8146d0c6b2151fcfcfa938c17c417f68e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
x-goog-meta-goog-reserved-file-mtime
1703014127
age
138349
x-guploader-uploadid
ABPtcPoOkRADsquuFkHXAslXvfsmMVs6aDoQ_pZp3ZxZHuTj4Sek57bkYu4tI1_fVezisMVZo2w9YN4ARmPiQ5vWUK2M7jmOBz8L
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
479
last-modified
Tue, 19 Dec 2023 19:47:12 GMT
server
UploadServer
etag
"1ace9edc1bbac746d584a7270d791ff9"
x-goog-generation
1703015232528145
x-goog-hash
crc32c=08+Lmg==, md5=Gs6e3Bu6x0bVhKcnDXkf+Q==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
479
accept-ranges
bytes
icon-circle-share.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/icon-circle-share.svg
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3831d89c8363135cbc264c56381deb0f9d4f7b0de3b432c24cab8f3814b7c79c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014127
age
138349
x-guploader-uploadid
ABPtcPrqakhn8wmN9NjhHif4cwdHnMXdkML3xOfonXUTA3G1sC5NN2jLGSswVmJnooRa7TBfcXxpW6rBuOzGcrli4DyyYQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1285
last-modified
Tue, 19 Dec 2023 19:47:12 GMT
server
UploadServer
etag
W/"3b237e7e0329ba51bedbe1a07b74142e"
vary
Accept-Encoding
x-goog-generation
1703015232231293
x-goog-hash
crc32c=5qrj1Q==, md5=OyN+fgMpulG+2+Gge3QULg==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2841
accept-ranges
none
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		211 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:40 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 c42c7d102b7b0ab944385204966ce2d4.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
1917
x-amz-cf-pop
MRS52-P5
cf-polished
origSize=1336927
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 04 Dec 2023 07:20:23 GMT
server
cloudflare
etag
W/"34dedade3a8f1aa4aa0db4d3bf475de7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
838f693399900e1e-MXP
x-amz-cf-id
4ozuIgUba8XM0FDm9PqlTl167Ci1Mdn_ueYfu0w1tm_ecuA7fv7Mxg==
expires
Thu, 21 Dec 2023 14:23:40 GMT
ms_auth_client.min.js
edge-auth.microsoft.com/js/ 		279 KB
280 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/js/ms_auth_client.min.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
feb2160dccd8b0345096a272f9753c529fa2f32b843400805851dc714372d9d5
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-24raB1c4mozeEaBHsVum/xCgaZtyqwFBGlblZJZLOk96wE+YQXKlyT+wB6XaSbpJrkag5qn4MFcFMm2y4gcvqODl+/dD/J7iXBZiVsJDgvqgrdPlZm9vNS/TSduHeDmrP4PQqyhsgQTHBa49r9EBLxJj/jAUYktYKU0eM3smFBI=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-24raB1c4mozeEaBHsVum/xCgaZtyqwFBGlblZJZLOk96wE+YQXKlyT+wB6XaSbpJrkag5qn4MFcFMm2y4gcvqODl+/dD/J7iXBZiVsJDgvqgrdPlZm9vNS/TSduHeDmrP4PQqyhsgQTHBa49r9EBLxJj/jAUYktYKU0eM3smFBI=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
date
Thu, 21 Dec 2023 10:23:40 GMT
last-modified
Sat, 11 Nov 2023 09:01:52 GMT
x-msedge-ref
Ref A: BB744CDF77E14AE894C181A3E2470E61 Ref B: VIEEDGE2010 Ref C: 2023-12-21T10:23:40Z
etag
"1da147db6265b08"
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
285448
shared.883fef4c2994.js
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
185113239a6613ca82207e73bb41dcc84ce2274da2732f6ece828c207f2f060c

Request headers

Referer
https://www.saultstar.com/
Origin
https://www.saultstar.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:49 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
138351
x-guploader-uploadid
ABPtcPqaVTvPezFonHWcjNrDFIMZ2k6Z7_7uVofiTEiqLtxe9PE8apJ7DmQFkmrVvsLMXLJUmK9kAONrwMvXA8qjfd-6qw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7509
last-modified
Tue, 19 Dec 2023 19:46:06 GMT
server
UploadServer
etag
W/"9821e7f2a511b6c16c288d392dd2c55d"
vary
Accept-Encoding
x-goog-generation
1703015166560299
x-goog-hash
crc32c=nd/6aQ==, md5=mCHn8qURtsFsKI05LdLFXQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
20870
accept-ranges
none
content-type
application/javascript
main.de60ce74dc51.js
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/ 		134 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/main.de60ce74dc51.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
de60ce74dc51181fe850f249ae75cc015cbf18c96b9e44f5a40e9cc56b0ba85b

Request headers

Referer
https://www.saultstar.com/
Origin
https://www.saultstar.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:49 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
138351
x-guploader-uploadid
ABPtcPrc1r6CEzDQqp2SyktRvGOPwnIlU-Y3YFAvP1wOgh6fTVwyFSeHll5L1EerxRynetgx1p7pVdb7bCDhRkYcSjuayA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46393
last-modified
Tue, 19 Dec 2023 19:46:06 GMT
server
UploadServer
etag
W/"0482cd44a5474059f0144f00e198305f"
vary
Accept-Encoding
x-goog-generation
1703015166460645
x-goog-hash
crc32c=6y/t+g==, md5=BILNRKVHQFnwFE8A4ZgwXw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
136827
accept-ranges
none
content-type
application/javascript
css
fonts.googleapis.com/ 		7 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
24e2db472b47c82ae28a7dfeb21ee6133e43bdd4ff9adfc8f8e4d1096508ac6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Dec 2023 10:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 10:23:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Dec 2023 10:23:40 GMT
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 		454 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aff6c2743f2252279f0f406b7d452f213f551dfacc1f66b117822458796bbdc6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:40 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ABPtcPoavSqvlywKLKadakN9NUiNZuEVTD_DZ9MN0SNmQGEK619EZQDhvi0n_dl0bzV4N1AfVQBiIQxFGvWUCQsphEpMUhcCQaqZ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
114496
last-modified
Wed, 13 Dec 2023 14:45:53 GMT
server
cloudflare
etag
"1789c53237f634e187c714d75e7228d9"
vary
Accept-Encoding
x-goog-generation
1702478753777915
content-type
application/javascript
x-goog-hash
crc32c=pzIw5Q==, md5=F4nFMjf2NOGHxxTXXnIo2Q==
cache-control
public, max-age=900
x-goog-stored-content-length
114496
accept-ranges
bytes
timing-allow-origin
*
cf-ray
838f69369d460211-ZRH
expires
Thu, 21 Dec 2023 10:38:40 GMT
3528
config.aps.amazon-adsystem.com/configs/ 		532 B
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3528
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-6.ams54.r.cloudfront.net
Software
CloudFront /
Resource Hash
58872cd025f6c0f8214a15cae9a40e5bfccac477ffd65d0b0e472c80f37e56a0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:34:00 GMT
via
1.1 4cc2a0a7eb7d5483edc69be298297f9e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS54-C1
age
2980
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
-kr1BidwgjN54jwJ7vNKZBKrQykEWEsJOE5q7kHmXPt_CIRrQC-Clw==
config
c.amazon-adsystem.com/cdn/prod/ 		353 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fwww.saultstar.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:39 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.saultstar.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
353
x-amz-cf-id
jym72jc2QGB8n1D1XaYVPEJxyrxH3U6HfhLYPRrngVXS8dxYs_CmrA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
date
Thu, 21 Dec 2023 10:23:40 GMT
x-amz-cf-pop
FRA56-C2
age
6049
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
HaHKVr86vhtQWu9lEVySR_cvZO3wkVUn0trpivLsKr6FA5SJX9PcXw==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:13:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
4215
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 20 Dec 2024 09:13:25 GMT
14648-pbjs-floors.json
ads.rubiconproject.com/floors/ 		64 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
4b73da9e7f74a7ea075a3432685e97ba5209003bae4765a1dfb0cbbbfb726461

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:40 GMT
content-encoding
gzip
last-modified
Thu, 21 Dec 2023 09:40:35 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5607
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231221
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba12b6a8cb3ac7768d4b13e7d346ba129bd7d4f6932ea695e4691eeee6c3ce2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22967
x-jsd-version
1.0.1910
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21949-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"63e-gYCSFsR1F5cLTq4otFfnX6wr1eE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hr2GdlQ2z0lZ1%2FQbHjp2ZrqBowa6QLMRefESupqEIM5poKhUMqnJWcu7I4Fc%2Fi5G8nSxImwoTBJ3Xp5RmO%2BUhsxQkBvNTIBHe8CGS%2B6RPvxaD0h6zZP%2B0VNj1w2JGpvbSMfm%2B5MquS6opgyxSM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
838f6934dc18524f-MXP
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:40 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 21 Dec 2023 10:38:40 GMT
geo.json
cdn.jwplayer.com/v2/ 		40 B
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/geo.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:9800:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
26565545186e94229fa5a7b4ccf77f1da9d1927143f91d06095ee7d249b01876

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 21 Dec 2023 10:23:40 GMT
via
1.1 447163709b16a97083db09f6ac040b38.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
x-amz-cf-id
b98abEtMdBhHZWdB_rWHmj0q1O36zwBXBhSre8mLgb3eYKxPuKXhuw==
x-cache
Miss from cloudfront
index.js
ssl.p.jwpcdn.com/player/services/jwpsrv/v/4/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/services/jwpsrv/v/4/index.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f733263ba0d482063be46904102884233d3e14ebc2818968db52579a7bdaf83

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:40 GMT
content-encoding
gzip
via
1.1 varnish
age
438
x-cache
HIT
content-length
20535
x-served-by
cache-mxp6974-MXP
last-modified
Wed, 13 Dec 2023 06:00:18 GMT
server
AmazonS3
x-timer
S1703154221.712332,VS0,VE0
etag
"1d1853b5560baf12b94fc6c5f4860bd2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
2
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/10276888/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Server
18.65.39.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-56.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 06:43:04 GMT
content-encoding
gzip
via
1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
13238
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
TYwhytTo4kBpsP2DMR0GBytHXILp673NjEpdaPf1ED2r5KMqUYXu6g==

Redirect headers

date
Thu, 21 Dec 2023 10:23:40 GMT
via
1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
Ld2K6BK7zbRq6Ypu2kftC2ZV_bYx_Hb-fbsUXQY_knUqaGX7rqY9PQ==
icon-circle-email.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/ 		976 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/icon-circle-email.svg
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2a647bbfb5c6723ca10f9833ae08d3381b0061f982959571e56a55d7768cb7a5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
x-goog-meta-goog-reserved-file-mtime
1703014127
age
138349
x-guploader-uploadid
ABPtcPrZJTMLUf6KxdzB9QISpst_B6FoiqZIhki58dNSEz2HWy5PpxQhpFtmtzNDQTH3HadBI0UTCRHipP7I6BgwlyQYpOgpVOYh
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
976
last-modified
Tue, 19 Dec 2023 19:47:12 GMT
server
UploadServer
etag
"bef02ad8b1f137bbb303cefe8614b69f"
x-goog-generation
1703015232214519
x-goog-hash
crc32c=ZVCajw==, md5=vvAq2LHxN7uzA87+hhS2nw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
976
accept-ranges
bytes
icon-soc-rdit.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/ 		2 KB
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/icon-soc-rdit.svg
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1fb82c9bb456f6d5336430ebb3d5b1e596ceb303ee99690f0c9187aa13a0cd43

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014127
age
138349
x-guploader-uploadid
ABPtcPrmII9XAeofOqOYERjfiv5yb3TrBc0fnaxCj9eTShgR3xREsrxhbltHrZuJ4uEypMzmfslzVA93CfBLsSpNerkh-g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
803
last-modified
Tue, 19 Dec 2023 19:47:12 GMT
server
UploadServer
etag
W/"0304b8d3870cc1f4f888574a14022da4"
vary
Accept-Encoding
x-goog-generation
1703015232443769
x-goog-hash
crc32c=GJubKw==, md5=AwS404cMwfT4iFdKFAItpA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2135
accept-ranges
none
icon-soc-tw.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/icon-soc-tw.svg
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e1068d8250da38213c867fca5b86b32fba9485824eae22362ae681635d78e187

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:58:46 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014127
age
138294
x-guploader-uploadid
ABPtcPq3qOSfCdZF3ao-UJieWWA44Fg5zV69oqxBCAQfHoaEMu8HdHQIc6tD3OWzn6N7HOcCh-HmVPARs5JDdqAfrXqJ7jtxbsjD
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1017
last-modified
Tue, 19 Dec 2023 19:47:12 GMT
server
UploadServer
etag
W/"59c4d1356a9382038a45033f82556d0d"
vary
Accept-Encoding
x-goog-generation
1703015232668238
x-goog-hash
crc32c=shBKYA==, md5=WcTRNWqTggOKRQM/glVtDQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2948
accept-ranges
none
icon-soc-li.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/ 		739 B
811 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/icon-soc-li.svg
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
73f5cb8f7a137847e41aeb849588174535651b6e140d8b13575f46fff0c496a2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
x-goog-meta-goog-reserved-file-mtime
1703014127
age
138349
x-guploader-uploadid
ABPtcPon8h8bDXlOLVVDyjsHLYZZiEGMyfElSbDcSa0m40y14Mmxjic0j3ThE75ZsbaT5uPeDnshdcm2j5KbaN1JUDkrc445-sLv
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
739
last-modified
Tue, 19 Dec 2023 19:47:12 GMT
server
UploadServer
etag
"071e5c7f2df5f3dc2b856b2576752f1c"
x-goog-generation
1703015232436737
x-goog-hash
crc32c=PfZM8A==, md5=Bx5cfy3189wrhWsldnUvHA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
739
accept-ranges
bytes
icon-close-black.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/ 		378 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/icon-close-black.svg
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
15b54a90686829d59ef0c2bc6a9e2e82b6a11536be56acf2b4ff414b081c891d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:50 GMT
x-goog-meta-goog-reserved-file-mtime
1703014127
age
138350
x-guploader-uploadid
ABPtcPqhN2hjcvg_tToi2HQp8PdtHKW4HzI7qPt9-Wis6D7qfbbL59i1ZOTfPHTX9nNXuvPwaQAegudV0LQy8Ho4n_yrlp2HC448
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
378
last-modified
Tue, 19 Dec 2023 19:46:52 GMT
server
UploadServer
etag
"6b517647b75beac7cede4e634ea51094"
x-goog-generation
1703015212474784
x-goog-hash
crc32c=wbQwCg==, md5=a1F2R7db6sfO3k5jTqUQlA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
378
accept-ranges
bytes
icon-soc-pin.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/ 		2 KB
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/icon-soc-pin.svg
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
73ce21104cbd5c5d38a7f58633f41f6aaf3cf9bb58d2166935871115df10086f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014127
age
138349
x-guploader-uploadid
ABPtcPrIEqKVzywlJfn--Zr8BtR6_ZDWfLV96LTYsntJr96M0Hoy3jmr4tT1B6cmd_mrTs5uREOQYWbQKl0DmbmHbXgJamubNxnn
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
753
last-modified
Tue, 19 Dec 2023 19:47:12 GMT
server
UploadServer
etag
W/"7dbe30e1f3c16e83b217e86f8fe87986"
vary
Accept-Encoding
x-goog-generation
1703015232423635
x-goog-hash
crc32c=CmGx6w==, md5=fb4w4fPBboOyF+hvj+h5hg==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1904
accept-ranges
none
icon-soc-tblr.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/ 		479 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/icon-soc-tblr.svg
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bd42ab1e963caae23b78541c50e8b5d8146d0c6b2151fcfcfa938c17c417f68e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
x-goog-meta-goog-reserved-file-mtime
1703014127
age
138349
x-guploader-uploadid
ABPtcPoOkRADsquuFkHXAslXvfsmMVs6aDoQ_pZp3ZxZHuTj4Sek57bkYu4tI1_fVezisMVZo2w9YN4ARmPiQ5vWUK2M7jmOBz8L
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
479
last-modified
Tue, 19 Dec 2023 19:47:12 GMT
server
UploadServer
etag
"1ace9edc1bbac746d584a7270d791ff9"
x-goog-generation
1703015232528145
x-goog-hash
crc32c=08+Lmg==, md5=Gs6e3Bu6x0bVhKcnDXkf+Q==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
479
accept-ranges
bytes
icon-circle-share.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/share-icons/icon-circle-share.svg
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3831d89c8363135cbc264c56381deb0f9d4f7b0de3b432c24cab8f3814b7c79c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014127
age
138349
x-guploader-uploadid
ABPtcPrqakhn8wmN9NjhHif4cwdHnMXdkML3xOfonXUTA3G1sC5NN2jLGSswVmJnooRa7TBfcXxpW6rBuOzGcrli4DyyYQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1285
last-modified
Tue, 19 Dec 2023 19:47:12 GMT
server
UploadServer
etag
W/"3b237e7e0329ba51bedbe1a07b74142e"
vary
Accept-Encoding
x-goog-generation
1703015232231293
x-goog-hash
crc32c=5qrj1Q==, md5=OyN+fgMpulG+2+Gge3QULg==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2841
accept-ranges
none
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.saultstar.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:53:59 GMT
x-content-type-options
nosniff
age
178181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 08:53:59 GMT
icon-arrow-down-black.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/ 		277 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/icon-arrow-down-black.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.c9fe1e8e609f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
36260e9cb231e00f7334eacc8a181329ba4c622cb50312342edb9e8512812cf7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.c9fe1e8e609f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:15:09 GMT
x-goog-meta-goog-reserved-file-mtime
1703014127
age
137311
x-guploader-uploadid
ABPtcPpmEtMPHOp7_ad3GSHgy4wW7a6SjhNPYlGdlVi4alhb2SL5Kb36SjL2fTdtJlV6VEGrg4rJ1BUURDwd2rk8vSewb9bMKccg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
277
last-modified
Tue, 19 Dec 2023 19:46:52 GMT
server
UploadServer
etag
"a5dd30b7839d3378d52ef14525a5aa5f"
x-goog-generation
1703015212072785
x-goog-hash
crc32c=BEI86Q==, md5=pd0wt4OdM3jVLvFFJaWqXw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
277
accept-ranges
bytes
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.saultstar.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:28:03 GMT
x-content-type-options
nosniff
age
233737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Dec 2024 17:28:03 GMT
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9514372ab8ac313ea8019966fdcfe91b201c3aa69f92de8346ab34af461bbad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.saultstar.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:34:07 GMT
x-content-type-options
nosniff
age
233373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21140
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:53:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Dec 2024 17:34:07 GMT
32c3b3eaeb8da22d2d7b31.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		1 KB
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/32c3b3eaeb8da22d2d7b31.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f4cc6338ed06c4e4b1f448c9ac312d0b431add3d72600816b11635880a918f5d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
138349
x-guploader-uploadid
ABPtcPr_2wh1VwGO3g5bS1nihVrFa_QcanS9Wm6yp-DQIHCEZ93JFQr3wFRSDQ4msvu8T4xgA_Tr8q7VRO74BaOSyfo6bCZ3NLNy
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
564
last-modified
Tue, 19 Dec 2023 19:47:16 GMT
server
UploadServer
etag
W/"0be0ae4bf7fe4075ed280d1fcc7c6b2e"
vary
Accept-Encoding
x-goog-generation
1703015236807106
x-goog-hash
crc32c=P9xF3g==, md5=C+CuS/f+QHXtKA0fzHxrLg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1353
accept-ranges
none
688c080cafcfa4457b823.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/688c080cafcfa4457b823.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f8859622b014c35916f294efc76fdb684a5681149809636416851b765d4eaf39

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
138349
x-guploader-uploadid
ABPtcPqxpHnlLiOClAw_gxQwD0tSbtsxJSKAsW6QbmS2HDuF78FZgBkhjNoZAz0h06jL6x8RIOfgAm3eKsAKE-mvO5hRPw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3749
last-modified
Tue, 19 Dec 2023 19:47:18 GMT
server
UploadServer
etag
W/"732fda2c30c3393b58bf994c348513e9"
vary
Accept-Encoding
x-goog-generation
1703015238971652
x-goog-hash
crc32c=Vq7U3Q==, md5=cy/aLDDDOTtYv5lMNIUT6Q==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11752
accept-ranges
none
f8ea7554630384877a2617.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/f8ea7554630384877a2617.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1185218883cb5ec765c3292aaaccf15869b99c089b1c938266134666608a6ba1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
138349
x-guploader-uploadid
ABPtcPrNmE_XYrCTtmKAp9kRWT6eKvS88Q8kFJBDFNKnRSG3wNbR4ASkiPr_1jPPZHAh16HyHJUpVjl1D26CnaPtD0AjDkbotqq6
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4455
last-modified
Tue, 19 Dec 2023 19:47:20 GMT
server
UploadServer
etag
W/"63ac658e3632ca1e5a0f6645b4912a38"
vary
Accept-Encoding
x-goog-generation
1703015240772266
x-goog-hash
crc32c=Q2a+sw==, md5=Y6xljjYyyh5aD2ZFtJEqOA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
14083
accept-ranges
none
ea832ca95701397e2eac15.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ea832ca95701397e2eac15.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
833f2dcdef413e55d70cd6db9cc8a80667ab100b200a8a2d4335ac24e117186c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
138349
x-guploader-uploadid
ABPtcPqmSBOcqrzALbSufpZN_GdFe_RpyjD44-YsiNZesCg_xEz0RXAt-rn8vxIQhWLGsXtqblJBMNNDzhC72oohe5HZVQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1600
last-modified
Tue, 19 Dec 2023 19:47:20 GMT
server
UploadServer
etag
W/"098d12d96c7e62e862f579ad1f62e5aa"
vary
Accept-Encoding
x-goog-generation
1703015240662108
x-goog-hash
crc32c=yIcWuA==, md5=CY0S2Wx+Yuhi9XmtH2Llqg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
3936
accept-ranges
none
d4efad7e20635a605c2827.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/d4efad7e20635a605c2827.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5a16b3e32a8432bd5ff4aff2814946b90ca1c2800967f9eeedab950a0513ca82

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
138349
x-guploader-uploadid
ABPtcPqbZhWAyWBJ5mpyGITZshyfOZJPJkvQZCt11ZfsPjC_8woRtjmLPlf9M54lAoHsDUQgnGRxq3sM7je5q9w1AEJunEALPM9V
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2157
last-modified
Tue, 19 Dec 2023 19:47:20 GMT
server
UploadServer
etag
W/"d24b14015c6b8790e96d2557054a2358"
vary
Accept-Encoding
x-goog-generation
1703015240376659
x-goog-hash
crc32c=sDDGYA==, md5=0ksUAVxrh5DpbSVXBUojWA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6373
accept-ranges
none
286b462e1048adda4f6f36.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/286b462e1048adda4f6f36.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
77f014b24f1d51b9e8feb12df701a957c14c0be286d6c914975afd019d15a79a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
138349
x-guploader-uploadid
ABPtcPrmzMUepYy3pPjooGz8FkrRtgNqnYDGvMRslS8x9R-YFnEppThSPyYyLL9k-UC17G5vfjcVPK6FfWl4F4S3PAyrTAVwRRZm
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1072
last-modified
Tue, 19 Dec 2023 19:47:16 GMT
server
UploadServer
etag
W/"3d636269883d1e0a8bcb405d83e6136d"
vary
Accept-Encoding
x-goog-generation
1703015236440261
x-goog-hash
crc32c=MY5NLg==, md5=PWNiaYg9HgqLy0Bdg+YTbQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2461
accept-ranges
none
4c053bd7593db896d5bd4.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/4c053bd7593db896d5bd4.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
87b85c256b170188318d0d8c695f43153651f18ee7a4788101b65da65ae0b85d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
138349
x-guploader-uploadid
ABPtcPoW7ENzIxL5M3tcPHHYwyIxP4emdxOKweAttKXmYPTuOXN4nSAfJ43g6KEcrST2zmhc_OijpJX5eTKDA3Yh7ZsbLw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4391
last-modified
Tue, 19 Dec 2023 19:47:18 GMT
server
UploadServer
etag
W/"7483c234c6571a1ccf1dad53c7ccc622"
vary
Accept-Encoding
x-goog-generation
1703015238079242
x-goog-hash
crc32c=cT/cag==, md5=dIPCNMZXGhzPHa1Tx8zGIg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
15526
accept-ranges
none
a22185a71907d8927c8537.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		224 B
257 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/a22185a71907d8927c8537.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e6214b2559f67192d41d07d928357497936f068d2953d63646bbfe104b1d68c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
x-goog-meta-goog-reserved-file-mtime
1703014125
age
138349
x-guploader-uploadid
ABPtcPrKMnSVIIJSCAb3YksDUvrKiY8YKTEz00JDKVuzdFPdrnKcWXXZgrRJ5RlfnROQLBS1aDTlkyil1xDWvNhUqUQkmg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
"4ee0e989a064cf6630bf9ebee4879191"
x-goog-generation
1703015239741862
x-goog-hash
crc32c=jUJANA==, md5=TuDpiaBkz2Ywv56+5IeRkQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
224
accept-ranges
bytes
07cb4903260c8d15c5d729.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/07cb4903260c8d15c5d729.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5df866e196bcb462d516549dfeb2dd0c1f065e77d0c0b34176d198cea734d7fd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
138349
x-guploader-uploadid
ABPtcPptwYVccA68j8F0R-UOOqhKNWHzfOZWqZ6wD8E3w501hrEukGyPI05JS9kr94MgvNCTM9RJS9Xt_MMDjN-v2L1WmA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1006
last-modified
Tue, 19 Dec 2023 19:47:14 GMT
server
UploadServer
etag
W/"259a2c97254ac5ccc956b4f60b2eef4d"
vary
Accept-Encoding
x-goog-generation
1703015234785127
x-goog-hash
crc32c=iZRidg==, md5=JZoslyVKxczJVrT2Cy7vTQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2390
accept-ranges
none
4c782041f95f0f6fefe033.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/4c782041f95f0f6fefe033.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
20582a562e7f2dc93433aacd707d211c81695c576a4b6e54d95815fa6bf9a21b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
138349
x-guploader-uploadid
ABPtcPrHB3EjSYoYI1n8VuBqEvg8WkEQDatXZfndwNUMi0W56x7YmQQU_-DkcOP04DfGlEdYkESuHFSxT2WirsRyt5U5aA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2519
last-modified
Tue, 19 Dec 2023 19:47:18 GMT
server
UploadServer
etag
W/"68b3d4946b53a10877ed46666a6f47ce"
vary
Accept-Encoding
x-goog-generation
1703015238074608
x-goog-hash
crc32c=pf9+YQ==, md5=aLPUlGtToQh37UZmam9Hzg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6721
accept-ranges
none
7380f428297495c9787e0.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/7380f428297495c9787e0.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
138349
x-guploader-uploadid
ABPtcPqwh8oZIiSbY0gPLNmEG8_YAmaAFPj5vZj8FjhDWTbR7WqrtUDkB_75eOj891H7-fQXqhEh41yQQXugdeQhQnxI-Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2825
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
W/"16a345a6eb36c4391df09d45582d99e7"
vary
Accept-Encoding
x-goog-generation
1703015239108648
x-goog-hash
crc32c=eCv7Ug==, md5=FqNFpus2xDkd8J1FWC2Z5w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6981
accept-ranges
none
4f4d1628a8065ccff16624.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/4f4d1628a8065ccff16624.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
43a42702c59bc37d11cb776ffd904de25fe945c6028ef290dabfd0e977a88366

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:51 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
138349
x-guploader-uploadid
ABPtcPrpSvpdUkgER7f8lHisnD7eCfeautBOKmbZeKFq0aJhyMtJDwMq5fCsdJ1HjHirs7YdyAoSgAwiugTxq2beXXXiiQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2083
last-modified
Tue, 19 Dec 2023 19:47:18 GMT
server
UploadServer
etag
W/"c6326d88acc6beb06cf9db5fffaee6c6"
vary
Accept-Encoding
x-goog-generation
1703015238307588
x-goog-hash
crc32c=hqW8ug==, md5=xjJtiKzGvrBs+dtf/67mxg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6047
accept-ranges
none
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 		12 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:40 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
getuidj
ib.adnxs.com/ 		11 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:40 GMT
an-x-request-uuid
5e2279d0-f4c2-42a3-900f-443d9e7d6f9f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.saultstar.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.9; 176.10.106.9; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
090ed090-9a32-4886-9dcf-8368415ad0bc
https://www.saultstar.com/ 		161 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.saultstar.com/090ed090-9a32-4886-9dcf-8368415ad0bc
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d07fb45f295358e44b45f21d0af5da1fb53b4dfcc329ed52e4696105926a66e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
165087
Content-Type
23610f88-ddb7-45a0-84ad-66a9c270d341
https://www.saultstar.com/ 		161 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.saultstar.com/23610f88-ddb7-45a0-84ad-66a9c270d341
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d07fb45f295358e44b45f21d0af5da1fb53b4dfcc329ed52e4696105926a66e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
165087
Content-Type
geoip
api.permutive.com/v2.0/ 		207 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
f8309299fec7e8c3dcb0ad264f831b568bbca033ed72d6dfa185502ec4689e25

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:40 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
watson
api.permutive.com/v2.0/ 		324 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
67c56a7d4e7226317f808ffc6ec2ab4b75e0b2d17ad5f9a6fce15bfb810e53da

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:40 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
cdn.permutive.com/models/v2/ 		75 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da5f3bc65d2847e85409fab61a326ac39ef0183df2f319554d268e089116735

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:40 GMT
content-encoding
gzip
cf-cache-status
MISS
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ABPtcPpBmk59fhO3CoHZ144SPX_-KZZgg3FM72VA_JGotUt9zwpFLcGIOjVpXrlCGWsiziRXUdSuInvRWB5C5PoQq9fS7w
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
52055
last-modified
Thu, 21 Dec 2023 06:02:25 GMT
server
cloudflare
etag
"c6e728c366384d8d6e0a64c838cc8535"
vary
Accept-Encoding
x-goog-generation
1702879349237030
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=hqElYg==, md5=xucow2Y4TY1uCmTIOMyFNQ==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
52055
accept-ranges
bytes
timing-allow-origin
*
cf-ray
838f69387ee04c66-MXP
expires
Thu, 21 Dec 2023 10:23:40 GMT
simple
api.sail-personalize.com/v1/personalize/ 		256 B
474 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
e2d69fdfdc7b7331b09ae4de0fd17999ba57ba65ef0e61a7f957250702e72421

Request headers

x-lib-version
v1.0.1
accept-language
de-CH,de;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://www.saultstar.com/
x-referring-url
https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
173
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://www.saultstar.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Thu, 21 Dec 2023 10:23:41 GMT
player-event
events.qortex.ai/api/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/bootstrapper?group-id=C7zB1XPx1US7bnRi538v3g&video-container=.jw-wrapper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=haSr%2F1N01Zgcz6SEyWAFZ8hxZzoIBKwkHzkTSrDbHx0jRSYoZQ40reMsxGRZubf3IzRx955uVOX%2B9qQ%2FXJJwLb%2FF1%2B1cGRlTW3rnLczMIrisYoeV1WnCwdp8QslhEGX%2FIp5qqa5KcvuobJ8bdHw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
838f6938c9aa8397-MXP
content-length
0
cx-bootstrapper-init
tags.catapultx.com/cxo/ 		49 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/cx-bootstrapper-init
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/bootstrapper?group-id=C7zB1XPx1US7bnRi538v3g&video-container=.jw-wrapper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ba7e0e72735ea304bac8a43e87c2da1b7ee2d6705e8548a2fde134beb08d7b48

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
69
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0wcgV6lI5wu6FcGvAy5ukvl9TivC8O4R3KzK0xpdZH%2BSkPA0rNmDEgYmLML88EVfe92twRBweVrbTgn9KXxA203IbvnMSjfWu3gDeHf4MsM5%2BopScfelx9IaXzeHziwF5EZNFhPQufY5UN%2FSy33ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
838f6938687bbad6-MXP
init-3392tkd9ir9ggbv3f0mu.js
api.fouanalytics.com/api/ 		0
502 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.fouanalytics.com/api/init-3392tkd9ir9ggbv3f0mu.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/bootstrapper?group-id=C7zB1XPx1US7bnRi538v3g&video-container=.jw-wrapper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IamkOB%2BvRF82iVW49ULb4l3JST%2BdUfnEfNJ4DVUp6gYau40Ce47ANVC8sASt1Eb22hbpeZaJXD7CcOQjavoPPBvErqislC9lf80BAP5aTRbdjEenVNz4FSmKg%2BKrUjaaOwXgC32dDxREmihGbHW07TLHgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
838f6938be1e0d69-MXP
alt-svc
h3=":443"; ma=86400
expires
0
noscript-3392tkd9ir9ggbv3f0mu.gif
api.fouanalytics.com/api/ 		0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.fouanalytics.com/api/noscript-3392tkd9ir9ggbv3f0mu.gif
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6020 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpOkWbZSlqsfuSEWG%2FtUKsGDRt%2BF%2FoHh1AKK4gA%2BI58nXkZ%2BDG9gFuxqpLheCGG9ScrUQEgOJOsaGEiURneyayKb8cM6nPOyGu72j2O3ngpHjs1GPoONDQw4LhDpBITdcvqbXp2eZ2FiP8aKbvGiq8PHdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
838f6938be1f0d69-MXP
alt-svc
h3=":443"; ma=86400
expires
0
xd.html
fem.gprod.postmedia.digital/v93.0/ Frame B564 		165 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v93.0/xd.html
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
531dd530899d5c89c1c766c0ca463c5e319a84044ebde699ec95b633807025a5

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
138025
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31622400
content-length
165
content-type
text/html
date
Tue, 19 Dec 2023 20:03:15 GMT
etag
"e66a4f59260370c7eb851d9880e08527"
last-modified
Mon, 11 Dec 2023 19:02:03 GMT
server
UploadServer
x-cache-hit
hit
x-goog-generation
1702321323873559
x-goog-hash
crc32c=e89JmA== md5=5mpPWSYDcMfrhR2YgOCFJw==
x-goog-meta-goog-reserved-file-mtime
1702321262
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
165
x-guploader-uploadid
ABPtcPqyUDkdEwZZFt-k0GGG0qPKNwzE6dIWjkXmTJtCja7Vv8HA-fQgwB3GSg6W5bYHC-qCWgDYnQDigQkJ6KEQEuGnRH7c61Mp
pub
pixel.adsafeprotected.com/services/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.90,970.90,728.90%5D,p:/3081/SMCO_ENCO_ON_SaultStar_EN_WEB/news/story,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_ON_SaultStar_EN_WEB/news/story,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_ON_SaultStar_EN_WEB/news/story,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_ON_SaultStar_EN_WEB/news/story,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_ON_SaultStar_EN_WEB/news/story,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_ON_SaultStar_EN_WEB/news/story,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_ON_SaultStar_EN_WEB/news/story,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_ON_SaultStar_EN_WEB/news/story,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_ON_SaultStar_EN_WEB/news/story,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=e6873dfe-a338-0c66-5cf1-cb86b5ecf254&url=https%253A%252F%252Fwww.saultstar.com%252Fnews%252Fthessalon-band-office-blocking-election-appeal-process-officials-say
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.133.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-133-115.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ac75ea020e812fb9df0319a2582db28ee65d8d96cec20ab337f0d3add44518f9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
server
nginx
x-server-name
app48.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.saultstar.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		196 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&pid=TplJZ7Rguceme&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x90%22%2C%22970x90%22%2C%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-5%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-6%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-7%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-8%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-9%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22f1038be6-7b9e-4864-95d5-0db9373384ad%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
4f46fc5838e2cd0dd3bee516215bb9601c235d7e5e391c419e073084e34e0df6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
SD6QWV1ZJ9NWNE708G2H
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
196
x-amz-cf-id
lzHHDi581BWHfXRS45AH0YMHRBv3ClBM3fOvYzg0t2jBZg97uHsf1g==
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:40 GMT
server
cloudflare
age
51499
etag
W/"65833ec4-2d18"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
838f69393e0c24c0-ZRH
expires
Sun, 24 Dec 2023 10:23:41 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
29248
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-mxp6979-MXP
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAnfqDSeMj%2Bwc8G1kS9gTjLmaTWFH9Qtv9aoKfE6UpNK8e7TZzGPcWk6fLK4KPQuiEEerSMB8agSN351vcMZxOxEnf5%2FExl25zbZazVtVbsNKgfsIFypeIFZ4KuKQi%2F6LWzgU478sN%2B708Na8JA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
838f69390d864bf5-MXP
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703154220948&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703154220948&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blockin...
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703154220948&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&c8=Thessalon%20band%20office%20blocking%20election%20appeal%20process%2C%20officials%20say%20%7C%20Sault%20Star&c9=
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Server
18.65.39.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-56.ams1.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
via
1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS1-P1
x-amz-cf-id
v4l241fevwR8iMJMvKGvBsJRK2nAQMa08a02fQqGy-kpLaR6uYd--Q==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 21 Dec 2023 10:23:40 GMT
via
1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1703154220948&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&c8=Thessalon%20band%20office%20blocking%20election%20appeal%20process%2C%20officials%20say%20%7C%20Sault%20Star&c9=
content-length
0
x-amz-cf-id
rXDzDd2WysdNeBYiMVYLjyzBm4_m25xbdaHkF0KKQ_Lk4DyuC5WYNg==
xd.js
fem.gprod.postmedia.digital/v93.0/ Frame B564 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v93.0/xd.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/xd.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8923b4f2bb98765736f23c71a08a37e09f44734e5ebff0bd587f4db5ab1c9c8a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fem.gprod.postmedia.digital/v93.0/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:03:15 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1702321262
age
138025
x-guploader-uploadid
ABPtcPriq6l3dqBqALWrtD4Hju_5kMt88UG35M_ycfbjYN2qy_1ha853unqD-CRujkr0pNve0m9mnxOBxpP2vYcJmaKo2SbT8QU_
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21174
last-modified
Mon, 11 Dec 2023 19:02:03 GMT
server
UploadServer
etag
W/"2139b791b942c7780fd5e1534f6192af"
vary
Accept-Encoding
x-goog-generation
1702321323904544
x-goog-hash
crc32c=05N7iw==, md5=ITm3kblCx3gP1eFTT2GSrw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
68978
accept-ranges
none
segment
api.permutive.com/adv/v2/ 		14 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 21 Dec 2023 10:23:41 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.saultstar.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 21 Dec 2023 10:23:41 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.saultstar.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 21 Dec 2023 10:23:41 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.saultstar.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 21 Dec 2023 10:23:41 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.saultstar.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 21 Dec 2023 10:23:41 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.saultstar.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 21 Dec 2023 10:23:41 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.saultstar.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 21 Dec 2023 10:23:41 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.saultstar.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 21 Dec 2023 10:23:41 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.saultstar.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 21 Dec 2023 10:23:41 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.saultstar.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 21 Dec 2023 10:23:41 GMT
server
ATS/9.1.10.94
v1
btlr.sharethrough.com/universal/ 		465 B
677 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.201.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-201-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d2205de48460a9aeb813fb4d63585bfc0040ec69faf47ea909f200055d1d0854

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.saultstar.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
308
v1
btlr.sharethrough.com/universal/ 		426 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.201.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-201-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b5b33bd8799b18cf38e5ed334cf7e53cfbbd251844251322a041d640b85d80c6

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.saultstar.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
281
v1
btlr.sharethrough.com/universal/ 		608 B
756 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.201.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-201-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d7298573933722e14c95aeac5f8dc3e4c2532f6b0a49c5ae0e5ceee204cda29d

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.saultstar.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
388
v1
btlr.sharethrough.com/universal/ 		382 B
620 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.201.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-201-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f1444849498b2c6eb6026a5e851aedb0d7df9bae8a4de4dbd3b4b2f46139a67e

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.saultstar.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
252
v1
btlr.sharethrough.com/universal/ 		733 B
809 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.201.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-201-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1d2f9524396aa83fb3b0418871c66c2b274d52f03eccf99406fb1a7dbaa1ddad

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.saultstar.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
440
v1
btlr.sharethrough.com/universal/ 		574 B
730 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.201.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-201-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
cef1f3b034ff50600eaf24a55d990182b946c330400464e5c6114db803630b13

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.saultstar.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
361
v1
btlr.sharethrough.com/universal/ 		455 B
636 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.201.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-201-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
dcf6c395a8b1b640c5ea30f0879b920fdef1ca1d2fcb14d86498125195f895ca

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.saultstar.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
268
v1
btlr.sharethrough.com/universal/ 		719 B
800 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.201.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-201-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8821eaa3b6441c63d8e78ade1a361d9e52f4b6bc11952ac5fc3fae0e54c0c69a

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.saultstar.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
431
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
283 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
801def71cdaead05679d744a81a2aac2080b8eefdde3f4b2820535c40170b3df

Request headers

Referer
https://www.saultstar.com/
x-openrtb-version
2.5
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
512 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
773724843bd75b49829a530ab475834f054d84d669b2a20562f41c373bf692c8

Request headers

Referer
https://www.saultstar.com/
x-openrtb-version
2.5
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
283 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
7cd6cb4e754ea89844a32d4f25b09af63640baa770efb29ccae578db1d796e66

Request headers

Referer
https://www.saultstar.com/
x-openrtb-version
2.5
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
285 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
74e542c8ef37f1d21695f0d1e3fecac4859bf90e720bb1757e313b47abd6b6d5

Request headers

Referer
https://www.saultstar.com/
x-openrtb-version
2.5
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
62e9757197eb6b9f43c4064f9b811c904cd9fac8e79e3c648f08815927c6d4a7

Request headers

Referer
https://www.saultstar.com/
x-openrtb-version
2.5
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
7bf5edfe696a9f13d76221774e4cd9b7798434413aa3a6a2ba712f27841672c3

Request headers

Referer
https://www.saultstar.com/
x-openrtb-version
2.5
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
285 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e96d6e5003cd36107aab8953b10c3a6d4b02586ff44a68afcb1896a3927990d6

Request headers

Referer
https://www.saultstar.com/
x-openrtb-version
2.5
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
eb26c2aa57bcf66f5127a3e87a7c44fed3bbc196f64be318cbb01dbac9b103c8

Request headers

Referer
https://www.saultstar.com/
x-openrtb-version
2.5
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
b258841f268e6ee4ab1da71cb3ff38c7de3c57e5950c6dc4b9f6ec73383b1a42

Request headers

Referer
https://www.saultstar.com/
x-openrtb-version
2.5
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
content-length
84
prebid
prebid.media.net/rtb/ 		1 KB
1009 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUKB9454
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
e562110b1ca8a71f0182c3420de858d17f37b66ec64b08c51eb7a5f2b5b5f3f8

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:40 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.saultstar.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
291
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Dec 2023 10:23:41 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		128 KB
42 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=903014
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18c08d6f369d197297afc660d549129cb33c10ee4821fc013206b8438177a313

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEFTkjMc0rbJgFU8xyScHK%2BlNfAecZ8KJ6J%2FpHrsX8FnpTLwAUnAf1%2BZJ8vi5vbmLClF8oNGmFf%2FcFuHtlEesjJqnAGlVqplQAMbykk0Xe9TY%2BylRAmS%2Fku5%2BwUDrq2nofh5hJrj"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
838f6939a9a901db-ZRH
alt-svc
h3=":443"; ma=86400
expires
0
bid
ap.lijit.com/rtb/ 		95 B
503 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.23.0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b4f1b9a886df0134481ed0c314df3e9aa6328ad3ccaf8ab6fbdd5b9af6e32b84

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 21 Dec 2023 10:23:41 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.saultstar.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebidjs
rtb.openx.net/openrtbb/ 		53 B
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e112118fc89c416775bdcda53b444309dadf33006f364c6d576a09574684edce

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
cdb
bidder.criteo.com/ 		0
196 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=70092509779&lsavail=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.saultstar.com
date
Thu, 21 Dec 2023 10:23:40 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		1 KB
919 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
7e32714149ac99fd78000ab6877c97a1841ce505d9ec12788853bacfb342d53f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
an-x-request-uuid
191b531e-5f9d-4a06-9d13-dc48334d01f4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.saultstar.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.9; 176.10.106.9; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
114 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.saultstar.com
date
Thu, 21 Dec 2023 10:23:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		70 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=448888&zone_id=2604328&size_id=2%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15&alt_size_ids=55%3B2%2C55%2C57%3B2%2C55%2C57%3B2%2C55%2C57%3B2%2C55%2C57%3B2%2C55%2C57%3B2%2C55%2C57%3B2%2C55%2C57%3B2%2C55%2C57&eid_pubcid.org=4c7412a6-9423-4338-bee3-b9a3f6a3f50d%5E1&rf=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&tg_i.domain=saultstar.com&tg_i.page=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&tg_i.aupname=%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews&tg_i.pbadslot=%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews%2Fstory%23ad-1%3B%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews%2Fstory%23ad-2%3B%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews%2Fstory%23ad-3%3B%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews%2Fstory%23ad-4%3B%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews%2Fstory%23ad-5%3B%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews%2Fstory%23ad-6%3B%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews%2Fstory%23ad-7%3B%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews%2Fstory%23ad-8%3B%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews%2Fstory%23ad-9&tk_flint=dmpbjs_v8.23.0&x_source.tid=efeeef8c-8a26-40dc-9e05-a0f83255085b&l_pb_bid_id=1458b562ab60896b%3B146f595fc4a75f92%3B14790ecc9dc5e40f%3B148da58c17e438ce%3B1496f8ce04a719b%3B15014029d43adcd%3B151348e8a9e0194a%3B152fa721fb5fc304%3B153586b792d2f168&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5430798d-fa3e-4f68-923a-ca9649139b9c%3B1724afc6-4e5b-4ca2-9e22-785568404828%3B7193639a-6b56-4bdb-ae71-7074c1284e3b%3B46a99a5e-2904-4100-8e9e-950feb0df348%3Be93067ed-615f-4bb7-ade0-f5db63b24443%3B3823a534-860e-43b8-ae55-e9228989713e%3Bc66366bf-85b4-4c9d-8ede-e43537f3fb88%3B418cf496-0610-4165-9b61-919e396e0538%3B364cdd94-9a8d-4284-a1a1-932c8aa56cf2&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews%2Fstory%23ad-1%3B%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews%2Fstory%23ad-2%3B%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews%2Fstory%23ad-3%3B%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews%2Fstory%23ad-4%3B%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews%2Fstory%23ad-5%3B%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews%2Fstory%23ad-6%3B%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews%2Fstory%23ad-7%3B%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews%2Fstory%23ad-8%3B%2F3081%2FSMCO_ENCO_ON_SaultStar_EN_WEB%2Fnews%2Fstory%23ad-9&slots=9&rand=0.7478063765658147
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::91 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1df64e2ca163666a77934a7d776f4ea0ec65236c76c9f8c110acd785e967f8cd

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
envelope
lexicon.33across.com/v1/ 		49 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=esp&ver=1.3.0
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Dec 2023 10:23:40 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
ping.gif
placement-prd.jwpltx.com/v1/placement/ 		0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://placement-prd.jwpltx.com/v1/placement/ping.gif?h=-279958992&e=pll&n=1630316716928564&aid=ReDAXyY4&plv=0.12.2&sa=1703154220832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:d000:15:2b26:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
via
1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
D_-lT5V1a4nURrOnPhBNx-LU5IHFtBVF6EB0bKxnuteaL5nApKxtSQ==
x-cache
Miss from cloudfront
iu3
aax-eu.amazon-adsystem.com/s/ Frame BB29
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
12bd9c2bb0fa76dd7a89b810c0167d082a2317985b452372d9dca4d2bfdabff5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
325
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 21 Dec 2023 10:23:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
VQ7EGM4F26704MNDMWH2

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 21 Dec 2023 10:23:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
6W805D4D1ZV8N5D1QAWV
events
api.permutive.com/v2.0/batch/ 		101 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
9dd8c6a593a9818d005ac42deba1c7bb83ea5aa55c653836ebc8f72381011d0c

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
ca852450ddef2c05d8cb.js
fem.gprod.postmedia.digital/v93.0/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v93.0/chunks/ca852450ddef2c05d8cb.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b1631a16b9a272828ad99cdb2ff9beb5ca3f1bcfe33741fc51fb9fb1e764e227

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:03:43 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1702321262
age
137998
x-guploader-uploadid
ABPtcPon_6uesIsgNJ3Ue7Du-WOxPZ-w1q1mQQoAuZmPY_oh6-_iD0wtCglchgUX5lBENScr_x3FVhBRR2bVFVXfgPgSSA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1106
last-modified
Mon, 11 Dec 2023 19:02:01 GMT
server
UploadServer
etag
W/"b8c89500a3911a44ff74904e79f8d535"
vary
Accept-Encoding
x-goog-generation
1702321321293267
x-goog-hash
crc32c=5hc1ug==, md5=uMiVAKORGkT/dJBOefjVNQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
3199
accept-ranges
none
ads
securepubads.g.doubleclick.net/gampad/ 		443 KB
65 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=874936816394224&correlator=855110453902146&eid=31077976%2C31079233&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=3081%2CSMCO_ENCO_ON_SaultStar_EN_WEB%2Cnews%2Cstory&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1200x90%7C970x90%7C728x90%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703154221622&lmt=1703154210&adxs=200%2C797%2C797%2C200%2C200%2C200%2C200%2C200%2C200&adys=202%2C1356%2C2725%2C3473%2C4245%2C5041%2C6298%2C7166%2C7890&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&vis=1&psz=1600x90%7C1600x250%7C1600x250%7C1600x250%7C1600x250%7C1600x250%7C1600x250%7C1600x250%7C1600x250&msz=1600x-1%7C1600x-1%7C1600x-1%7C1600x-1%7C1600x-1%7C1600x-1%7C1600x-1%7C1600x-1%7C1600x-1&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=351675966.1703154222&ga_sid=1703154222&ga_hid=1325535558&ga_fc=false&a3p=EhsKDDMzYWNyb3NzLmNvbRi4gZzfyDFIAFICCG8SOwoKcHViY2lkLm9yZxIkNGM3NDEyYTYtOTQyMy00MzM4LWJlZTMtYjlhM2Y2YTNmNTBkGOf_m9_IMUgA&dlt=1703154219969&idt=624&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D0304ef4d-9feb-11ee-8ef6-0ad1c86a73cb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D0304ef4e-9feb-11ee-8ef6-0ad1c86a73cb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D1.07%26hb_adid%3D158ca013e9f0b551%26hb_bidder%3Dix%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D0304ef4f-9feb-11ee-8ef6-0ad1c86a73cb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D1.11%26hb_adid%3D157cf979a4e096f1%26hb_bidder%3Dix%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D0304ef50-9feb-11ee-8ef6-0ad1c86a73cb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90%26pub%3D40%2C50%2C60%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D1.00%26hb_adid%3D159614e56c9b1e1c%26hb_bidder%3Dix%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D0304ef51-9feb-11ee-8ef6-0ad1c86a73cb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90%26pub%3D40%2C50%2C60%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D1.32%26hb_adid%3D155a28015336f0b4%26hb_bidder%3Dix%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D0304ef52-9feb-11ee-8ef6-0ad1c86a73cb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90%26pub%3D40%2C50%2C60%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.95%26hb_adid%3D1602a909703bf55d%26hb_bidder%3Dix%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D0304ef53-9feb-11ee-8ef6-0ad1c86a73cb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90%26pub%3D40%2C50%2C60%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.89%26hb_adid%3D161d2cda73226863%26hb_bidder%3Dix%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D0304ef54-9feb-11ee-8ef6-0ad1c86a73cb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90%26pub%3D40%2C50%2C60%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.44%26hb_adid%3D1676be8944f100b2%26hb_bidder%3Drubicon%7Cloc%3D9%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D0304ef55-9feb-11ee-8ef6-0ad1c86a73cb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90%26pub%3D40%2C50%2C60%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.38%26hb_adid%3D17287b7207bba245%26hb_bidder%3Drubicon&cust_params=permutive%3D96400%252C105541%252C105543%252Crts%26prmtvvid%3D3331d2bb-e7cf-4a40-9b32-0eadadd9250e%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26aid%3Da3bf5f43-d88d-44aa-aaba-ea8bfbbcb071%252C2443641%26author%3DKyle%2520Darbyson%26no_pol%3Dtrue%26page%3Dstory%26pr%3Dssw%26sensitive%3Dy%26sct%3Dpolitics_global%26topics%3Dlocal-news%252Cnews%26negative%3Dy%26nkb%3DCanadalife%252CLandRover%252CGM%252CCartier%252CCIBC%252CJLR%252CHyundai%252CQuestTradeNegative%252CQuestTradePositive%26asrc%3Dssw%26comm%3Dy%26et%3Dsm%26ck%3Dnews%26prmtvsdk%3Dweb%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_6492_KW%252CIAS_6494_KW&adks=2023189716%2C3323503551%2C2610157366%2C2520662453%2C2520662450%2C2520662451%2C2520662448%2C2520662449%2C2520662446&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5403d969babfd75e6b987904f4018aeaea8780076af8aae30c53170cd333bfe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66291
x-xss-protection
0
google-lineitem-id
6404573011,6123534386,6123533981,6122671885,6121373679,6121371825,6123533939,6122672062,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138455016757,138406246893,138406246671,138406246671,138406246671,138406246674,138406246671,138406115165,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.saultstar.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ef103475979f7a18eed5f87c809bbbe5f716778af5f3da870172f0e19ed614f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12200
x-xss-protection
0
container.html
a8fd85fde9378c09afa02287010769df.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2622 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a8fd85fde9378c09afa02287010769df.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 10:23:41 GMT
expires
Fri, 20 Dec 2024 10:23:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.saultstar.com
Connection
keep-alive
Date
Thu, 21 Dec 2023 10:23:41 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 21 Dec 2023 10:23:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://www.saultstar.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame FB22 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f46cb63f713050909f605ef0442f217ac42a6119e6cd5a32245e423b5dc1603e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2055
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 21 Dec 2023 10:23:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
YAVGV87PDSRG86710SQ7
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Dec 2023 10:23:41 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 8D1D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
894 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a98e82cd513deb7765cdb256c87b17b8baeeea85cf944f6375103a6dd41b79f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
838f693e9ba401db-ZRH
content-encoding
br
content-type
text/html
date
Thu, 21 Dec 2023 10:23:41 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVcyfSYKGomsOzcY%2FqMLJhAxezH%2FTm6s4KVaAtjtC2a73WWZJBecIM%2Bw6mPe52Z3AzAdrlmnmSFWME0H9PRRoEhKriNomLqcxRbI20V3H78uQ9JBINIJUCgMti9Kpr4OLGSIj2DNjJDrTA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
838f693e4b3401db-ZRH
content-length
0
date
Thu, 21 Dec 2023 10:23:41 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BhpYAYsr8fUcdkA%2B3G3a30vjzKEMlKYZI3A%2BKrMvk8AnELwn8IyI7JHjReHWoAh7fcyx2TmaCXgs3Q9%2F14AK5fEW%2BtXgA5mqtE4zzQAf1TfZfS8RtI38jtxtWAcl%2BQB5%2BtuzKGJUBAHtA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
match.sharethrough.com/jwumXNuB/v1/ Frame 0ADE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.18.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-18-253.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B183 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=165450
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 21 Dec 2023 10:23:41 GMT
expires
Sat, 23 Dec 2023 08:21:11 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0875 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Dec 2023 10:23:41 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 6237
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BO...
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3...
809 B
782 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
00a2339203c3a35bd9e2764adc0532bbc81f71eb710a11726941e584395be455

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
459
content-type
text/html
date
Thu, 21 Dec 2023 10:23:41 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 21 Dec 2023 10:23:41 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C927
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=5148106858807832576&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=5148106858807832576&ex=appnexus.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Dec 2023 10:23:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
V5QWG6F2TAGEC4NWQGVE

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
996cda51-1d35-4934-81f8-8d120eb52929
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 21 Dec 2023 10:23:41 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=5148106858807832576&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
176.10.106.9; 176.10.106.9; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
amazon
ap.lijit.com/beacon/ Frame FDFB
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
75472c974f12419398c5bc9626059493af31bf12caf0a7df944e04fca74df593

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
422
Content-Type
text/html
Date
Thu, 21 Dec 2023 10:23:41 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap6ams1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Thu, 21 Dec 2023 10:23:41 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame FDFB 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=H24vuPZHY6sbRTnHS_CcdBfQ&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T8QNTQP50K6D737S9GAK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame FDFB
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=a6c3e51b-5aaa-4810-a384-25f0c2621ff4
0
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=a6c3e51b-5aaa-4810-a384-25f0c2621ff4
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:42 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=a6c3e51b-5aaa-4810-a384-25f0c2621ff4
Date
Thu, 21 Dec 2023 10:23:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sovrn
tr.blismedia.com/v1/api/sync/ Frame FDFB 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
merge
ce.lijit.com/ Frame FDFB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?3pid=AABVI07LCCQAABMhZqz8jQ&pid=85&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=AABVI07LCCQAABMhZqz8jQ&pid=85&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:42 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?3pid=AABVI07LCCQAABMhZqz8jQ&pid=85&gdpr=0
Date
Thu, 21 Dec 2023 10:23:42 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame FDFB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D4ed037...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D...
  • https://ce.lijit.com/merge?pid=16&3pid=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:42 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 21 Dec 2023 10:23:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=16&3pid=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame FDFB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=DifhqhqJ9gQ-Tl4WO97X2V_dp4knFp5NiohxkKCJUrQ&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=DifhqhqJ9gQ-Tl4WO97X2V_dp4knFp5NiohxkKCJUrQ&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:42 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=DifhqhqJ9gQ-Tl4WO97X2V_dp4knFp5NiohxkKCJUrQ&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Thu, 21 Dec 2023 10:23:41 GMT, Thu, 21 Dec 2023 10:23:41 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7095 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
54328
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Dec 2023 19:18:13 GMT
expires
Thu, 19 Dec 2024 19:18:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 746D 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
82bc8f6f12ccdd394079a09114c502cd8d1ab0324fe62ad32466f44de149f907
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IliEMfuqb4voCyZr44WC6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-IliEMfuqb4voCyZr44WC6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 10:23:41 GMT
expires
Thu, 21 Dec 2023 10:23:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame 0875 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
baebdfcea04cb3ef643935edd933754294f292f44426f3f4b015053ca749c288

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 10:23:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Dec 2023 19:16:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31996
Connection
keep-alive
Content-Length
13201
Expires
Thu, 21 Dec 2023 19:16:57 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame B183 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97781928&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
95c7a14ef44ce8b426afe46ec2e3f62c3191c5c209a619f25d970a7f1522a7e6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 21 Dec 2023 10:23:40 GMT
content-length
1839
content-type
text/html; charset=UTF-8
crum
dsum-sec.casalemedia.com/ Frame 8D1D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYQSLZvLl7V8PbUJjgqsXgAA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZYQSLZvLl7V8PbUJjgqsXgAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGLmbFMwthk0PZstCyADzEE&google_cver=1
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGLmbFMwthk0PZstCyADzEE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWjq39u9XBW9WbGTYwPB8WnSYJusuJ9Ioo8Nfq2MoPVarv0p6z4ceK44ZrScIri8vD6gMZg1ocLPD5QQ8GNGXApr3g8vYl0rHsHw0SywMonyRDt8R%2B7Mc83zoUsL94xBxnTpMrkcOH2Yqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
838f693febec01e7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGLmbFMwthk0PZstCyADzEE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 8D1D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECkOKyoQbgghLWPPKGMe8E8&google_cver=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECkOKyoQbgghLWPPKGMe8E8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FIIxNlqvCtyl7ZzB5T1t0f2FDGytssujvO9ZIxAcQ7c35w99rG%2FA11CgJ8f0Nn1d%2FkxZ%2BYye%2F7S5UDNS9si4iRlIjp3vOTZ7sb%2BM8AOtddG%2BfBliBCNT92dusPvIskKL65Ch87pH%2FbZ8g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
838f693febe901e7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECkOKyoQbgghLWPPKGMe8E8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8D1D 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 8D1D 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5SJ595D2HACKWS2SK1E1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8D1D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=46JQCeSlWln48g5c4vVFX7SlXgT4oFEE7aDBk1Ii
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=46JQCeSlWln48g5c4vVFX7SlXgT4oFEE7aDBk1Ii
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzb3Sxi5Gr8clCHResG8bzs5WYKQIchdNvct7Jn%2BYTljAUdGvbWcPa5JA87pxMikQQ0x5g%2BtAI1VoF9kpKKHpX2KzaQBxWJGJ7H0b%2Fi6dv3slcgAmy29TvC3ZFVAVy1xxM4cIUoYhjEuxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
838f693f9b7601e7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=46JQCeSlWln48g5c4vVFX7SlXgT4oFEE7aDBk1Ii
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8D1D
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRUzg9lymgpBmPNrH32VJBTOAxs6jZ3BthobHAhwonzUNSTZSPy%2BSSBFqxsq%2BJUN%2B0bRPLnj%2FXXs6dIMDA9e2vi2x3VdLiMoi28ulMp7bGG5FABmMvPpZIxsvQRopsX9Y8JLbAMmY9w5Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
838f693f9b7701e7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Thu, 21 Dec 2023 10:23:41 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
indexmatch
match.adsby.bidtheatre.com/ Frame 8D1D 		0
0
crum
dsum-sec.casalemedia.com/ Frame 8D1D
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718965422&external_user_id=afea7fd7-e912-4080-892c-7d867dc70c9b
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718965422&external_user_id=afea7fd7-e912-4080-892c-7d867dc70c9b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9Ak0kUPbbwlRb7XYe9Sprv3M4MP3FnoW%2F2KqcemZPkZcRXchb8og742X5x5boPpXz9TJMNa2joiB1dKYh9b4Hpm2JTeijXsxqzRE7Cfb6%2BXPS7RpuBfhZR5BGNVxczHzdVBmo%2Br2R9cWw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
838f693febfb01e7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 21 Dec 2023 10:23:42 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718965422&external_user_id=afea7fd7-e912-4080-892c-7d867dc70c9b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8D1D 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D9G0BQA39GRDM0V5JRS4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
signinprompt
edge-auth.microsoft.com/v0.5/ Frame 95EC 		467 B
840 B 		Document
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=5301acca-d909-42b9-830f-6b0ff75d51aa&send_session_started=true&client_id=9e0f1475-e4d9-4f30-8a31-99ca6d85282f&locale=en-US&context=signin
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/js/ms_auth_client.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
03dd8d29c6c4d0b98973854eaf2ef5c6f588db30793ceddd074a907529ded75d
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-Z20O80fTXfTMNhsnuLu7iQqfNhntz24w/owHhZTwuD93i9cFlzOrMsETZfx0WZ5WkMAU1WD0FrJvZKccQ3vCu4JRat5itP5rAJJl5GkrQwL6+TYPwdFApfdpjmd9TI59gA4n23HJFOWcp6WZ4fcsNL//shdDKtM50sQqAjIy9UY=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
script-src 'strict-dynamic' 'nonce-Z20O80fTXfTMNhsnuLu7iQqfNhntz24w/owHhZTwuD93i9cFlzOrMsETZfx0WZ5WkMAU1WD0FrJvZKccQ3vCu4JRat5itP5rAJJl5GkrQwL6+TYPwdFApfdpjmd9TI59gA4n23HJFOWcp6WZ4fcsNL//shdDKtM50sQqAjIy9UY=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
content-type
text/html; charset=utf-8
date
Thu, 21 Dec 2023 10:23:41 GMT
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 6A5CC7077E0D4A0AAD12E0FDEF2DC831 Ref B: VIEEDGE2010 Ref C: 2023-12-21T10:23:41Z
vf-v2.js
cdn.viafoura.net/ 		860 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2196688d207f9a82188db611ae912978d9c8216c2b4315784871bce6d42846d8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
YlbS_G4WAW7t_ds3W.YeUbIaDvXXT1Jm
content-encoding
br
via
1.1 fa7c071d9391a32eff94728584435f34.cloudfront.net (CloudFront)
date
Thu, 21 Dec 2023 10:20:49 GMT
x-amz-cf-pop
AMS58-P2
age
173
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:26 GMT
server
AmazonS3
etag
W/"70684489be37a1b0f601e0e4dcb4baad"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
XZLid59ZV93oWkH5fj0e5-RfzbJrX0yeNCVzuIuegY-nsk0HbRQYUQ==
196541517414f82e7fa9.js
fem.gprod.postmedia.digital/v93.0/chunks/ 		946 B
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v93.0/chunks/196541517414f82e7fa9.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3aa9b65e588e13d287a8a34c5e204cedfda9c1f38193eda2abedf8d966524ddc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:08:50 GMT
x-goog-meta-goog-reserved-file-mtime
1702321262
age
137691
x-guploader-uploadid
ABPtcPrYfeUTzHeL9S_2GiFNl2fuWlLbcDQXMB5-NvJ7p8b6xa1blYzN8OeB_Lrv2Lq8bT4NISiciOkf8KWHAnohrHaScg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
946
last-modified
Mon, 11 Dec 2023 19:02:01 GMT
server
UploadServer
etag
"d287832fc8bcb0012e309a0df60895fe"
x-goog-generation
1702321321100717
x-goog-hash
crc32c=T40kHQ==, md5=0oeDL8i8sAEuMJoN9giV/g==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
946
accept-ranges
bytes
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6237 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=9bd738a3-30ba-88b1-bae0-c92a02a8c9a5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
94R7WK5XE15CRNX1B7PW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 6237
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6532060127062799210
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6532060127062799210
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6532060127062799210
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 6237 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=9bd738a3-30ba-88b1-bae0-c92a02a8c9a5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
444DFBK6RX3WVJPN4MBK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 6237 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=c30144de-2c10-334b-7aee-4bbd6a9b0245&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 6237
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWY2ZTk3MTQtZTU2Ny02ZGVmLTZmMGUtMTEwNGEwNzljYzI1
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWY2ZTk3MTQtZTU2Ny02ZGVmLTZmMGUtMTEwNGEwNzljYzI1&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWY2ZTk3MTQtZTU2Ny02ZGVmLTZmMGUtMTEwNGEwNzljYzI1&google_tc=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWY2ZTk3MTQtZTU2Ny02ZGVmLTZmMGUtMTEwNGEwNzljYzI1&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6237
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC1iJlQ0a3kSBqSf7JWuOPc&google_cver=1
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC1iJlQ0a3kSBqSf7JWuOPc&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC1iJlQ0a3kSBqSf7JWuOPc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 0875 		7 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
579d6dd278f76ae39d067788043e4297
Expires
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 7095 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:03:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
55225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Dec 2024 19:03:16 GMT
gtm.js
www.googletagmanager.com/ 		451 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
50ab3257bfa31658b7e93ae14baa36c0ed60e6ecf3f87a5c75cc289425938676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128292
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Dec 2023 10:23:42 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-56.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 02:20:21 GMT
content-encoding
gzip
via
1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
29001
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
FUFR_jeKxR_F_nezeU_iOybR3otoDDGDYOLz0hTMuB6PZhGYjrBsig==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 		294 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e6dc3adacaa8ab677cb08b085bcf76ca35b8e3d77f7b336b799ea903c2ba26de

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200117-IAD, cache-mxp6982-MXP
date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
17
x-timer
S1703154222.997333,VS0,VE95
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache
HIT, MISS
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
100860
x-cache-hits
22, 0
gtm.js
www.googletagmanager.com/ 		153 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
89b06cb9e6c5bfc93050dadd54d6f6089b128062de8dd613faac989ba4877813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50297
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Dec 2023 10:23:42 GMT
cs.js
c.jsrdn.com/s/ 		62 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.jsrdn.com/s/cs.js?p=22507
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.153.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-153-73.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3230fbae80cdf2aaf1c5a628f55217b2dd6ea98e157549140d4c0c54228bd502

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
Iu9VD8fPw7awPMpCyJwSugEdOyEssCvV
content-encoding
gzip
via
1.1 b1798c28d0a3b77deb65265a32d0e278.cloudfront.net (CloudFront)
date
Thu, 21 Dec 2023 04:43:23 GMT
x-amz-cf-pop
HAM50-P2
age
20888
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21563
last-modified
Wed, 06 Dec 2023 00:09:33 GMT
server
AmazonS3
etag
"fb1e8dc0fe0c5024b9fc48d601524983"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
x-amz-cf-id
7A8jxLXb9OB5lJUakJsUGPD09q_SSmrPjHhwS2oheY3I8vlbDpdyRQ==
sodar
pagead2.googlesyndication.com/pagead/ Frame 746D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=874936816394224&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ms_auth_server_button.min.js
edge-auth.microsoft.com/v0.5/js/ Frame 95EC 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=5301acca-d909-42b9-830f-6b0ff75d51aa&send_session_started=true&client_id=9e0f1475-e4d9-4f30-8a31-99ca6d85282f&locale=en-US&context=signin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
7c8f24757683d5fece3f8af5853e19b1432c3d9110c3f6307b1ea434807eb4c7
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-oU1jdeoRGjMAGCm79EcOu/cLkr/rS3aLrY25MUxK8lSoDi4XNd3P3wPog1JnIMJz2hrFY4Qb4vPWlMHH1Mm4guedK7ht5xb/rWnUxFGj/pGZ0yFl49z+rFhafnn6uTnaQV/UW4fe/Ty897NUQOm03QTWxWM1i+dCU44sg/HDdtk=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=5301acca-d909-42b9-830f-6b0ff75d51aa&send_session_started=true&client_id=9e0f1475-e4d9-4f30-8a31-99ca6d85282f&locale=en-US&context=signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-oU1jdeoRGjMAGCm79EcOu/cLkr/rS3aLrY25MUxK8lSoDi4XNd3P3wPog1JnIMJz2hrFY4Qb4vPWlMHH1Mm4guedK7ht5xb/rWnUxFGj/pGZ0yFl49z+rFhafnn6uTnaQV/UW4fe/Ty897NUQOm03QTWxWM1i+dCU44sg/HDdtk=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
date
Thu, 21 Dec 2023 10:23:41 GMT
last-modified
Sat, 11 Nov 2023 09:01:52 GMT
x-msedge-ref
Ref A: A5040820ACC24E369EF34CB5A86EEFFE Ref B: VIEEDGE2010 Ref C: 2023-12-21T10:23:41Z
etag
"1da147db622689d"
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
26781
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
Pug
simage2.pubmatic.com/AdServer/ Frame 239B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e1136584-122e-4f00-b0ab-7f8ae3b8941f&gdpr=0&gdpr_consent=
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e1136584-122e-4f00-b0ab-7f8ae3b8941f&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Dec 2023 10:23:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 21 Dec 2023 10:23:42 GMT
Expires
Thu, 21 Dec 2023 10:23:41 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master iad iad-pixel-x30 config_version:"1167"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e1136584-122e-4f00-b0ab-7f8ae3b8941f&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame 87E1 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 10:23:41 GMT
expires
Thu, 21 Dec 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
295874
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A85B 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UID24CFB76E-4F04-4690-9211-6A07901FE725
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Dec 2023 10:23:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
AXBVS0EABGG69QEKY1BB
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B183
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JM-3bk8ERpCSEWoHkB_nJQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=165449
accept-ranges
bytes
content-length
5622
expires
Sat, 23 Dec 2023 08:21:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame B183
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=24CFB76E-4F04-4690-9211-6A07901FE725&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=24CFB76E-4F04-4690-9211-6A07901FE725&gdpr=0&gdpr_consent=&ct=y
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=24CFB76E-4F04-4690-9211-6A07901FE725&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
54.77.9.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-9-4.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.19.124
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=24CFB76E-4F04-4690-9211-6A07901FE725&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.8.179
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame B183
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3852661937
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3852661937
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:41 GMT
via
1.1 google
last-modified
Thu, 21 Dec 2023 10:23:42 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:41 GMT
via
1.1 google
last-modified
Thu, 21 Dec 2023 10:23:42 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3852661937
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame B183
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=24CFB76E-4F04-4690-9211-6A07901FE725
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OGE0WDFCei05US1Ram10T1pXQUd1VDNMUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=1492244624634415535&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Server
34.251.97.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-97-118.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 10:23:42 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 21 Dec 2023 10:23:42 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame B183
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjRDRkI3NkUtNEYwNC00NjkwLTkyMTEtNkEwNzkwMUZFNzI1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 21 Dec 2023 10:23:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B183
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBVdpQ15IFF3t565IaJmmhk&google_cver=1
42 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBVdpQ15IFF3t565IaJmmhk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 21 Dec 2023 10:23:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBVdpQ15IFF3t565IaJmmhk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame B183 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 20 Dec 2023 10:23:42 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B183
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1492244624634415535
42 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1492244624634415535
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 21 Dec 2023 10:23:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1492244624634415535
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generate_204
tpc.googlesyndication.com/ Frame 7095 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ypkEFA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0875
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&khaos=LQF21RQD-T-B1QW
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=LQF21RQD-T-B1QW&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LQF21RQD-T-B1QW&ex=d-rubiconproject.com&status=ok
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0RK39K14E11G9PSY7V6Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LQF21RQD-T-B1QW&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5e091a4bda7cb1b96cf60040ae4e8596
Expires
0
metric
edge-auth.microsoft.com/ Frame 95EC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/metric
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-OXEC+jPR198vy7nClrgbFghc56oDENu/UtpYhDruu62UDHnv3Wz5Vn5OkcTK3/a3AclgeVKkZf5S/eFQzrTFSSI7XcMNqTlQNxyWWQdcFqYF4OS12G4zl02psP0Xw4tuECBF65jP1vvsV+sLzgFAH4BmNPJjvbcPeI6OA4O6BOc=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=5301acca-d909-42b9-830f-6b0ff75d51aa&send_session_started=true&client_id=9e0f1475-e4d9-4f30-8a31-99ca6d85282f&locale=en-US&context=signin
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-OXEC+jPR198vy7nClrgbFghc56oDENu/UtpYhDruu62UDHnv3Wz5Vn5OkcTK3/a3AclgeVKkZf5S/eFQzrTFSSI7XcMNqTlQNxyWWQdcFqYF4OS12G4zl02psP0Xw4tuECBF65jP1vvsV+sLzgFAH4BmNPJjvbcPeI6OA4O6BOc=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Thu, 21 Dec 2023 10:23:41 GMT
x-msedge-ref
Ref A: 8BE9FE50BD564081B4E0E2FC127313D7 Ref B: VIEEDGE2010 Ref C: 2023-12-21T10:23:42Z
content-length
0
x-cache
CONFIG_NOCACHE
metric
edge-auth.microsoft.com/ Frame 95EC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/metric
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-vIbnfFBviMeLyyfNHs9FNB/LaeigCCGlOf5CVj9Dd6mMQt2Isz7UXn+IgSB8N/tfzpKigA1HDgxDSRTAS0ykfWateCWiFRdNC4+A6KEEe4y0iRh1KvEqeq1mcG+5nDDkvbRsmxIttBpAG8Qv9ENu7q3BIRZSKPdDMp/amdz315E=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=5301acca-d909-42b9-830f-6b0ff75d51aa&send_session_started=true&client_id=9e0f1475-e4d9-4f30-8a31-99ca6d85282f&locale=en-US&context=signin
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-vIbnfFBviMeLyyfNHs9FNB/LaeigCCGlOf5CVj9Dd6mMQt2Isz7UXn+IgSB8N/tfzpKigA1HDgxDSRTAS0ykfWateCWiFRdNC4+A6KEEe4y0iRh1KvEqeq1mcG+5nDDkvbRsmxIttBpAG8Qv9ENu7q3BIRZSKPdDMp/amdz315E=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Thu, 21 Dec 2023 10:23:41 GMT
x-msedge-ref
Ref A: 40FC09C81BB04BD8A7F71E83E0B7DD21 Ref B: VIEEDGE2010 Ref C: 2023-12-21T10:23:42Z
content-length
0
x-cache
CONFIG_NOCACHE
1.js
s.jsrdn.com/s/ 		89 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.jsrdn.com/s/1.js?p=22507&r=mxhh&k=dmMJMjAyMzAxMjA1CXUJNWRjNTQ3NzUtNTk4ZS00MmRmLWI5NWYtMjUzZWQ5Yzg5NThlCXVuCTEJdgkyODI0MDMxNy0wNGEyLTQyNjUtYjkzYy00ZDg1ZTdjZGE4N2IJc3YJanNyZG4JdGcJY3MuanMJYnQJMjAyMy0xMi0yMVQxMToyMzo0MiswMTowMAlkYwl1dGYtOAlibAllbi11cwlmdAkJZHcJMTYwMAlkaAkxMjAwCWJjCTEJYnAJMQliZAkyNAlidwkxNjAwCWJoCTEyMDAJZglodHRwczovL3d3dy5zYXVsdHN0YXIuY29tL25ld3MvdGhlc3NhbG9uLWJhbmQtb2ZmaWNlLWJsb2NraW5nLWVsZWN0aW9uLWFwcGVhbC1wcm9jZXNzLW9mZmljaWFscy1zYXkJdWQJCXBiCTAJcHYJMAlwcQkwCWN3CQlhY3IJdW5kZWZpbmVkCWRyCQlrdwl0aGVzc2Fsb24gYmFuZCBvZmZpY2UgYmxvY2tpbmcgZWxlY3Rpb24gYXBwZWFsIHByb2Nlc3Mgb2ZmaWNpYWxzIHNheQlwcmYJdW5kZWZpbmVk
Requested by
Host: c.jsrdn.com
URL: https://c.jsrdn.com/s/cs.js?p=22507
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.145.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-145-48.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
37b1abfe0b6204def248ab0524c502537363014c1c885cec8c87c2800c1ec4c1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
via
1.1 8856fedb63df7336fbe33f5df12fe4d6.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
HAM50-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
text/javascript
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
23883
x-amz-cf-id
qw9vPra8Tk5KeNa5OEUVEq1Wy1xM1sOlUhhowKniOm-kNj-nG47cpg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
gtm.js
www.googletagmanager.com/ 		116 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PNFTZWN&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f6a0507299d3304ad2618b2f22e77fc880d6d5c2b8e6c86bd16ada2eccc99e81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45644
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Dec 2023 10:23:42 GMT
gtm.js
www.googletagmanager.com/ 		304 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
92c904ce2b4f5484f644e242079ac8c459f2440e96d70e76e4378165ac38c7c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92903
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Dec 2023 10:23:42 GMT
v2
api.viafoura.co/v2/www.saultstar.com/bootstrap/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.saultstar.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4848:c843:e803:e83b:7cec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0819e080a58be70adb9bd9a450fa24e4dc454d4a1c50dd7ab841fff21ec6bee2

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-0d0e4397452f089bb
pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.saultstar.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Thu, 21 Dec 2023 10:23:42 GMT
v2
api.viafoura.co/v2/www.saultstar.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.saultstar.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4848:c843:e803:e83b:7cec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.saultstar.com
access-control-max-age
1728000
cache-control
max-age=0
date
Thu, 21 Dec 2023 10:23:42 GMT
expires
Thu, 21 Dec 2023 10:23:42 GMT
server
nginx/1.18.0 (Ubuntu)
js
www.googletagmanager.com/gtag/ 		262 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ab4735dc23fbc670b1eefef1092a13b04b43264fbe6370a4f4d3923665d5cc1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90670
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Dec 2023 10:23:42 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 21 Dec 2023 10:23:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
Uhi2CPOGJ39vkz6UbM81hWvmsTd2/hipzGPFWkF8NaFCX86NN/qIp+Sb1QhuNTjvNq94DZA7zVIfy6+4X/cFhA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ribn.min.js
assets.ribn.com/production/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/production/ribn.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:91b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ZRH50-C1
age
3975
x-cache
Hit from cloudfront
last-modified
Wed, 28 Oct 2020 14:49:59 GMT
server
cloudflare
etag
W/"6b213f30955b664fd78dc9e388b17e54"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
838f694118e024c4-ZRH
x-amz-cf-id
c4KOxlNPTUp0IHhcyQv2fSvMzRDNGGuIWqcjm-CCHU5cHGiFLbix_g==
expires
Thu, 21 Dec 2023 14:23:42 GMT
ribn-postmedia.min.js
assets.ribn.com/v2/production/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:91b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
via
1.1 4e0fd86f7afa735e772d6f7fe5e91f5a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
cf-cache-status
MISS
x-amz-cf-pop
ZRH50-C1
content-encoding
gzip
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
server
cloudflare
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
838f694118dd24c4-ZRH
x-amz-cf-id
uIb5FEf3VjF9hcR20q6yZlYb_KiZIRIm8ghK13NxVGNprq9TT-Qt_Q==
expires
Thu, 21 Dec 2023 14:23:42 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
3520
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
376
x-fastly-trace-id
3155368009
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-mxp6939-MXP
x-timer
S1703154222.248945,VS0,VE0
gtm.js
www.googletagmanager.com/ 		229 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a74f8d4fada631ed9dcd4fc5db831ef91c85d60bd1693c361eafdb5b5c6fa787
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68058
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Dec 2023 10:23:42 GMT
identify
identity.mparticle.com/v1/ 		174 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
9eee5a5db2e54a56ce380a211a5f628783f027d2f81351db57468c44d240a8d2
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-mxp6939-MXP
date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1703154222.268353,VS0,VE108
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
x-fastly-trace-id
3155368118
accept-ranges
bytes
x-cache-hits
0
rubicon
match.adsrvr.org/track/cmf/ Frame 0875 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
server
Kestrel
content-length
70
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame 0875
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LQF21RQD-T-B1QW&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQF21RQD-T-B1QW&ex=d-rubiconproject.com&status=ok
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KKYPYJBA73KADFYV0WWM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQF21RQD-T-B1QW&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
579d6dd278f76ae39d067788043e4297
Expires
0
setuid
px.ads.linkedin.com/ Frame 0875
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQF21RQD-T-B1QW
0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQF21RQD-T-B1QW
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:41 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A72CDE0D106B470AAE3A74C5FAA03A74 Ref B: ZRHEDGE1515 Ref C: 2023-12-21T10:23:42Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNAn5rbPQzEZJHo5AHBQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQF21RQD-T-B1QW
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
579d6dd278f76ae39d067788043e4297
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0875
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWNiZTFhNzk0MjE0MmMwZTI1NjAwZmVhZGI1M2Q1NThjMzY3MjFhYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWNiZTFhNzk0MjE0MmMwZTI1NjAwZmVhZGI1M2Q1NThjMzY3MjFhYw
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWNiZTFhNzk0MjE0MmMwZTI1NjAwZmVhZGI1M2Q1NThjMzY3MjFhYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
579d6dd278f76ae39d067788043e4297
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 0875
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=11otcMJ0Tji83jD5S2K0QQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=11otcMJ0Tji83jD5S2K0QQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=11otcMJ0Tji83jD5S2K0QQ
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8VMTC0K6Q8FPPSCRW89W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=11otcMJ0Tji83jD5S2K0QQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
579d6dd278f76ae39d067788043e4297
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0875
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELpvR7-p7huwv79kKrHnWtc&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELpvR7-p7huwv79kKrHnWtc&google_cver=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
579d6dd278f76ae39d067788043e4297
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELpvR7-p7huwv79kKrHnWtc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0875
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/WaE33VE_7v0o306sG4LBsw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2Cg4B8BE2oI0lvVmO9HWRrj9EfdKnzTo2rogGg--~A
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2Cg4B8BE2oI0lvVmO9HWRrj9EfdKnzTo2rogGg--~A
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5e091a4bda7cb1b96cf60040ae4e8596
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 21 Dec 2023 10:23:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2Cg4B8BE2oI0lvVmO9HWRrj9EfdKnzTo2rogGg--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0875
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFGMjFSUUQtVC1CMVFX
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEuzsddulk4K99VQTshAWP0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFGMjFSUUQtVC1CMVFX&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFGMjFSUUQtVC1CMVFX&google_push=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFGMjFSUUQtVC1CMVFX&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
579d6dd278f76ae39d067788043e4297
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0875
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1vsuh7IlTNWEhfJJ1Y649g&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1vsuh7IlTNWEhfJJ1Y649g
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1vsuh7IlTNWEhfJJ1Y649g
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RA3X0SV7KFFJ9M2PJHEZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1vsuh7IlTNWEhfJJ1Y649g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
579d6dd278f76ae39d067788043e4297
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rp
match.prod.bidr.io/cookie-sync/ Frame 0875 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.76.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-76-92.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:42 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
magnite
prebid.a-mo.net/setuid/ Frame 0875
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LQF21RQD-T-B1QW
0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQF21RQD-T-B1QW
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQF21RQD-T-B1QW
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
579d6dd278f76ae39d067788043e4297
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 0875
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQF21RQD-T-B1QW
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQF21RQD-T-B1QW
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQF21RQD-T-B1QW
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Thu, 21 Dec 2023 10:23:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQF21RQD-T-B1QW
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 0875
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LQF21RQD-T-B1QW
0
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQF21RQD-T-B1QW
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:42 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LQF21RQD-T-B1QW
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
579d6dd278f76ae39d067788043e4297
Expires
0
setuid
ib.adnxs.com/prebid/ Frame 0875
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQF21RQD-T-B1QW
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQF21RQD-T-B1QW
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
an-x-request-uuid
dcb4a964-687e-4e63-a906-fb8b03a36047
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
176.10.106.9; 176.10.106.9; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQF21RQD-T-B1QW
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5e091a4bda7cb1b96cf60040ae4e8596
Expires
0
pixel
capi.connatix.com/us/ Frame 0875
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LQF21RQD-T-B1QW&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LQF21RQD-T-B1QW&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LQF21RQD-T-B1QW&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
838f6942ec350219-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 21 Dec 2023 10:23:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LQF21RQD-T-B1QW&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
838f69425b430219-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
liveCS.php
live.primis.tech/live/ Frame 0875
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQF21RQD-T-B1QW
0
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQF21RQD-T-B1QW
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2600:9000:236e:2600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
U1hW_gbooGy0A4TMtXsWUAAitzSmCSyZ4RVsexhQS0PVjsElcgwEag==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQF21RQD-T-B1QW
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5e091a4bda7cb1b96cf60040ae4e8596
Expires
0
js
www.googletagmanager.com/gtag/ 		262 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-60TQYJ3HTT&l=gtm_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
496234f2d64e529b6616f30590621afa4c6892de3fb32bfadada2079842aa69a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90629
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Dec 2023 10:23:42 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 21 Dec 2023 09:22:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3677
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 21 Dec 2023 11:22:25 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		154 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f88fef1586ba9682b5d93f1c09a5e6701e9e4b16315e900127abbcada9309e

Request headers

Referer
https://www.saultstar.com/
Origin
https://www.saultstar.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
2ms
date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Tue, 19 Dec 2023 13:17:16 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
9
accept-ranges
bytes
cf-ray
838f69411c9cbaeb-MXP
alt-svc
h3=":443"; ma=86400
content-length
45304
tag.min.js
get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-124.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
XfYprRTzfIx5sUT1DKibUZklTDJ88StC
content-encoding
gzip
via
1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
date
Wed, 20 Dec 2023 17:31:56 GMT
last-modified
Thu, 24 Aug 2023 11:20:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
60715
x-amz-server-side-encryption
AES256
etag
W/"10ba0dba424c8954df3533bfd881e874"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
1QWoEkH4fG0F_lI_0XUe9ox3oOzwxficKGSmRYoqhXRRGmXeG0Twkg==
p.js
cdn.parsely.com/keys/saultstar.com/ 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/saultstar.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.217.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-217-72.ams54.r.cloudfront.net
Software
nginx /
Resource Hash
6b5ddde2aa0abbf7f6cb0d7cfbd960793ca019aec48ce78e59078081ef2f4c23

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Wed, 20 Dec 2023 11:42:58 GMT
content-encoding
gzip
via
1.1 4cc2a0a7eb7d5483edc69be298297f9e.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 13:34:56 GMT
server
nginx
x-amz-cf-pop
AMS54-C1
age
81644
etag
W/"651c1880-e659"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
8oN3ijtWYqg3CQTtwbvthqR-PZnsfok88at0u-yq-nD56r5T6ArrQQ==
expires
Thu, 21 Dec 2023 11:42:58 GMT
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je3bt0v880952817z879194588&_p=1703154221931&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=351675966.1703154222&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1703154222&sct=1&seg=0&dl=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&dt=Thessalon%20band%20office%20blocking%20election%20appeal%20process%2C%20officials%20say%20%7C%20Sault%20Star&en=page_view&_fv=1&_ss=1&tfd=2896
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.saultstar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-72QH41ZTMR&cid=351675966.1703154222&gtm=45je3bt0v880952817z879194588&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.saultstar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-72QH41ZTMR&cid=351675966.1703154222&gtm=45je3bt0v880952817z879194588&aip=1&dma=0&gcd=11l1l1l1l1&z=1715399404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		229 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFGNKKG&l=mpartical
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2089f21e54c491ec6410f65c28d887855881a15f05cd38ea308de627c8023cfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74341
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Dec 2023 10:23:42 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-60TQYJ3HTT&gtm=45je3bt0v880952820z8854753396&_p=1703154221934&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=351675966.1703154222&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&sid=1703154222&sct=1&seg=0&dt=Thessalon%20band%20office%20blocking%20election%20appeal%20process%2C%20officials%20say%20%7C%20Sault%20Star&en=page_view&_fv=1&_ss=1&ep.debug_mode=false&ep.gtm_version=55&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.project_type=Newsroom%20daily&ep.page_type=story&ep.platform=Cheetah&ep.platform_version=15.1.1&ep.fem_version=v93.0&ep.brand=Sault%20Star&ep.timestamp=2023-12-21T11%3A23%3A42.352%2B01%3A00&ep.ga_client_id=351675966.1703154222&ep.article_authors=Kyle%20Darbyson&ep.publish_timestamp=1703107119&ep.article_title=Thessalon%20band%20office%20blocking%20election%20appeal%20process%2C%20officials%20say&ep.originating_property=false&ep.nlp_category=Politics&ep.nlp_topic=election%20appeals%2C1%7Cproper%20appeal%20process%2C0.9179%7Ccouncil%20election%2C0.8463%7CThessalon%20First%20Nation%20Custom%20Election%20Code%2C0.8016%7Ccouncil%2C0.7634&ep.nlp_entity=People%2Cperson%2CVaughn%20Johnston%2C0.5639%7CPeople%2Cdirector%20general%2CLesley%20Boulrice%2C0.555%7CPeople%2Cperson%20name%2CCarol%20Bobiwash%2C0.5305%7CPeople%2Cperson%20name%2CGerry%20Clark%2C0.5025%7CPeople%2Cperson%20name%2CLevi%20Laundrie%2C0.2393&ep.main_category=news&ep.article_sub_category_1=local-news&ep.article_tags=election-reaction%2C%20indigenous-community%2C%20local-politics%2C%20thessalon-first-nation&epn.word_count=1196&epn.character_count=6036&ep.article_id=a3bf5f43-d88d-44aa-aaba-ea8bfbbcb071&ep.wire_content=false&ep.metered_content=false&up.client_id=351675966.1703154222&tfd=2970
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-60TQYJ3HTT&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.saultstar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-60TQYJ3HTT&cid=351675966.1703154222&gtm=45je3bt0v880952820z8854753396&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-60TQYJ3HTT&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.saultstar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-60TQYJ3HTT&cid=351675966.1703154222&gtm=45je3bt0v880952820z8854753396&aip=1&dma=0&gcd=11l1l1l1l1&z=1010984414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1325535558&t=pageview&_s=1&dl=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&ul=en-us&de=UTF-8&dt=Thessalon%20band%20office%20blocking%20election%20appeal%20process%2C%20officials%20say%20%7C%20Sault%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=339553884&gjid=1818026747&cid=351675966.1703154222&tid=UA-213173459-6&_gid=164849101.1703154222&_r=1&_slc=1&gtm=45He3bt0n81P3Q4QHWv854753396&cd2=2023-12-21T11%3A23%3A42.196%2B01%3A00&cd7=anonymous&cd17=0&cd23=Sault%20Star&cd24=Cheetah&cd25=15.1.1&cd26=v93.0&cd27=0&cd28=GTM-P3Q4QHW&cd29=55&cd31=story&cd50=false&cd51=Thessalon%20band%20office%20blocking%20election%20appeal%20process%2C%20officials%20say&cd52=news&cd53=local-news&cd56=election-reaction%2C%20indigenous-community%2C%20local-politics%2C%20thessalon-first-nation&cd57=1196&cd58=6036&cd59=Kyle%20Darbyson&cd60=1703107119&cd62=a3bf5f43-d88d-44aa-aaba-ea8bfbbcb071&cd64=false&cd65=false&cd68=Politics&cd69=election%20appeals%2C1%7Cproper%20appeal%20process%2C0.9179%7Ccouncil%20election%2C0.8463%7CThessalon%20First%20Nation%20Custom%20Election%20Code%2C0.8016%7Ccouncil%2C0.7634&cd70=People%2Cperson%2CVaughn%20Johnston%2C0.5639%7CPeople%2Cdirector%20general%2CLesley%20Boulrice%2C0.555%7CPeople%2Cperson%20name%2CCarol%20Bobiwash%2C0.5305%7CPeople%2Cperson%20name%2CGerry%20Clark%2C0.5025%7CPeople%2Cperson%20name%2CLevi%20Laundrie%2C0.2393&cd89=Newsroom%20daily&gcd=11l1l1l1l1&dma=0&cd1=351675966.1703154222&z=1951123543
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.saultstar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
1685973801652415
connect.facebook.net/signals/config/ 		142 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.138&r=stable&domain=www.saultstar.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c3a1e19ae447c458c806cec0f399a8b654602801a1b68e7c0341562c22b90f7e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 21 Dec 2023 10:23:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
vXS3JXbKIMuqJBnVqXl+e/8DlRzIyrcqXZaURF1QO/u6njLQ0jWuF/sjdwfevihK/VfaxcisxhJ000obGIBEnQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
964 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-32.fra56.r.cloudfront.net
Software
/
Resource Hash
af7817454f184febcf58eabfb75d78ba890523372975c993861c6bbff4d66c2c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2, FRA56-P5
x-amzn-requestid
963a5822-1012-462b-91c4-2ec7842e0f4f
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
QSfHUH9mCYcEjvg=
content-length
555
x-amz-cf-id
zxPPA5CbFGwYmLEBFdm9cE5XN9djEQKAkuW6f4YVZOW-06Y7_VWcmw==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding
gzip
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
date
Thu, 21 Dec 2023 04:45:48 GMT
last-modified
Tue, 13 Jun 2023 14:58:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
20275
x-amz-server-side-encryption
AES256
etag
W/"565eb88b90415391668a5cb7cfb4557a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
BHZ3siXoCDet9AXJqNu_UGQ1oLJn-X4gEY3KzzFhRm4m_5KTSPOfCw==
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-mxp6953-MXP
date
Thu, 21 Dec 2023 10:23:42 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1703154222.472536,VS0,VE43
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-mxp6953-MXP
date
Thu, 21 Dec 2023 10:23:42 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1703154222.472403,VS0,VE11
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
/
p1.parsely.com/plogger/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1703154222425&plid=bf039424-8159-4c80-9425-221ce3f21e87&idsite=saultstar.com&url=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&sref=&sts=1703154222424&slts=0&title=Thessalon+band+office+blocking+election+appeal+process%2C+officials+say+%7C+Sault+Star&date=Thu+Dec+21+2023+11%3A23%3A42+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=83fcdd4d-fc30-4a8f-8d2d-5bf88ab463e0&u=pid%3D2a8558f0-73cd-452d-85aa-c816aaf429da
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 10:23:42 GMT
Cache-Control
no-cache
Last-Modified
Thursday, 21-Dec-2023 10:23:42 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
jload
pixel.adsafeprotected.com/ Frame 9BD2 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=4811995650&chanId=21733580793&placementId=6404573011&pubCreative=138455016757&pubOrder=3265484082&cb=945831159&custom=story&custom2=1&adsafe_par&impId=0304ef4d-9feb-11ee-8ef6-0ad1c86a73cb
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.133.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-133-115.compute-1.amazonaws.com
Software
/
Resource Hash
b5583a6022f454f9db946c6c1a4b61524beca477719549f149988dfee3d10e8c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A87B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvieB25I1m33oRtCPklY7_YKQ_oA6lvs0aQJny5hp87FyiDJELJaX7NhcnSG3L1ih6-fdwwXGi2JKWqZ5pX9y8ntuA9HVv_hJ8muPy9UiKWPFK14xEh4l8s7QMFOZAK_-8a_KtEb9XyBF2u3_2MChO8QCzo3_BJvMMdAMYX6Jz4Ahqz44gIXhQNuuE7O-3Rc6XFMANHUa93twhonxVRgaQrLBwj3GP3BseW1JfK17ery04FqcZuiXzP5wIsbSLw3VKRy-Bea40wNx13p04TwBxJ_830rTiL1QC5LRf_1HfGVGcYJyjG0_TwywsyjVqwLexeUQETmjhnREvTv7NfvqN4sK3m7hKOnSfe6oXWt9qSRJ_3IPy7LIjVjOafaeKfUcZv077htjj6pCP6UTU3LQ&sai=AMfl-YQ6NfNiDFekJkM39PZ87P-S3kqa1U_qCRvgx4dJCS0gSoloZU07g5Rj9zycwzzKxVfbBPUthBsR5ZW63UXQrULB7OGuN2x-koA8hCqlT_uJeLuEJRwBdxgsgfH2d2ZvaxD_fThv8g8RucVOzONNwwA&sig=Cg0ArKJSzAseggPMCDgHEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A87B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 13:41:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
74518
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Jan 2024 13:41:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A87B 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 10:23:42 GMT
1256760516304926371
tpc.googlesyndication.com/simgad/ Frame A87B 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1256760516304926371
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40e07509e7eb5c484b9a3fc7a73cc3eeb9def2b93d7720565da09df2835609df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 18 Dec 2024 09:29:40 GMT
date
Tue, 19 Dec 2023 09:29:40 GMT
x-content-type-options
nosniff
age
176042
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75958
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 22:00:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
jload
pixel.adsafeprotected.com/ Frame 2107 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=1x1&pubId=4946417229&chanId=21733580793&placementId=6123534386&pubCreative=138406246893&pubOrder=3089429980&cb=1596192753&custom=story&custom2=2&adsafe_par&impId=0304ef4e-9feb-11ee-8ef6-0ad1c86a73cb
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.133.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-133-115.compute-1.amazonaws.com
Software
/
Resource Hash
39a292b9441c2ffd527adc375c9a4ceb5fa054ab0785aad6dfcc07fe3c533bd9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0AA6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9cmMB7WavlCQ1NICUutyNiZW-XU50DpJg_Gu3kxjgOTgz_AeTnvniCOlLG9q59cwT6CCUwRdjEdRUbKtOdvlCE_rN1xruRrXezKuWxvxG2zYvM77gIzdcTM-U6MLzgHq-0qKOHpcghvLmiGdWi5RnojKq6UmEta4fJkBmKNMCfdX6BByvO4ihad8Tmp1ANOCl3uTnbA4hNOvyn8juO8cvvp4_MqqkopsSPM0s62Xqx2F1eoo-B6uITrnPdxFI6OH0EgeVTGoZdQLrxSP5-KCJu31eILm6lw7cY3jNejHW3EWKh-EDAEiwm_aXFicELumQ4ria0djgBkXWVaSHLZnkvjXx04vAVIvp4e0yD79SATBjKvpsHy_0VqNxJTld7PJtZ29bLSAJo42d0cIS2MeNmg&sai=AMfl-YSG8VRFTk4cwA9ip3hgZ437OoadR3ydCg4u8g1IqfFfNZNr3mMOmYJegKsdu6dK5hySVcR5pRspFRXMWLz-pzEg9VvoEQyi776QBmVg7kJqN8X9CB7G7QfWasQAD6_Ym0KuWPYvadcCNOZaqxsG_68&sig=Cg0ArKJSzDv2PfsuIZdEEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
creative.js
ads.rubiconproject.com/prebid/ Frame 0AA6 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
35a2b85d7f2e1538d24526949815aa068a6e927045dc295ce9d4b0ba30b88104

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 23:48:14 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
9029
expires
Thu, 21 Dec 2023 10:23:42 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0AA6 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 10:23:42 GMT
ds_vplayer_detached.min.js
a.jsrdn.com/vplayer-parallel/20230925_2337/ 		165 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Requested by
Host: c.jsrdn.com
URL: https://c.jsrdn.com/s/cs.js?p=22507
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c0f3db561b25cd1fa72fe869dbf52d548424d98f50be345965b1a3ba0ed76aa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
739FXklOKoWwhQf_e1Xd_d3E6ooNQFal
content-encoding
gzip
date
Thu, 21 Dec 2023 10:23:42 GMT
akamai-cache-status
Hit from child
x-amz-request-id
Q2BQX0MT17DG63MG
akamai-grn
0.9d7d1302.1703154222.422e10cc
x-amz-server-side-encryption
AES256
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
59989
x-amz-id-2
SaBGt9YPp5Gb/pUsPcA9w2R+YV4xUQhRvYUrs8ofDi/MBDfWEnzucKTW7maFYMDAbHrNHOuDxUY=
last-modified
Mon, 25 Sep 2023 23:37:35 GMT
server
AmazonS3
etag
"23d6ccdd4be6623a81ff29adcf1a2328"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=49835
accept-ranges
bytes
expires
Fri, 22 Dec 2023 00:14:17 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=g6ai&k=ZQlpbQlhCTM5NglkCWV1LXdlc3QtMWIJaAlpLTAzMmMzMzMxMWNkMmNiZTkxCXUJNWRjNTQ3NzUtNTk4ZS00MmRmLWI5NWYtMjUzZWQ5Yzg5NThlCXYJMjgyNDAzMTctMDRhMi00MjY1LWI5M2MtNGQ4NWU3Y2RhODdiCXN2CWpzcmRuCXZsCTIwMjMxMjIxLjA5NTAJdnQJMjAyMzEyMjEuMDk1MAl2cwkyMDIzMTAwNAl2YwkyMDIzMDEyMDUJc3QJMjAyMzEyMjEuMTAyMzQyCWkJNDVmNzhkNmItNzQyNy00ZWJhLWExZTMtNmZhYmY3NmFmMjE0CWYJaHR0cHM6Ly93d3cuc2F1bHRzdGFyLmNvbS9uZXdzL3RoZXNzYWxvbi1iYW5kLW9mZmljZS1ibG9ja2luZy1lbGVjdGlvbi1hcHBlYWwtcHJvY2Vzcy1vZmZpY2lhbHMtc2F5CXEJMjNhYWFmYzQtMzQ0OC00ZWQzLWEyYjctNGU1Y2U1MTI1MTM2CW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk1NzM3CWMJNTc5MglsCTE0ODQwCXoJMTQwMzYJcwk1NzYwCXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDSAlncglMVQlndAlsdWNlcm5lCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAlzYXVsdHN0YXIuY29tCXNlCTYyNDMxOTcwMDkJbWMJMzA4MQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTM5MjkJdm4JMjU4NjY4OQlodgkx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
dslogo_sm.png
a.jsrdn.com/creatives/site_logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.jsrdn.com/creatives/site_logos/dslogo_sm.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ea71bd07e560ea69f4bf12e5e48de530ce4a977ee361ed45ddcb581b060fd6c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 21 Dec 2023 10:23:42 GMT
akamai-cache-status
Hit from child
last-modified
Tue, 11 Apr 2017 20:07:40 GMT
server
AmazonS3
x-amz-request-id
B0EWNP2AA4M6K93Z
akamai-grn
0.9d7d1302.1703154222.422e10cf
etag
"5d5eb361e3ba4f7047de3de4731f7f13"
content-type
image/png
cache-control
max-age=12335
akamai-mon-iucid-del
1527398
accept-ranges
bytes
content-length
2119
x-amz-id-2
dAnCUoGa3OKjgKD0R7QMMOu+DzyVqQuUmHxZO2OFxU5THnHgEtvYg9Qci/EfZk5fd251H+mREaU=
expires
Thu, 21 Dec 2023 13:49:17 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=hr5p&k=ZQl3cwlhCTQwMwlkCWV1LXdlc3QtMWIJaAlpLTAzMmMzMzMxMWNkMmNiZTkxCXUJNWRjNTQ3NzUtNTk4ZS00MmRmLWI5NWYtMjUzZWQ5Yzg5NThlCXYJMjgyNDAzMTctMDRhMi00MjY1LWI5M2MtNGQ4NWU3Y2RhODdiCXN2CWpzcmRuCXZsCTIwMjMxMjIxLjA5NTAJdnQJMjAyMzEyMjEuMDk1MAl2cwkyMDIzMTAwNAl2YwkyMDIzMDEyMDUJc3QJMjAyMzEyMjEuMTAyMzQyCWkJNDVmNzhkNmItNzQyNy00ZWJhLWExZTMtNmZhYmY3NmFmMjE0CWYJaHR0cHM6Ly93d3cuc2F1bHRzdGFyLmNvbS9uZXdzL3RoZXNzYWxvbi1iYW5kLW9mZmljZS1ibG9ja2luZy1lbGVjdGlvbi1hcHBlYWwtcHJvY2Vzcy1vZmZpY2lhbHMtc2F5CXEJMjNhYWFmYzQtMzQ0OC00ZWQzLWEyYjctNGU1Y2U1MTI1MTM2CW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk1NzM3CWMJNTc5MglsCTE0ODQwCXoJMTQwMzYJcwk1NzYwCXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDSAlncglMVQlndAlsdWNlcm5lCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAlzYXVsdHN0YXIuY29tCXNlCTYyNDMxOTcwMDkJbWMJMzA4MQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTM5MjkJdm4JMjU4NjY4OQlodgkxCXdzCTAwOiBzaXplIDU2NCwzMTc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=t4wg&k=ZQl3dwlhCTQwNAlkCWV1LXdlc3QtMWIJaAlpLTAzMmMzMzMxMWNkMmNiZTkxCXUJNWRjNTQ3NzUtNTk4ZS00MmRmLWI5NWYtMjUzZWQ5Yzg5NThlCXYJMjgyNDAzMTctMDRhMi00MjY1LWI5M2MtNGQ4NWU3Y2RhODdiCXN2CWpzcmRuCXZsCTIwMjMxMjIxLjA5NTAJdnQJMjAyMzEyMjEuMDk1MAl2cwkyMDIzMTAwNAl2YwkyMDIzMDEyMDUJc3QJMjAyMzEyMjEuMTAyMzQyCWkJNDVmNzhkNmItNzQyNy00ZWJhLWExZTMtNmZhYmY3NmFmMjE0CWYJaHR0cHM6Ly93d3cuc2F1bHRzdGFyLmNvbS9uZXdzL3RoZXNzYWxvbi1iYW5kLW9mZmljZS1ibG9ja2luZy1lbGVjdGlvbi1hcHBlYWwtcHJvY2Vzcy1vZmZpY2lhbHMtc2F5CXEJMjNhYWFmYzQtMzQ0OC00ZWQzLWEyYjctNGU1Y2U1MTI1MTM2CW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk1NzM3CWMJNTc5MglsCTE0ODQwCXoJMTQwMzYJcwk1NzYwCXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDSAlncglMVQlndAlsdWNlcm5lCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAlzYXVsdHN0YXIuY29tCXNlCTYyNDMxOTcwMDkJbWMJMzA4MQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTM5MjkJdm4JMjU4NjY4OQlodgkxCXd3CUdEUFI6MDo6OkNDUEE6MDo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=pa5d&k=ZQltYwlhCTQwNAlkCWV1LXdlc3QtMWIJaAlpLTAzMmMzMzMxMWNkMmNiZTkxCXUJNWRjNTQ3NzUtNTk4ZS00MmRmLWI5NWYtMjUzZWQ5Yzg5NThlCXYJMjgyNDAzMTctMDRhMi00MjY1LWI5M2MtNGQ4NWU3Y2RhODdiCXN2CWpzcmRuCXZsCTIwMjMxMjIxLjA5NTAJdnQJMjAyMzEyMjEuMDk1MAl2cwkyMDIzMTAwNAl2YwkyMDIzMDEyMDUJc3QJMjAyMzEyMjEuMTAyMzQyCWkJNDVmNzhkNmItNzQyNy00ZWJhLWExZTMtNmZhYmY3NmFmMjE0CWYJaHR0cHM6Ly93d3cuc2F1bHRzdGFyLmNvbS9uZXdzL3RoZXNzYWxvbi1iYW5kLW9mZmljZS1ibG9ja2luZy1lbGVjdGlvbi1hcHBlYWwtcHJvY2Vzcy1vZmZpY2lhbHMtc2F5CXEJMjNhYWFmYzQtMzQ0OC00ZWQzLWEyYjctNGU1Y2U1MTI1MTM2CW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk1NzM3CWMJNTc5MglsCTE0ODQwCXoJMTQwMzYJcwk1NzYwCXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDSAlncglMVQlndAlsdWNlcm5lCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAlzYXVsdHN0YXIuY29tCXNlCTYyNDMxOTcwMDkJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQltYwlhbHJlYWR5LC8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM_aXU9LzIxODc0MTU1MTMzLDMwODEvMjI1MDdfNDk1MzAzNjcwOSZkZXNjcmlwdGlvbl91cmw9aHR0cHMlM0ElMkYlMkZ3d3cuc2F1bHRzdGFyLmNvbSUyRm5ld3MlMkZ0aGVzc2Fsb24tYmFuZC1vZmZpY2UtYmxvY2tpbmctZWxlY3Rpb24tYXBwZWFsLXByb2Nlc3Mtb2ZmaWNpYWxzLXNheSZ0ZmNkPTAmbnBhPTAmc3o9NjQweDQ4MCU3QzEyODB4NzIwJTdDMTkyMHgxMDgwJTdDNDAweDMwMCZjdXN0X3BhcmFtcz1kc21jbSUzRDElMjZkc2QlM0RzYXVsdHN0YXIuY29tJmdkZnBfcmVxPTEmb3V0cHV0PXZhc3QmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZlbnY9dnAmaW1wbD1zJmNvcnJlbGF0b3I9MjUxNjk1JmdkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=bsio&k=ZQltYwlhCTQwNAlkCWV1LXdlc3QtMWIJaAlpLTAzMmMzMzMxMWNkMmNiZTkxCXUJNWRjNTQ3NzUtNTk4ZS00MmRmLWI5NWYtMjUzZWQ5Yzg5NThlCXYJMjgyNDAzMTctMDRhMi00MjY1LWI5M2MtNGQ4NWU3Y2RhODdiCXN2CWpzcmRuCXZsCTIwMjMxMjIxLjA5NTAJdnQJMjAyMzEyMjEuMDk1MAl2cwkyMDIzMTAwNAl2YwkyMDIzMDEyMDUJc3QJMjAyMzEyMjEuMTAyMzQyCWkJNDVmNzhkNmItNzQyNy00ZWJhLWExZTMtNmZhYmY3NmFmMjE0CWYJaHR0cHM6Ly93d3cuc2F1bHRzdGFyLmNvbS9uZXdzL3RoZXNzYWxvbi1iYW5kLW9mZmljZS1ibG9ja2luZy1lbGVjdGlvbi1hcHBlYWwtcHJvY2Vzcy1vZmZpY2lhbHMtc2F5CXEJMjNhYWFmYzQtMzQ0OC00ZWQzLWEyYjctNGU1Y2U1MTI1MTM2CW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk1NzM3CWMJNTc5MglsCTE0ODQwCXoJMTQwMzYJcwk1NzYwCXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDSAlncglMVQlndAlsdWNlcm5lCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAlzYXVsdHN0YXIuY29tCXNlCTYyNDMxOTcwMDkJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQltYwlkZnBfbWNtXywvL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS8zNDIzMDEwOSwzMDgxLzIyNTA3Xzg4NTgwNjk4OTcmZGVzY3JpcHRpb25fdXJsPWh0dHBzJTNBJTJGJTJGd3d3LnNhdWx0c3Rhci5jb20lMkZuZXdzJTJGdGhlc3NhbG9uLWJhbmQtb2ZmaWNlLWJsb2NraW5nLWVsZWN0aW9uLWFwcGVhbC1wcm9jZXNzLW9mZmljaWFscy1zYXkmdGZjZD0wJm5wYT0wJnN6PTY0MHg0ODAlN0MxMjgweDcyMCU3QzE5MjB4MTA4MCU3QzQwMHgzMDAmY3VzdF9wYXJhbXM9ZHNtY20lM0QxJTI2ZHNkJTNEc2F1bHRzdGFyLmNvbSZnZGZwX3JlcT0xJm91dHB1dD12YXN0JnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0PTEmZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPTU0MzYxOSZnZHByPV9fSVNfR0RQUl9fJmdkcHJfY29uc2VudD1fX0dEUFJfQ09OU0VOVF9fJnVzX3ByaXZhY3k9X19DQ1BBX0ZMQUdfXw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=os4c&k=ZQltYwlhCTQwNAlkCWV1LXdlc3QtMWIJaAlpLTAzMmMzMzMxMWNkMmNiZTkxCXUJNWRjNTQ3NzUtNTk4ZS00MmRmLWI5NWYtMjUzZWQ5Yzg5NThlCXYJMjgyNDAzMTctMDRhMi00MjY1LWI5M2MtNGQ4NWU3Y2RhODdiCXN2CWpzcmRuCXZsCTIwMjMxMjIxLjA5NTAJdnQJMjAyMzEyMjEuMDk1MAl2cwkyMDIzMTAwNAl2YwkyMDIzMDEyMDUJc3QJMjAyMzEyMjEuMTAyMzQyCWkJNDVmNzhkNmItNzQyNy00ZWJhLWExZTMtNmZhYmY3NmFmMjE0CWYJaHR0cHM6Ly93d3cuc2F1bHRzdGFyLmNvbS9uZXdzL3RoZXNzYWxvbi1iYW5kLW9mZmljZS1ibG9ja2luZy1lbGVjdGlvbi1hcHBlYWwtcHJvY2Vzcy1vZmZpY2lhbHMtc2F5CXEJMjNhYWFmYzQtMzQ0OC00ZWQzLWEyYjctNGU1Y2U1MTI1MTM2CW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk1NzM3CWMJNTc5MglsCTE0ODQwCXoJMTQwMzYJcwk1NzYwCXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDSAlncglMVQlndAlsdWNlcm5lCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAlzYXVsdHN0YXIuY29tCXNlCTYyNDMxOTcwMDkJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQltYwlkZnBfbWNtXywvL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS8zNDIzMDEwOSwzMDgxLzI4ODUxMDI5NDkmZGVzY3JpcHRpb25fdXJsPWh0dHBzJTNBJTJGJTJGd3d3LnNhdWx0c3Rhci5jb20lMkZuZXdzJTJGdGhlc3NhbG9uLWJhbmQtb2ZmaWNlLWJsb2NraW5nLWVsZWN0aW9uLWFwcGVhbC1wcm9jZXNzLW9mZmljaWFscy1zYXkmdGZjZD0wJm5wYT0wJnN6PTY0MHg0ODAlN0M0MDB4MzAwJmN1c3RfcGFyYW1zPWRzbWNtJTNEMSUyNmRzZCUzRHNhdWx0c3Rhci5jb20mZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmVudj12cCZpbXBsPXMmY29ycmVsYXRvcj01NjQ5ODImZ2Rwcj1fX0lTX0dEUFJfXyZnZHByX2NvbnNlbnQ9X19HRFBSX0NPTlNFTlRfXyZ1c19wcml2YWN5PV9fQ0NQQV9GTEFHX18mZHNrZXk9ZW5hYmxlZA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=dfz5&k=ZQltYwlhCTQwNQlkCWV1LXdlc3QtMWIJaAlpLTAzMmMzMzMxMWNkMmNiZTkxCXUJNWRjNTQ3NzUtNTk4ZS00MmRmLWI5NWYtMjUzZWQ5Yzg5NThlCXYJMjgyNDAzMTctMDRhMi00MjY1LWI5M2MtNGQ4NWU3Y2RhODdiCXN2CWpzcmRuCXZsCTIwMjMxMjIxLjA5NTAJdnQJMjAyMzEyMjEuMDk1MAl2cwkyMDIzMTAwNAl2YwkyMDIzMDEyMDUJc3QJMjAyMzEyMjEuMTAyMzQyCWkJNDVmNzhkNmItNzQyNy00ZWJhLWExZTMtNmZhYmY3NmFmMjE0CWYJaHR0cHM6Ly93d3cuc2F1bHRzdGFyLmNvbS9uZXdzL3RoZXNzYWxvbi1iYW5kLW9mZmljZS1ibG9ja2luZy1lbGVjdGlvbi1hcHBlYWwtcHJvY2Vzcy1vZmZpY2lhbHMtc2F5CXEJMjNhYWFmYzQtMzQ0OC00ZWQzLWEyYjctNGU1Y2U1MTI1MTM2CW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk1NzM3CWMJNTc5MglsCTE0ODQwCXoJMTQwMzYJcwk1NzYwCXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDSAlncglMVQlndAlsdWNlcm5lCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAlzYXVsdHN0YXIuY29tCXNlCTYyNDMxOTcwMDkJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQltYwlkZnBfbWNtXywvL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS8zNDIzMDEwOSwzMDgxLzI4ODUxMDI5NDkmZGVzY3JpcHRpb25fdXJsPWh0dHBzJTNBJTJGJTJGd3d3LnNhdWx0c3Rhci5jb20lMkZuZXdzJTJGdGhlc3NhbG9uLWJhbmQtb2ZmaWNlLWJsb2NraW5nLWVsZWN0aW9uLWFwcGVhbC1wcm9jZXNzLW9mZmljaWFscy1zYXkmdGZjZD0wJm5wYT0wJnN6PTY0MHg0ODAlN0M0MDB4MzAwJmN1c3RfcGFyYW1zPWRzbWNtJTNEMSUyNmRzZCUzRHNhdWx0c3Rhci5jb20mZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmVudj12cCZpbXBsPXMmY29ycmVsYXRvcj0zMzE0NzkmZ2Rwcj1fX0lTX0dEUFJfXyZnZHByX2NvbnNlbnQ9X19HRFBSX0NPTlNFTlRfXyZ1c19wcml2YWN5PV9fQ0NQQV9GTEFHX18mZHNrZXk9ZW5hYmxlZA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=kq96&k=ZQltYwlhCTQwNQlkCWV1LXdlc3QtMWIJaAlpLTAzMmMzMzMxMWNkMmNiZTkxCXUJNWRjNTQ3NzUtNTk4ZS00MmRmLWI5NWYtMjUzZWQ5Yzg5NThlCXYJMjgyNDAzMTctMDRhMi00MjY1LWI5M2MtNGQ4NWU3Y2RhODdiCXN2CWpzcmRuCXZsCTIwMjMxMjIxLjA5NTAJdnQJMjAyMzEyMjEuMDk1MAl2cwkyMDIzMTAwNAl2YwkyMDIzMDEyMDUJc3QJMjAyMzEyMjEuMTAyMzQyCWkJNDVmNzhkNmItNzQyNy00ZWJhLWExZTMtNmZhYmY3NmFmMjE0CWYJaHR0cHM6Ly93d3cuc2F1bHRzdGFyLmNvbS9uZXdzL3RoZXNzYWxvbi1iYW5kLW9mZmljZS1ibG9ja2luZy1lbGVjdGlvbi1hcHBlYWwtcHJvY2Vzcy1vZmZpY2lhbHMtc2F5CXEJMjNhYWFmYzQtMzQ0OC00ZWQzLWEyYjctNGU1Y2U1MTI1MTM2CW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk1NzM3CWMJNTc5MglsCTE0ODQwCXoJMTQwMzYJcwk1NzYwCXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDSAlncglMVQlndAlsdWNlcm5lCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAlzYXVsdHN0YXIuY29tCXNlCTYyNDMxOTcwMDkJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQltYwlkZnBfbWNtXywvL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS8zNDIzMDEwOSwzMDgxLzI4ODUxMDI5NDkmZGVzY3JpcHRpb25fdXJsPWh0dHBzJTNBJTJGJTJGd3d3LnNhdWx0c3Rhci5jb20lMkZuZXdzJTJGdGhlc3NhbG9uLWJhbmQtb2ZmaWNlLWJsb2NraW5nLWVsZWN0aW9uLWFwcGVhbC1wcm9jZXNzLW9mZmljaWFscy1zYXkmdGZjZD0wJm5wYT0wJnN6PTY0MHg0ODAlN0M0MDB4MzAwJmN1c3RfcGFyYW1zPWRzbWNtJTNEMSUyNmRzZCUzRHNhdWx0c3Rhci5jb20mZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmVudj12cCZpbXBsPXMmY29ycmVsYXRvcj0zMTU1NzgmZ2Rwcj1fX0lTX0dEUFJfXyZnZHByX2NvbnNlbnQ9X19HRFBSX0NPTlNFTlRfXyZ1c19wcml2YWN5PV9fQ0NQQV9GTEFHX18mZHNrZXk9ZW5hYmxlZA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-213173459-6&cid=351675966.1703154222&jid=339553884&gjid=1818026747&_gid=164849101.1703154222&_u=YCDACAAABAAAACAEK~&z=1730207038
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 21 Dec 2023 10:23:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.saultstar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame A87B 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ea2e7e876bcafb44eed4b87bfd0ca1a002aae1e693d5f8c4f669d5ed4d109b3

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je3bt0v880952817z8880952820&_p=1703154221931&gcd=11l1l1l1l1&dma=0&cid=351675966.1703154222&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=2&sid=1703154222&sct=1&seg=0&dl=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&dt=Thessalon%20band%20office%20blocking%20election%20appeal%20process%2C%20officials%20say%20%7C%20Sault%20Star&en=ad_impression&_c=1&ep.query_id=CKiwhfOnoIMDFXzZEQgdLogIYg&_et=191&tfd=3090
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.saultstar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je3bt0v880952817z8880952820&_p=1703154221931&gcd=11l1l1l1l1&dma=0&cid=351675966.1703154222&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=3&sid=1703154222&sct=1&seg=0&dl=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&dt=Thessalon%20band%20office%20blocking%20election%20appeal%20process%2C%20officials%20say%20%7C%20Sault%20Star&en=ad_impression&_c=1&ep.query_id=CKmwhfOnoIMDFXzZEQgdLogIYg&_et=1&tfd=3091
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.saultstar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-60TQYJ3HTT&gtm=45je3bt0v880952820&_p=1703154221934&gcd=11l1l1l1l1&dma=0&cid=351675966.1703154222&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=2&dl=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&sid=1703154222&sct=1&seg=0&dt=Thessalon%20band%20office%20blocking%20election%20appeal%20process%2C%20officials%20say%20%7C%20Sault%20Star&en=ad_impression&_c=1&ep.debug_mode=false&ep.gtm_version=55&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.project_type=Newsroom%20daily&ep.page_type=story&ep.platform=Cheetah&ep.platform_version=15.1.1&ep.fem_version=v93.0&ep.brand=Sault%20Star&ep.timestamp=2023-12-21T11%3A23%3A42.352%2B01%3A00&ep.ga_client_id=351675966.1703154222&ep.query_id=CKiwhfOnoIMDFXzZEQgdLogIYg&_et=124&tfd=3094
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-60TQYJ3HTT&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.saultstar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-60TQYJ3HTT&gtm=45je3bt0v880952820&_p=1703154221934&gcd=11l1l1l1l1&dma=0&cid=351675966.1703154222&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=3&dl=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&sid=1703154222&sct=1&seg=0&dt=Thessalon%20band%20office%20blocking%20election%20appeal%20process%2C%20officials%20say%20%7C%20Sault%20Star&en=ad_impression&_c=1&ep.debug_mode=false&ep.gtm_version=55&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.project_type=Newsroom%20daily&ep.page_type=story&ep.platform=Cheetah&ep.platform_version=15.1.1&ep.fem_version=v93.0&ep.brand=Sault%20Star&ep.timestamp=2023-12-21T11%3A23%3A42.352%2B01%3A00&ep.ga_client_id=351675966.1703154222&ep.query_id=CKmwhfOnoIMDFXzZEQgdLogIYg&_et=1&tfd=3096
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-60TQYJ3HTT&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.saultstar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
3520
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
377
x-fastly-trace-id
3155369612
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-mxp6939-MXP
x-timer
S1703154223.504265,VS0,VE0
identify
identity.mparticle.com/v1/ 		174 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f27c3cf075cdc6041233d4196bb490f3f9ea6fe5d5f43b1d782b805be818015b
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-mxp6939-MXP
date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1703154223.524525,VS0,VE117
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
x-fastly-trace-id
3155369732
accept-ranges
bytes
x-cache-hits
0
identify
api.permutive.com/v2.0/ 		50 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
d4892db659718f9033cdbb97f748925761ea07b4614ebc5503057270de8b63c4

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-mxp6953-MXP
date
Thu, 21 Dec 2023 10:23:42 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1703154223.525400,VS0,VE11
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
ingest.php
events.newsroom.bi/ 		50 B
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.128.96.120 Sartrouville, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy04.cl11.ovh.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
e0a4db8779dc244a772e.js
sdk.mrf.io/statics/ 		50 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/e0a4db8779dc244a772e.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c615104d3516e49abe78a9102737c6aa04056c6a8090e5746a38921d3b3811ab

Request headers

Referer
https://www.saultstar.com/
Origin
https://www.saultstar.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
via
1.1 f082f6543392e25460f1119e4a1991fe.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
LHR61-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 11:27:45 GMT
server
cloudflare
etag
W/"44ac276b251e58c5c7f65bad76e76963"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
838f6942cf00baeb-MXP
x-amz-cf-id
gVrWAnh6ryF8UbTea1EifM0BAK03YlPoEeBZLtvm6niOFAd328QWNQ==
dw-check.html
experiences.mrf.io/marfeelpass/statics/ Frame F442 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=5
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1931084
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400, s-maxage=2592000
cf-cache-status
HIT
cf-ray
838f69431cea0e8b-MXP
content-encoding
gzip
content-type
text/html
date
Thu, 21 Dec 2023 10:23:42 GMT
last-modified
Thu, 23 Nov 2023 12:08:24 GMT
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-envoy-upstream-service-time
2
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-6&cid=351675966.1703154222&jid=339553884&_u=YCDACAAABAAAACAEK~&z=755745613
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-6&cid=351675966.1703154222&jid=339553884&_u=YCDACAAABAAAACAEK~&z=755745613
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E250 		267 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI61wgIQlZTUAhi3usFsMAE&v=APEucNWw4Yqn4JE5gd4uxbmc9p71sWgp0B9OhFDVM1dFYlWCilrfNHVmG_gCfibeznxtV2KrR7ObwpNveafvHvRLCRZAb-CX_w
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
101
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 10:23:42 GMT
expires
Thu, 21 Dec 2023 10:23:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0AA6 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 10:23:42 GMT
5d68fac3-47ef-4f73-aba7-04983c26f2a6
a1110.casalemedia.com/impression/v2/903014/85/cm214bdcmvi8ok77r3s0/ Frame 0AA6 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1110.casalemedia.com/impression/v2/903014/85/cm214bdcmvi8ok77r3s0/5d68fac3-47ef-4f73-aba7-04983c26f2a6?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1703154821&profileIDs=&creativeID=1680bc7&pubID=184635&format=banner&channel=site
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.60.41 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:42 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AA6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AsK0BP-DQb0Txnv-UvsuIVaFbyME4Sj8OYpDKIw8KltN2O7--gxzcMY6pFRaPyVNp7TZ5Pxc4zvvb3kp3DGdWlmjwW0HM6xFoA0tH6Sgj-bk6ufSY
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
961 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-32.fra56.r.cloudfront.net
Software
/
Resource Hash
af7817454f184febcf58eabfb75d78ba890523372975c993861c6bbff4d66c2c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2, FRA56-P5
x-amzn-requestid
963a5822-1012-462b-91c4-2ec7842e0f4f
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
QSfHUH9mCYcEjvg=
content-length
555
x-amz-cf-id
k2gUwkVRxVjypgJtMsE7uV0x9q0m3cFBQ85bU_2G70X8mVSXxq1KRw==
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=874936816394224&bg=!x8SlxIvNAAY3kmNgF5I7ADQBe5WfOB1aILD51nB0UWMQQachXiLVHuvx_jw6lg8Y5SAxbzNsb_16XJOgA9jDXdIsgjL3AgAAADRSAAAAAWgBB5kC89Jz6uyr_a8tn510xQL2rAdEtJqFl8x9prcGoH73M_eOf5GKtUAKl0q-Ev1WRijNrjUZcc71M4aqK_wuw7FuevsSSgM0b4pZVMj3Fi-e4c48Nxzd0J5M1A65Bij5kSGzuivYbR4NXCn7nL42kzd_PBgeGzarJ93dKJuPSg1d-eJB1Lhee7E_nIiJMktML7krI19J7zhyZk-2_472rrwdQn0bOqgRo4w9s4h45FAQa2lfouUBCMblhPV3M1CLN9Lfq3pyHxu7b_WwGl1F2mPTBcYMXIsbqk7Y1V22wtoAHu2MbdWQtCwnR74PWAAORPL9curMBA-d-YHOeC0SPpdQdxdkawAsbAt-x6TInzpvUuAO5Y0kdfzz297oxYZKOYiga-OrHQHLBeJ8rDcg0ChWRggeoNkBNZOjxjKo-8ERGOBeuztAEPxewAZQ-zHTICgR0wMCy5CaLjSafnbZVe8ZVBnMtzdi7czjf0Fug9zbErkJA9rexYfPyvL8JgRPdJTzoZDl-xLhGpgYfY3U5PZZzo_Zestw5QLuG07rmUSvZD_lqS9ipzhIjYJDzu_qV0x8V_Efq6-qRMtyw6y2qKMkfRFTlJ9lFthshlp1XvWPB_Hmdt7C4zk6YFp50JJg9y0AOAXx-WvuLJ0kexwj-NoWE5E8Yogtm7uWuaz0MYjjRPPx4GX6d6Egpvqe5DyRkDMH-hPZhCadfrKZSkYUqZjofYUWH98YfLh9QEhzMOyjNSKsVgpIpwVbH8PfSqS6gBr_Mv7ZrdT5Ia0VIiwHkhlYLNLi3G5p0qxmB7ROVUGnp5ShrnKrCuCn5t9bxaGu0XvPUnN2B3kSzsjszfMMMM9ZWvLVjVH6yZnnLjIs0EZ5UtA798uyZ_SR9D1YYsB0L9OSb4X0meVWAnPwkKPSLS5bBFpgWXC6_ak4A061R28NlZnVdm1totzwgjWa_0yOayDfKmhQVlN0CxZLiXZC3vwLKDdPwvqPRF4YPO7-VJeisQ_RERS4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&rl=&if=false&ts=1703154222572&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703154222571.1954775357&cs_est=true&ler=empty&it=1703154222379&coo=false&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 21 Dec 2023 10:23:42 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&rl=&if=false&ts=1703154222574&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1703154222571.1954775357&cs_est=true&ler=empty&it=1703154222379&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 21 Dec 2023 10:23:42 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
audiences
api.permutive.com/audience-matching/v1/id/8132c82d-5721-479e-83c0-5734278c7f39/ 		12 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/8132c82d-5721-479e-83c0-5734278c7f39/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 21 Dec 2023 10:23:42 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
view
securepubads.g.doubleclick.net/pcs/ Frame A87B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAFhX0KqtDHolGE7OqWLAgQ-A190ns6G2lboNH9z_BKj8-veMts1_lOIsONPTLjvjKoIcYQAHhiSI6nJWQ60esutDCFuBO5IbAIStJjnjCK-V7iSjm_Qgf0e1gVkNUHdqM6Kfg-nVwiC2ZS3qVQOTAKSiLba05xDvAmXoOLiAzMmU_FhibZQSiGfnrEys8ZI2bWBJsjNCY3dhPZM-CUuy2wdhnz5eL3Co7zoad4BvDOZtmz65KLNC34agQU1jGCzL249iItTwCP81-HjnobgeI6Z7HLEv3enNBJJLDGiEzfYs1N-nZqTvBqu-P4iSLGjLAfSQGcn8CMuqFt8yqew1i58X8EbNKbE9PlatDpTXb2HAuWrorYb3cg77A8HqFHBu7o5rqaMQ2vtFvnOSLlP5m&sai=AMfl-YQSMo64KB_vTngS51uVAKGNhhm4Hhc0xDMDLBqyYm1HBJ0LhReQA2GOgpLfsWxmRLlPF27Tu6f0sR_YY43Ayz5kqxj0eereVHTilXU4lPiDErJjjLA_Ix-rPsWPUHJAsRJLwJOJ6bw8VjE5Wj_A99w&sig=Cg0ArKJSzIW3rd3YDMu8EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 21 Dec 2023 10:23:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AA6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4102868849806&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AA6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4102868849806&version=m202309260101&ct=76&x=13&cor=9652634306557070000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0AA6 		94 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfAOrg8ws-qSuSpRXn_J-PydZ06rp0SLNl0eWO4-mTOiY9wG_U-tT4CL_Co5DJdxfCrCYLFsiFh_SXPncZz40ueJKqr0Bn2SdQF18xafdBcR4kjzWqtodYq3PFDQqlml3qFizjD4qWSQLKv9mDBf06UY0rNrWnxsyMeFvvQb-vTU44YDI&dbm_d=AKAmf-DJRlDvxmNYR3Prw0ecRUIqk4eXAYYv9Fs4veN4NiwjrPBf89376ixAtgMsXOF7FdahIS6AqMb_2Vlhcl_QqMcMD7bI8PPpD__3V8ZH0UjOwXM4dCdWoXcKtx0lWNczI-e9oVnuF36IRqWpmKKWT2rVkfJhk_XZdvI1g3WHvw3EfBaW6BDUXqXGGrazSCh5yS-HW-xynei8XHcNxD6ksX7VB5VsZlfiOcZFNC_pgRf-QOvi9Nk-fH0xFVqyJNGtVoi0j1yvMuBLKNRGgA5h9OdfrM0PXrXIG2N_xB_7HLWJeebCfT0RITnsbUxPK0d851g6UvyyrB_VXBM0KaTYQhA4Z4bL52fDdLruVvZbR4u78-vgo9y16_4ROdQK4DEhaOg-09recqkMjH001cDq-YKVf9b3cybCca1MV14_eaQ_KsnD0Agt7cQEkJIGnq8MAaE5u0a8HglKzfHra64sBi6bv4y3asaj6hnlSizhdKzv6BBtqhEZtEfvaUP28N3h2ZgvlC8dQLokv5PG2qMtvchcOc3JHyMPifdOcbWcxPay-kHTaOUsHI1lpao1a1KiUHqwbk9NId8KhmFKdBhTKsIGOz8dFHcamatZ12sSxcSF2r1-gKsHhnCzWuoICeA70OKub6KdLnOwn8bRlUC2C8EL37R-hbhnfELhA2jPuBeCItnSx3MXbz9saBlOc2Y6wgaxApO44TFgiWH3QtNliXWaa_pdTZD8Ui-opOIWQIM1wVjRTudd8qFUNuwxyCZsE2FT3OARMj_kl5bfwUvfE4gLU7Lx6LBvt9b8Ku5X1VSdRMHQU7Y5Ru_A2R8jX3u0TAv71mxdUsV9o0uSr5LJqB_tKVSzjE7z_NUp7vl21eHteQOxc81431e8isIvJsCd19w5eTA4Ec_ko6g3t3a7v9HM-WfhLDKgou50Y-eBMy9Kk6n-gX3HZtcF_CHTg19g6B2f_2Bt9WssHiHqpQ4hzc4YQaEkZjK4_DRYTiGgs3iB4KJtoTuz6dTBiYCpBurgJtZy1WjlNLgusXi7wGtI3pa6ZYYa6jLCb98zLO7ZECG58mDGf2av-BUmg1MqKhidIqQw8gWLuJxivCjtOR7kpXieURxiFtYBsA987Jyh-zb_SO0QUnXmcUni7tT1JH_oiKNABw0dsE5qyX3GQZvpCSlCfy1nEWlukUFlvCb0HIaDDj0xA53R3cpwLPzdWzCL6joh4rHzCaA8XFB6FcZu0SdpM0JcOh2fqpssfQi3--WwW85jeQRTy0kCViu9LgcpDJPWQ5ptALCDcTOKcB5PCnMq4A-YVFsinx0JewnUobx0KcYp_VM4gdKcvtaPkfBeVHfqJUegfh94bpqg6XBolBEFvLZgiN7LmOtk0J1qKWhj4F6xi21Hsw_1RF65QlCbSPy-8Paxaf8aNiXFDd8e9CtVBpXz1Tb0ffQQPMZTNLBQDRdPugBNcYxWSVOMY2Pz5aruZvGmjBAjDIflmQjkcbeAON10kDYUvjFftHpdgAUEXxADehml62NWiZj1CMcRDHCGeiOzhrdpCgIS5vqJr36iAxv8ybENricseG2jSrez7GkQOxmtC2-8m9WmZvjjGJHOFAFr2j5iAp0oIok6yN5y8Ao6z_q3Qg7T9RyWt9B9BOhVrwHSE9STratc6oXhsVVuKbMhHwv3sGNw4GzlNWIPrVSgygx40DJNPRqDQ-lzabiY3kRsAo-764OEkTWaEqu4kPdzBitkaxEgh5w4j1KiJ-MXxv21VLXSezDzb4iVapasOFgC_LJY9b8JxCtOLWtNbwXc2UsVz2-y1TpUWtw_BZG07czGDikzrlSgw8i_5WETQs70tvNVoevgDcYvRK0__Tpye2aanQPaQ2pUCdI0rmUSprqTJF5q4Wgv7QfSB0zg3IP0dFyTqIBFmbNjvDqTsGAOMSgYPMKSy7bfQFcKabzndVSpBN7fFryYI5Q5McE7jYUj1dM0WAH-hH7hx89E7KxHa5CuWRrWBA16Y0jjKk8A3MgotwuGoKCHLThRLRdppTnEvTSODJRVxBliWXBYaAlsLGll71XDNA3oaLvMEBNHhvSXW-lgRdNyl79mLI5KWy1v2G99oYKTq3G0VAwxyWwkeypBF65gDIvUnQAwkSduStObUKyxe-OsNgPPs5PACWFJsO3KCIO_BiZMVG5b2HDTHwB-9N8LF-aGV8j1UJuvcvWG9ot1ux2zLUWyrc9oVnK_BcS1j8RdS7rY_E8Wxvtd5ezAlgVTfAnhMN7828-hp0Xgg66RrHaKvsHGCMpnWOVRSs5AAJGQkDjc2PB44boGqw7ljVzzjafJIJcM7af1-eLDNhonlN4m2jUviR6yB50dGeN6_5Sf6zVODUS8aHMBslpr50xCefsrpZ_80GLppUONPLMWqrJ20YKIRnh-RnW7q841qf6YjORsohS1dofC29UOz-3trLUCY2gtsyNepJt3jGr8YvPtWxW2Qmyg2Xd5X53bKQ5MPUARrvrRju3t5v6LLhG0ut_XE4ko_2J-OOv5_SM8aTX_W7kLT3hqMC5v0_QjL0ziq25QAGMDVlSn_uEnOxOZEM9ZmiTrHwv2L-0HRjBKmh8GToFa-bImanLWnl5pxgjEuACxq74N8XfIF9rf6IdFEuR4Ln2p_4ur8LDrCNCpZ5nCvhefJVGtOQiR3BseOP6w5d8s6geujanhAjpS6vlMSbAPYBRF7in0cYMoNXqdBJMcet8zVZZ0s92UkBtfL0V_gwbStNEzclGgyinCeypmuIGqXHj2nSDQ8yevMcnUpmU6BsuJR03-LpIQ1Qe6iy-mdu49uzpoSvoteO786eKVSo6QuBIKh4-ot7h4NcKRxLAQqwE9JUQFKoEteOff1aljgeVXo4k5-DYH0ak-t7qKe06GwqEEbEN-_TLWGf3M5GkHEY20rw7qhlglJ3vz5G7mnPll-swqoQyBRf9T8ea8uqBWqS-IQvIbjAFnNN90GoiBzlRU07ClC3v5XechfeV_m-0gW0HESnO-SOxWOMyvIzUXaHqZdEDquY3tYnPD3cVSiF16j0ZAZdifNWJzYTiTEQFdTDSqxBsVMDM02uL3lKBX4KZ02Hx3KSy4V6emTeJ048uF7hLF6jUl_yWk8AkF11LLbiTlWWAfdak5AtH2efYIvY-aCrm-OUgrhEqlQ3FPt0xOni0WDbQoSYFpVwvWqwRvl1bwQUFaSS3SDbCYzT4QpaHcO3iMIa_geDgBVcghCakpVs4O5zOxu5RbRyWJYCfIjJpS86zK7WVugAZGHIszd3nxm-usmOyTmIWmxRrFoS-2qZ3HR0IP5ulJW3TLIBUYLx2InBWKFWQIpJsjFgwjC_mYNH-J7-oe3_Zm_XRg29UutwtGKfRNuz0MHd0lhk5iToBIEMj_5S3NNRh0OwDeXxcnzYmBpQygZiMxPzL2iWaZ4SRWttXaMxVmbBia9pwVM1-Xh1nsB6rOmIrndSMsStd0mIYGUJD7UqJylSd1Marc9yhYcjkLftoE8B82vkbPNVe_lmyJs_q2o6emfAZOp3k2jw7aqmNQ3D6W_D5u-P4YCoheaqu3-0OaZdosnOwiXOcvuLlEjQZuyksSISQotKvHUfVKSLLjy0COmru5_3YlLosrv6zOJP4a0rL1OMABgxE3a-Pw61lxR2YTphK9-JegXSmctGaHJ-h7xJJKFLMZVMtQ2IzNRnfp2mfuoD0I-lO6wvH4CkhRdlvNYPG80wSuDrgNqQPIDN7q8E9Sfw4lD-x4h-D0RsC9o-UKuVgIbRD9ZjDs&pr=13%3AZYQSLQAAAABZUPcQLWj19HSgiG0BQMFYx2cj5Q&cid=CAQSMgAvHhf_I7KgwINFX-XI8dzea1_llgeuVapRNpETQiM6FGvJYuSFb45AObUm8sxiWh3bGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&ds=l&xdt=0&iif=1&cor=9652634306557070000&adk=2668103760&idt=84&cac=0&dtd=25
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
591b193315e5a62bc0cd6ff5924b299f0f0eaf521af38798304169b07ad4a75e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40057
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame E250
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEL0hzhf14o-3WuXm56AtVj8&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEL0hzhf14o-3WuXm56AtVj8&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=e17503c86d4dd9d0a5d7f4daa763ba47&uid=e17503c86d4dd9d0a5d7f4daa763b...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI61wgIQlZTUAhi3usFsMAE&v=APEucNWw4Yqn4JE5gd4uxbmc9p71sWgp0B9OhFDVM1dFYlWCilrfNHVmG_gCfibeznxtV2KrR7ObwpNveafvHvRLCRZAb-CX_w
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:42 GMT
Last-Modified
Thu, 21 Dec 2023 10:23:42 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E250 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI61wgIQlZTUAhi3usFsMAE&v=APEucNWw4Yqn4JE5gd4uxbmc9p71sWgp0B9OhFDVM1dFYlWCilrfNHVmG_gCfibeznxtV2KrR7ObwpNveafvHvRLCRZAb-CX_w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		40 B
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b74d9f6fbb6cf4307e1b2eed938b6a3c343893863d7cfa43aea16832e5ca89ca

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-mxp6953-MXP
date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1703154223.673057,VS0,VE82
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
truncated
/ 		226 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e8db71249f82bb7584f1a2b6744275d18a4b5940ec8d48da133c65e81d5a23b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
pblib.min.js
a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/ Frame DAFA 		368 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8ed5a17cc40a3e61b27ffc7085528079e8c2591633b0433ca7ae3fdee18cc30

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
N2rhRmpluJJr8dne7Zwm5odAsuj70Rdj
content-encoding
gzip
date
Thu, 21 Dec 2023 10:23:42 GMT
akamai-cache-status
Hit from child
x-amz-request-id
9Z6Y386EV47N1F92
akamai-grn
0.9d7d1302.1703154222.422e11a3
x-amz-server-side-encryption
AES256
akamai-mon-iucid-del
1527398
content-length
117939
x-amz-id-2
s0Fmu4m5lGW3x977DjdsW369AYVd8g02hsxPWB207eg2l6oP3EHgnJNRyk8GeqxpN2HBBiHIPt8=
last-modified
Mon, 25 Sep 2023 23:37:33 GMT
server
AmazonS3
etag
"91adb5acce8739f457d0f760e6a9193c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=71069
accept-ranges
bytes
expires
Fri, 22 Dec 2023 06:08:11 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame DAFA 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Thu, 21 Dec 2023 10:23:42 GMT
191231-96143263832481.js
js-sec.indexww.com/ht/p/ Frame DAFA 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37f9b8c4f451c35a6bfa6f0053259ee5b69287dc9fc8b2fe366b7d25d312f1d9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 10:15:36 GMT
server
cloudflare
age
405
etag
W/"905900-7e27-60d026177336b"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
838f69440ac901fc-ZRH
expires
Thu, 21 Dec 2023 14:23:42 GMT
cdgv_nationalpost_trending_articles_20231221052515_6583c8668193a_new.jpg
d14c63magvk61v.cloudfront.net/videos/22507/cdgv_nationalpost/20231221052515_6583c8668193a/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d14c63magvk61v.cloudfront.net/videos/22507/cdgv_nationalpost/20231221052515_6583c8668193a/cdgv_nationalpost_trending_articles_20231221052515_6583c8668193a_new.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:6800:0:2f8e:a8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f3579e3bc5e91b52c4574003c94ed5cb81835c7241feab7f4eddc0e7f45fcfc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 05:28:26 GMT
x-amz-version-id
GHiBsyZm9ljhCBzcOx4EdTMUd9NCKZhM
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-request-id
6B3VA6VK0B66BB3T
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
age
17717
x-cache
Hit from cloudfront
content-length
15509
x-amz-id-2
HsEzp2P8jFrR6Uov+4Pl5E4pk+iv3/AYFL4GCBaeSA4qAzTrSJUYcPyfE+ekyARPq9yy55sjdEQ=
last-modified
Thu, 21 Dec 2023 05:25:20 GMT
server
AmazonS3
etag
"2c40e9532cec9dc9248b1e0c2e3b73d7"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
aKCG23qXsyvdqkHc9OkEBHdZe_gBHimePBlSxzL4TgcIJ1qX0aW3-w==
cdgv_nationalpost_trending_articles_20231221052515_6583c8668193a_new.mp4
d14c63magvk61v.cloudfront.net/videos/22507/cdgv_nationalpost/20231221052515_6583c8668193a/ 		48 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://d14c63magvk61v.cloudfront.net/videos/22507/cdgv_nationalpost/20231221052515_6583c8668193a/cdgv_nationalpost_trending_articles_20231221052515_6583c8668193a_new.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:6800:0:2f8e:a8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.saultstar.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 21 Dec 2023 05:35:23 GMT
x-amz-version-id
vKimUfah49W2UdVbV5Fj1QTbZ1uQABwy
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-request-id
PHB0MDZXYP0H8H71
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
age
17300
x-cache
Hit from cloudfront
Content-Range
bytes 0-2936474/2936475
Content-Length
2936475
x-amz-id-2
MEcJjxvyU3Td8/iAUTXXakV5zCaIqxFxtCA89xAoa4310Hl9csmNxPbVA1CBqR2vMGcZuWln5ms=
last-modified
Thu, 21 Dec 2023 05:25:18 GMT
server
AmazonS3
etag
"e6024e1dc279104fb677cbe4a941f621"
content-type
video/mp4
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
FBb3DZzeYbJ_jQCCLXBY43w8sCEndtulIGeUBV1EXgjQV4VGCoWSIg==
thirdpartycookie
api.viafoura.co/v2/www.saultstar.com/ 		45 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.saultstar.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4848:c843:e803:e83b:7cec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-instance-id
i-015bc6f82f498cc7a
pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.saultstar.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Thu, 21 Dec 2023 10:23:42 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 0AA6 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.saultstar.com/
Origin
https://www.saultstar.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 23:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38078
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:49:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 0AA6 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfAOrg8ws-qSuSpRXn_J-PydZ06rp0SLNl0eWO4-mTOiY9wG_U-tT4CL_Co5DJdxfCrCYLFsiFh_SXPncZz40ueJKqr0Bn2SdQF18xafdBcR4kjzWqtodYq3PFDQqlml3qFizjD4qWSQLKv9mDBf06UY0rNrWnxsyMeFvvQb-vTU44YDI&dbm_d=AKAmf-DJRlDvxmNYR3Prw0ecRUIqk4eXAYYv9Fs4veN4NiwjrPBf89376ixAtgMsXOF7FdahIS6AqMb_2Vlhcl_QqMcMD7bI8PPpD__3V8ZH0UjOwXM4dCdWoXcKtx0lWNczI-e9oVnuF36IRqWpmKKWT2rVkfJhk_XZdvI1g3WHvw3EfBaW6BDUXqXGGrazSCh5yS-HW-xynei8XHcNxD6ksX7VB5VsZlfiOcZFNC_pgRf-QOvi9Nk-fH0xFVqyJNGtVoi0j1yvMuBLKNRGgA5h9OdfrM0PXrXIG2N_xB_7HLWJeebCfT0RITnsbUxPK0d851g6UvyyrB_VXBM0KaTYQhA4Z4bL52fDdLruVvZbR4u78-vgo9y16_4ROdQK4DEhaOg-09recqkMjH001cDq-YKVf9b3cybCca1MV14_eaQ_KsnD0Agt7cQEkJIGnq8MAaE5u0a8HglKzfHra64sBi6bv4y3asaj6hnlSizhdKzv6BBtqhEZtEfvaUP28N3h2ZgvlC8dQLokv5PG2qMtvchcOc3JHyMPifdOcbWcxPay-kHTaOUsHI1lpao1a1KiUHqwbk9NId8KhmFKdBhTKsIGOz8dFHcamatZ12sSxcSF2r1-gKsHhnCzWuoICeA70OKub6KdLnOwn8bRlUC2C8EL37R-hbhnfELhA2jPuBeCItnSx3MXbz9saBlOc2Y6wgaxApO44TFgiWH3QtNliXWaa_pdTZD8Ui-opOIWQIM1wVjRTudd8qFUNuwxyCZsE2FT3OARMj_kl5bfwUvfE4gLU7Lx6LBvt9b8Ku5X1VSdRMHQU7Y5Ru_A2R8jX3u0TAv71mxdUsV9o0uSr5LJqB_tKVSzjE7z_NUp7vl21eHteQOxc81431e8isIvJsCd19w5eTA4Ec_ko6g3t3a7v9HM-WfhLDKgou50Y-eBMy9Kk6n-gX3HZtcF_CHTg19g6B2f_2Bt9WssHiHqpQ4hzc4YQaEkZjK4_DRYTiGgs3iB4KJtoTuz6dTBiYCpBurgJtZy1WjlNLgusXi7wGtI3pa6ZYYa6jLCb98zLO7ZECG58mDGf2av-BUmg1MqKhidIqQw8gWLuJxivCjtOR7kpXieURxiFtYBsA987Jyh-zb_SO0QUnXmcUni7tT1JH_oiKNABw0dsE5qyX3GQZvpCSlCfy1nEWlukUFlvCb0HIaDDj0xA53R3cpwLPzdWzCL6joh4rHzCaA8XFB6FcZu0SdpM0JcOh2fqpssfQi3--WwW85jeQRTy0kCViu9LgcpDJPWQ5ptALCDcTOKcB5PCnMq4A-YVFsinx0JewnUobx0KcYp_VM4gdKcvtaPkfBeVHfqJUegfh94bpqg6XBolBEFvLZgiN7LmOtk0J1qKWhj4F6xi21Hsw_1RF65QlCbSPy-8Paxaf8aNiXFDd8e9CtVBpXz1Tb0ffQQPMZTNLBQDRdPugBNcYxWSVOMY2Pz5aruZvGmjBAjDIflmQjkcbeAON10kDYUvjFftHpdgAUEXxADehml62NWiZj1CMcRDHCGeiOzhrdpCgIS5vqJr36iAxv8ybENricseG2jSrez7GkQOxmtC2-8m9WmZvjjGJHOFAFr2j5iAp0oIok6yN5y8Ao6z_q3Qg7T9RyWt9B9BOhVrwHSE9STratc6oXhsVVuKbMhHwv3sGNw4GzlNWIPrVSgygx40DJNPRqDQ-lzabiY3kRsAo-764OEkTWaEqu4kPdzBitkaxEgh5w4j1KiJ-MXxv21VLXSezDzb4iVapasOFgC_LJY9b8JxCtOLWtNbwXc2UsVz2-y1TpUWtw_BZG07czGDikzrlSgw8i_5WETQs70tvNVoevgDcYvRK0__Tpye2aanQPaQ2pUCdI0rmUSprqTJF5q4Wgv7QfSB0zg3IP0dFyTqIBFmbNjvDqTsGAOMSgYPMKSy7bfQFcKabzndVSpBN7fFryYI5Q5McE7jYUj1dM0WAH-hH7hx89E7KxHa5CuWRrWBA16Y0jjKk8A3MgotwuGoKCHLThRLRdppTnEvTSODJRVxBliWXBYaAlsLGll71XDNA3oaLvMEBNHhvSXW-lgRdNyl79mLI5KWy1v2G99oYKTq3G0VAwxyWwkeypBF65gDIvUnQAwkSduStObUKyxe-OsNgPPs5PACWFJsO3KCIO_BiZMVG5b2HDTHwB-9N8LF-aGV8j1UJuvcvWG9ot1ux2zLUWyrc9oVnK_BcS1j8RdS7rY_E8Wxvtd5ezAlgVTfAnhMN7828-hp0Xgg66RrHaKvsHGCMpnWOVRSs5AAJGQkDjc2PB44boGqw7ljVzzjafJIJcM7af1-eLDNhonlN4m2jUviR6yB50dGeN6_5Sf6zVODUS8aHMBslpr50xCefsrpZ_80GLppUONPLMWqrJ20YKIRnh-RnW7q841qf6YjORsohS1dofC29UOz-3trLUCY2gtsyNepJt3jGr8YvPtWxW2Qmyg2Xd5X53bKQ5MPUARrvrRju3t5v6LLhG0ut_XE4ko_2J-OOv5_SM8aTX_W7kLT3hqMC5v0_QjL0ziq25QAGMDVlSn_uEnOxOZEM9ZmiTrHwv2L-0HRjBKmh8GToFa-bImanLWnl5pxgjEuACxq74N8XfIF9rf6IdFEuR4Ln2p_4ur8LDrCNCpZ5nCvhefJVGtOQiR3BseOP6w5d8s6geujanhAjpS6vlMSbAPYBRF7in0cYMoNXqdBJMcet8zVZZ0s92UkBtfL0V_gwbStNEzclGgyinCeypmuIGqXHj2nSDQ8yevMcnUpmU6BsuJR03-LpIQ1Qe6iy-mdu49uzpoSvoteO786eKVSo6QuBIKh4-ot7h4NcKRxLAQqwE9JUQFKoEteOff1aljgeVXo4k5-DYH0ak-t7qKe06GwqEEbEN-_TLWGf3M5GkHEY20rw7qhlglJ3vz5G7mnPll-swqoQyBRf9T8ea8uqBWqS-IQvIbjAFnNN90GoiBzlRU07ClC3v5XechfeV_m-0gW0HESnO-SOxWOMyvIzUXaHqZdEDquY3tYnPD3cVSiF16j0ZAZdifNWJzYTiTEQFdTDSqxBsVMDM02uL3lKBX4KZ02Hx3KSy4V6emTeJ048uF7hLF6jUl_yWk8AkF11LLbiTlWWAfdak5AtH2efYIvY-aCrm-OUgrhEqlQ3FPt0xOni0WDbQoSYFpVwvWqwRvl1bwQUFaSS3SDbCYzT4QpaHcO3iMIa_geDgBVcghCakpVs4O5zOxu5RbRyWJYCfIjJpS86zK7WVugAZGHIszd3nxm-usmOyTmIWmxRrFoS-2qZ3HR0IP5ulJW3TLIBUYLx2InBWKFWQIpJsjFgwjC_mYNH-J7-oe3_Zm_XRg29UutwtGKfRNuz0MHd0lhk5iToBIEMj_5S3NNRh0OwDeXxcnzYmBpQygZiMxPzL2iWaZ4SRWttXaMxVmbBia9pwVM1-Xh1nsB6rOmIrndSMsStd0mIYGUJD7UqJylSd1Marc9yhYcjkLftoE8B82vkbPNVe_lmyJs_q2o6emfAZOp3k2jw7aqmNQ3D6W_D5u-P4YCoheaqu3-0OaZdosnOwiXOcvuLlEjQZuyksSISQotKvHUfVKSLLjy0COmru5_3YlLosrv6zOJP4a0rL1OMABgxE3a-Pw61lxR2YTphK9-JegXSmctGaHJ-h7xJJKFLMZVMtQ2IzNRnfp2mfuoD0I-lO6wvH4CkhRdlvNYPG80wSuDrgNqQPIDN7q8E9Sfw4lD-x4h-D0RsC9o-UKuVgIbRD9ZjDs&pr=13%3AZYQSLQAAAABZUPcQLWj19HSgiG0BQMFYx2cj5Q&cid=CAQSMgAvHhf_I7KgwINFX-XI8dzea1_llgeuVapRNpETQiM6FGvJYuSFb45AObUm8sxiWh3bGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&ds=l&xdt=0&iif=1&cor=9652634306557070000&adk=2668103760&idt=84&cac=0&dtd=25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 01:57:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
30344
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 01:57:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 0AA6 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfAOrg8ws-qSuSpRXn_J-PydZ06rp0SLNl0eWO4-mTOiY9wG_U-tT4CL_Co5DJdxfCrCYLFsiFh_SXPncZz40ueJKqr0Bn2SdQF18xafdBcR4kjzWqtodYq3PFDQqlml3qFizjD4qWSQLKv9mDBf06UY0rNrWnxsyMeFvvQb-vTU44YDI&dbm_d=AKAmf-DJRlDvxmNYR3Prw0ecRUIqk4eXAYYv9Fs4veN4NiwjrPBf89376ixAtgMsXOF7FdahIS6AqMb_2Vlhcl_QqMcMD7bI8PPpD__3V8ZH0UjOwXM4dCdWoXcKtx0lWNczI-e9oVnuF36IRqWpmKKWT2rVkfJhk_XZdvI1g3WHvw3EfBaW6BDUXqXGGrazSCh5yS-HW-xynei8XHcNxD6ksX7VB5VsZlfiOcZFNC_pgRf-QOvi9Nk-fH0xFVqyJNGtVoi0j1yvMuBLKNRGgA5h9OdfrM0PXrXIG2N_xB_7HLWJeebCfT0RITnsbUxPK0d851g6UvyyrB_VXBM0KaTYQhA4Z4bL52fDdLruVvZbR4u78-vgo9y16_4ROdQK4DEhaOg-09recqkMjH001cDq-YKVf9b3cybCca1MV14_eaQ_KsnD0Agt7cQEkJIGnq8MAaE5u0a8HglKzfHra64sBi6bv4y3asaj6hnlSizhdKzv6BBtqhEZtEfvaUP28N3h2ZgvlC8dQLokv5PG2qMtvchcOc3JHyMPifdOcbWcxPay-kHTaOUsHI1lpao1a1KiUHqwbk9NId8KhmFKdBhTKsIGOz8dFHcamatZ12sSxcSF2r1-gKsHhnCzWuoICeA70OKub6KdLnOwn8bRlUC2C8EL37R-hbhnfELhA2jPuBeCItnSx3MXbz9saBlOc2Y6wgaxApO44TFgiWH3QtNliXWaa_pdTZD8Ui-opOIWQIM1wVjRTudd8qFUNuwxyCZsE2FT3OARMj_kl5bfwUvfE4gLU7Lx6LBvt9b8Ku5X1VSdRMHQU7Y5Ru_A2R8jX3u0TAv71mxdUsV9o0uSr5LJqB_tKVSzjE7z_NUp7vl21eHteQOxc81431e8isIvJsCd19w5eTA4Ec_ko6g3t3a7v9HM-WfhLDKgou50Y-eBMy9Kk6n-gX3HZtcF_CHTg19g6B2f_2Bt9WssHiHqpQ4hzc4YQaEkZjK4_DRYTiGgs3iB4KJtoTuz6dTBiYCpBurgJtZy1WjlNLgusXi7wGtI3pa6ZYYa6jLCb98zLO7ZECG58mDGf2av-BUmg1MqKhidIqQw8gWLuJxivCjtOR7kpXieURxiFtYBsA987Jyh-zb_SO0QUnXmcUni7tT1JH_oiKNABw0dsE5qyX3GQZvpCSlCfy1nEWlukUFlvCb0HIaDDj0xA53R3cpwLPzdWzCL6joh4rHzCaA8XFB6FcZu0SdpM0JcOh2fqpssfQi3--WwW85jeQRTy0kCViu9LgcpDJPWQ5ptALCDcTOKcB5PCnMq4A-YVFsinx0JewnUobx0KcYp_VM4gdKcvtaPkfBeVHfqJUegfh94bpqg6XBolBEFvLZgiN7LmOtk0J1qKWhj4F6xi21Hsw_1RF65QlCbSPy-8Paxaf8aNiXFDd8e9CtVBpXz1Tb0ffQQPMZTNLBQDRdPugBNcYxWSVOMY2Pz5aruZvGmjBAjDIflmQjkcbeAON10kDYUvjFftHpdgAUEXxADehml62NWiZj1CMcRDHCGeiOzhrdpCgIS5vqJr36iAxv8ybENricseG2jSrez7GkQOxmtC2-8m9WmZvjjGJHOFAFr2j5iAp0oIok6yN5y8Ao6z_q3Qg7T9RyWt9B9BOhVrwHSE9STratc6oXhsVVuKbMhHwv3sGNw4GzlNWIPrVSgygx40DJNPRqDQ-lzabiY3kRsAo-764OEkTWaEqu4kPdzBitkaxEgh5w4j1KiJ-MXxv21VLXSezDzb4iVapasOFgC_LJY9b8JxCtOLWtNbwXc2UsVz2-y1TpUWtw_BZG07czGDikzrlSgw8i_5WETQs70tvNVoevgDcYvRK0__Tpye2aanQPaQ2pUCdI0rmUSprqTJF5q4Wgv7QfSB0zg3IP0dFyTqIBFmbNjvDqTsGAOMSgYPMKSy7bfQFcKabzndVSpBN7fFryYI5Q5McE7jYUj1dM0WAH-hH7hx89E7KxHa5CuWRrWBA16Y0jjKk8A3MgotwuGoKCHLThRLRdppTnEvTSODJRVxBliWXBYaAlsLGll71XDNA3oaLvMEBNHhvSXW-lgRdNyl79mLI5KWy1v2G99oYKTq3G0VAwxyWwkeypBF65gDIvUnQAwkSduStObUKyxe-OsNgPPs5PACWFJsO3KCIO_BiZMVG5b2HDTHwB-9N8LF-aGV8j1UJuvcvWG9ot1ux2zLUWyrc9oVnK_BcS1j8RdS7rY_E8Wxvtd5ezAlgVTfAnhMN7828-hp0Xgg66RrHaKvsHGCMpnWOVRSs5AAJGQkDjc2PB44boGqw7ljVzzjafJIJcM7af1-eLDNhonlN4m2jUviR6yB50dGeN6_5Sf6zVODUS8aHMBslpr50xCefsrpZ_80GLppUONPLMWqrJ20YKIRnh-RnW7q841qf6YjORsohS1dofC29UOz-3trLUCY2gtsyNepJt3jGr8YvPtWxW2Qmyg2Xd5X53bKQ5MPUARrvrRju3t5v6LLhG0ut_XE4ko_2J-OOv5_SM8aTX_W7kLT3hqMC5v0_QjL0ziq25QAGMDVlSn_uEnOxOZEM9ZmiTrHwv2L-0HRjBKmh8GToFa-bImanLWnl5pxgjEuACxq74N8XfIF9rf6IdFEuR4Ln2p_4ur8LDrCNCpZ5nCvhefJVGtOQiR3BseOP6w5d8s6geujanhAjpS6vlMSbAPYBRF7in0cYMoNXqdBJMcet8zVZZ0s92UkBtfL0V_gwbStNEzclGgyinCeypmuIGqXHj2nSDQ8yevMcnUpmU6BsuJR03-LpIQ1Qe6iy-mdu49uzpoSvoteO786eKVSo6QuBIKh4-ot7h4NcKRxLAQqwE9JUQFKoEteOff1aljgeVXo4k5-DYH0ak-t7qKe06GwqEEbEN-_TLWGf3M5GkHEY20rw7qhlglJ3vz5G7mnPll-swqoQyBRf9T8ea8uqBWqS-IQvIbjAFnNN90GoiBzlRU07ClC3v5XechfeV_m-0gW0HESnO-SOxWOMyvIzUXaHqZdEDquY3tYnPD3cVSiF16j0ZAZdifNWJzYTiTEQFdTDSqxBsVMDM02uL3lKBX4KZ02Hx3KSy4V6emTeJ048uF7hLF6jUl_yWk8AkF11LLbiTlWWAfdak5AtH2efYIvY-aCrm-OUgrhEqlQ3FPt0xOni0WDbQoSYFpVwvWqwRvl1bwQUFaSS3SDbCYzT4QpaHcO3iMIa_geDgBVcghCakpVs4O5zOxu5RbRyWJYCfIjJpS86zK7WVugAZGHIszd3nxm-usmOyTmIWmxRrFoS-2qZ3HR0IP5ulJW3TLIBUYLx2InBWKFWQIpJsjFgwjC_mYNH-J7-oe3_Zm_XRg29UutwtGKfRNuz0MHd0lhk5iToBIEMj_5S3NNRh0OwDeXxcnzYmBpQygZiMxPzL2iWaZ4SRWttXaMxVmbBia9pwVM1-Xh1nsB6rOmIrndSMsStd0mIYGUJD7UqJylSd1Marc9yhYcjkLftoE8B82vkbPNVe_lmyJs_q2o6emfAZOp3k2jw7aqmNQ3D6W_D5u-P4YCoheaqu3-0OaZdosnOwiXOcvuLlEjQZuyksSISQotKvHUfVKSLLjy0COmru5_3YlLosrv6zOJP4a0rL1OMABgxE3a-Pw61lxR2YTphK9-JegXSmctGaHJ-h7xJJKFLMZVMtQ2IzNRnfp2mfuoD0I-lO6wvH4CkhRdlvNYPG80wSuDrgNqQPIDN7q8E9Sfw4lD-x4h-D0RsC9o-UKuVgIbRD9ZjDs&pr=13%3AZYQSLQAAAABZUPcQLWj19HSgiG0BQMFYx2cj5Q&cid=CAQSMgAvHhf_I7KgwINFX-XI8dzea1_llgeuVapRNpETQiM6FGvJYuSFb45AObUm8sxiWh3bGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&ds=l&xdt=0&iif=1&cor=9652634306557070000&adk=2668103760&idt=84&cac=0&dtd=25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:42:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
49275
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Jan 2024 20:42:27 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0AA6 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
490714
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 18:05:08 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 2F81 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184635&gdpr=0
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
673c1b7f2476fa567bf3c5bf34eae12d0af30f3fe87d312e6d20fd3dd9f41aa2

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
838f69445b6a01e7-ZRH
content-encoding
br
content-type
text/html
date
Thu, 21 Dec 2023 10:23:42 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbZo%2FhojIBao3rm2MRoD%2B8Yrg7eh9CQzCXNgmRCKqVn5DeFHgQvhytO%2FyVcp9WbBm5hW2jD%2F1xTb4wvwyvL%2Fflu9mbBi0l4Z53Ht6QcZ%2F%2BNuUlS4eZL2iN2cmtrTN9I%2BdyPu4pfKhDWbqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 0AA6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyBM5F6gInDWORPguoFhT4K9WgOO3tR6kIGxrN_3ZBz2CBictUgpvy8J3YfOfU9kWNDIBwMHUOx688vmf7TT_ubtf8S9wh3_OBXVfHquZXjyVJLnonh40anjgsPTUBT-V-KbH5h6r_T6AH-y2aBMkJnKbxcyARAR6Qv3TpsJo1QnzXFszcxmYcoBQ9eQp_40k1hKgw64Fbz4I8d_cIO0TJxrhLFduF1SwLuEHhTSsGf53udRSM_kbVWdC13WZ3pCXUWK5uXFJF3R6E9oF6SxgDXYeGCMFm8hjx-90Qtrj_5p2ufHJn7otsweA9LFgWMfUFg2_MbjATyoBjjSWb49KND-qhyYmK7W2vQ4J3PB9J1_EJtZSzqBxapWsVp4pckqZeXpDoQVJeUtpIrNhgTLwcV-BO&sai=AMfl-YRJVDEjGPuB5wiluQ4-Bh1d2U4EacEUIjJD-prCyoTAQ_V2EQCFKaWbVAn2MdRdaq_CDytsajNbFh7A8fGUYpzgxuFGr8oFOPbcyseYSJ_JNa3k3asf9TNmEb7rL0b3EbQdqkEwLSHOWL62kYhnUrw&sig=Cg0ArKJSzLb9_0EglNMzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 21 Dec 2023 10:23:42 GMT
truncated
/ Frame 0AA6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c9673e17c76de038743e8c40c755442e113a504a516229b1f0a8b5301562520

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4D72 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
177015
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 09:13:27 GMT
expires
Wed, 18 Dec 2024 09:13:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cdgv_nationalpost_trending_articles_20231221052515_6583c8668193a_new.mp4
d14c63magvk61v.cloudfront.net/videos/22507/cdgv_nationalpost/20231221052515_6583c8668193a/ 		84 KB
84 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://d14c63magvk61v.cloudfront.net/videos/22507/cdgv_nationalpost/20231221052515_6583c8668193a/cdgv_nationalpost_trending_articles_20231221052515_6583c8668193a_new.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:6800:0:2f8e:a8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7da9a385c373f532f8c3124668d592ebf557e4c8d6c9b310ce884491f71b61be

Request headers

Referer
https://www.saultstar.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=2850816-

Response headers

date
Thu, 21 Dec 2023 05:35:23 GMT
x-amz-version-id
vKimUfah49W2UdVbV5Fj1QTbZ1uQABwy
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-request-id
PHB0MDZXYP0H8H71
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
age
17300
x-cache
Hit from cloudfront
Content-Range
bytes 2850816-2936474/2936475
Content-Length
85659
x-amz-id-2
MEcJjxvyU3Td8/iAUTXXakV5zCaIqxFxtCA89xAoa4310Hl9csmNxPbVA1CBqR2vMGcZuWln5ms=
last-modified
Thu, 21 Dec 2023 05:25:18 GMT
server
AmazonS3
etag
"e6024e1dc279104fb677cbe4a941f621"
content-type
video/mp4
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
Q8NEUGT_cY-tPNMxHuXivsKNlN4zbx9NriC74uVaVqzC0IPJH6m5GA==
362358.gif
idsync.rlcdn.com/ Frame 2F81
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYQSLZvLl7V8PbUJjgqsXgAA%265227&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYQSLZvLl7V8PbUJjgqsXgAA%265227&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=3108082c6c2b4cf0b5decfeb937888f0
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8170217125147634428
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=3108082c-6c2b-4cf0-b5de-cfeb937888f0
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=ca61c801-b422-425e-9ee9-9d7f73572182%3A1703154223.9806619&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dca61c801-b422-425e-9ee9-9d7f735...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831682305669&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dca61c801-b422-425e-9e...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=ca61c801-b422-425e-9ee9-9d7f73572182%3A1703154223.9806619&_=1703154223.982471
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdjYTYxYzgwMS1iNDIyLTQyNWUtOWVlOS05ZDdmNzM1NzIxODI6MTcwMzE1NDIyMy45ODA2NjE5EAAaDQiwpJCsBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJ4Ry7sYnYJklu7fv_5x30k&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJ4Ry7sYnYJklu7fv_5x30k&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184635&gdpr=0
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:44 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJ4Ry7sYnYJklu7fv_5x30k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2F81 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184635&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:d9af:10ed:ca45:5b1a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 2F81
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5148106858807832576
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5148106858807832576
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184635&gdpr=0
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Llz5w1HE9iUgGbynueEGUrg1B%2B%2FMu%2B%2F%2BVB2flGaNxnmrjidQNKq9enPu4pbJHu%2FrKhUvqxHf2Qz4HDm81zx93meTykNcQ94X6Tou6A2m7b4OJq8QzDVtXg9WkminZ4rTPMkh1xpVt2Q91g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
838f6944cc2501e7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
an-x-request-uuid
8829a6f6-09a9-421e-bb8d-21db81fca8f4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5148106858807832576
x-proxy-origin
176.10.106.9; 176.10.106.9; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 2F81 		43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184635&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:192:1::173 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:43 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1703154222932094-387
crum
dsum-sec.casalemedia.com/ Frame 2F81
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1492244624634415535&expiration=1704363822
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1492244624634415535&expiration=1704363822
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184635&gdpr=0
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mS8emeND6w8OLrv3yt%2BQYDaI0aVkRSwmWiMFxG8gZCuQC9TVxPZOIb3etEbL5enyJmEBq3o4Dm4mTjFeARpV8MwjZkSbSljSt06kearbOL9%2FYxe21tcyuKvsNAwT58d7JnWvGax6%2FqcdNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
838f6944dc3e01e7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1492244624634415535&expiration=1704363822
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 2F81
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f5ef61ca483ff5d02uyojv00lqf21t8a
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f5ef61ca483ff5d02uyojv00lqf21t8a
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184635&gdpr=0
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ckFMVAr4EypzhRBBg4wU3Iq2YWowEMWGMNNZrW1EzIl4muRQpYVw%2Fj1oDeccV%2FGIBlv38mvsP4fDg7daNAEeHUYi5O%2BDoKmSx1JhLKtr%2FvH94ENBKjnZmTq%2FLOSbW5EgtZBBGmHaBx3eg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
838f6947380b01e7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 21 Dec 2023 10:23:43 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f5ef61ca483ff5d02uyojv00lqf21t8a
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ix
ad4m.at/ad/sim/ Frame 2F81 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184635&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
usermatchredir
ssum-sec.casalemedia.com/ Frame 2F81
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEw0c71oMBdgWz25f7R1cl8&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEw0c71oMBdgWz25f7R1cl8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184635&gdpr=0
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpyfhEJhOUZslZp1UveFn1ozt1DJaW%2BQDayB8n%2BMyFGIwFcaySmZ%2Ft8tvetAnUjBOA3kxOQdmXLpWQqGU1AP95RS8NGt8iT6dFiQlSg1XXYoab3rsVXM5NfxS5ROEHrV2gFkGqw%2BQ9r0vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
838f6944cc2d01e7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEw0c71oMBdgWz25f7R1cl8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 2F81 		43 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?ZYQSLZvLl7V8PbUJjgqsXgAA%265227
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184635&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
142
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
838f69449ba201fc-ZRH
content-length
43
expires
Thu, 21 Dec 2023 14:23:42 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 4D72 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:03:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
55226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Dec 2024 19:03:16 GMT
intl-messageformat.1ffa056616fa00afbfc0.js
cdn.viafoura.net/chunks/defaultVendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/defaultVendors~languages/intl-messageformat.1ffa056616fa00afbfc0.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42716b1e53a7779105575276cedc2e75677bc64e77b0a712bc0d48e2479abd98

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
HO9xTEwUA9XX7mdUyeB5zFlGyaHcZJoU
content-encoding
br
via
1.1 fa7c071d9391a32eff94728584435f34.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
584103
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:07:47 GMT
server
AmazonS3
etag
W/"1c693504509bdbb60c6776720954c7c1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
ZLlMWIacKsr4ARvZWIAuhKexAlmPh4jm6wmhHQWrI9EMh7sW7AZawQ==
intl-messageformat.bba378369051b3ea02d6.js
cdn.viafoura.net/chunks/languages/ 		135 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.bba378369051b3ea02d6.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af979786c73f4c25357e6528bb264f3dffae203ec6ff1adced8b57c3532f6d4b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
UzLWjcfYom6uexWyVPi6r3Nw71PzbVar
via
1.1 fa7c071d9391a32eff94728584435f34.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
584103
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Thu, 14 Dec 2023 16:07:56 GMT
server
AmazonS3
etag
"41f960d448b03a594d459a897779ddf6"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
QhKr8qVbwgDUHssIGIFvUz-EAL_suWFSXTzg6pI5HuQFLXKTpdsISw==
en-us-base-json.22dd055f6ebc67a95f1d.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.22dd055f6ebc67a95f1d.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2d2f5d052658ef5589fe450a8654dbeb88d97511ce36f21f1c3bb3b38fa3c24

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
eMLa6OOnuDbIY213u_T07FIUE3Zk08lX
content-encoding
br
via
1.1 fa7c071d9391a32eff94728584435f34.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
584103
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:01 GMT
server
AmazonS3
etag
W/"dfb5516fd649a383d34843bb4b99126e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
yUQlFIe_OcePVzpfOpmjAnAk2HGuIWkLIeKyBLpUbKO8reKWQpy6MQ==
identity
api.rlcdn.com/api/ Frame DAFA 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ Frame DAFA 		63 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=191231
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
d2ffea20b89ec58766b0a7476601a4f5b97ccf430aa8cd574a1fbb5935ff0416

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 20 Jan 2024 10:23:42 GMT
minimal.mp4
a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/ Frame DAFA 		843 B
873 B 		Media
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/minimal.mp4
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://www.saultstar.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

quic-version
0x00000001
x-amz-version-id
a5770JiD4onMVIXMo5lps_CnGxMPdeDf
date
Thu, 21 Dec 2023 10:23:42 GMT
akamai-cache-status
Hit from child
x-amz-request-id
9Z6X1M2VQ1EDYZJH
akamai-grn
0.9d7d1302.1703154222.422e12ef
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-842/843
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
843
x-amz-id-2
EG6uiMhuTz4iUH4FhnFQMHN+SX6pwi+2ZTWANboIoq0rJ0jP1PSWs3kv7V1PpO8XW9AR/YKgNXU=
last-modified
Mon, 25 Sep 2023 23:37:31 GMT
server
AmazonS3
etag
"fb62001afaa95ed461f35992d7431867"
content-type
video/mp4
cache-control
max-age=43798
accept-ranges
bytes
expires
Thu, 21 Dec 2023 22:33:40 GMT
bridge3.609.1_en.html
imasdk.googleapis.com/js/core/ Frame FB04 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
494949
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245986
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 16:54:33 GMT
expires
Sat, 14 Dec 2024 16:54:33 GMT
last-modified
Fri, 15 Dec 2023 16:47:56 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame DAFA 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 10:23:42 GMT
p22507-ds-desktop.json
a.jsrdn.com/prebid/tags/ Frame DAFA 		15 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/prebid/tags/p22507-ds-desktop.json?aca=1&env.sd=saultstar.com&env.gc=CH
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96e37388fe1c53ec1763fc1b8f03913c101cf1c4d82b8b65ee4d1d834449fdeb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 22 Dec 2023 09:45:31 GMT
x-amz-version-id
ei19j6ms2MT.eW3AJ.BFB.G0gvD_46xz
content-encoding
gzip
date
Thu, 21 Dec 2023 10:23:42 GMT
akamai-cache-status
Hit from child
x-amz-request-id
B2H748QKTG9Z066Y
akamai-grn
0.9d7d1302.1703154222.422e1368
x-amz-server-side-encryption
AES256
akamai-mon-iucid-del
1543115
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1766
x-amz-id-2
xYE034cGStrC/lHeBr7M3E2XWo1vhgLfVZkIoieO49SvNmyP7AzlHX4581LKYnzyLbRdExP0Za0=
last-modified
Thu, 21 Dec 2023 09:42:44 GMT
server
AmazonS3
etag
"253c5ec01387963a0e3964e748196a6b"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-max-age
3600
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
access-control-allow-methods
GET, HEAD
cache-control
max-age=84109
access-control-allow-credentials
true
accept-ranges
bytes
quic-version
0x00000001
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FF37 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2118
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 21 Dec 2023 10:48:24 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0AA6 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 10:23:42 GMT
index.html
s0.2mdn.net/sadbundle/1641032752205660160/ Frame 46B5 		41 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1641032752205660160/index.html?e=69&leftOffset=0&topOffset=0&c=QJieSQ8HT8&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
774eed62c0a7e2e5f262380ba4fdf3adb04d1c01257da0bd71adf68fe006075c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 10:23:42 GMT
expires
Fri, 20 Dec 2024 10:23:42 GMT
last-modified
Fri, 30 Jul 2021 20:55:52 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0AA6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAjXAwT12FP_eGAOmr7zACP2ojvhrrqWwU4B2eO6rBSqvc3Yh3SOQDmXqwksXa-wdhMLajoEUPxu9bNhDAUV41wsMzGimX997PiEdZD3kru-Uuaqsy21dzyiJXam5KxcotcQwiuA1K6raFFEPNPQ5d3gdFkRzd2fTWhi2zEi_Wi_iYxvZTbKil1pfUSisYPPmFIOjerSp33eeDlZZuB2Q2WUp7b_ZSMHn3Ft81fPmVSoWV_XCzH0vpJdR6XLoOmVEaWoKIPwPPhgpU_H2yQVNx4tXSQo88wdMDTQWqI5SiultpniYDL-Na_ylpE2Q1E2-qmDGSE8gQ1UutWnomABt7dRps0UY0oP4Viy1ZzEawtiH5H8r-gKcLqvdlp4Dtmt4XiuggTA0j0F756zk0AiXxbwSPpF0lWHMM3EF9R-YZjFIRuOGapRwRK_5hB5G1FWcfDC3YSNi7_6pg2ta3ptLrmzuuRrCEJ44P04QgHtPfrIUoIy5eUIafj82dt5tmHiPXmsdi1eXyqFrA6gC9dxgqYNI6IMcYkEoLkL9_QaepIuPcerQIZ1OANiidsEdMecJli5yjkweAcrWzrLcfibXBP3JpLEV4u-F--oztryfvujGPqBygacppQhH1l1A44pU0cSFPAWJkj-JSnN40SlLMnr9FYhU0jQKD-fjPOrxRQJpTJznQeRcGCSOe4DDEVD3eI_wiCxucN2e3Q_7cILCJRccfSJiR7Agj6BaUKPhSxCKHPCDuF-TX1qpEtq9E3KllTtQTKbWrd6d5-h42d-v41u2sWW2Cc4qjF9gSdTy_S6jsJydYG1FS90FeSZNLBRlbrnC8ekCgGOxeBCl_tRCBOeBILvwFWGdsnXJcwUpYOLpkhxvH-fePbOtSjqdwPMKtHp3tfm6GMydgUaqv0LdE9lJT9AF_U2FOXI8pHvce5SIx_1oy1bFjLQxkUtBNNyIk0RkQDslMMd3QBB85TW_WK0tcpYzRulYuXvCl2W3K-qFtLjilCynDMsV8eJ_naN5lv2RmniftT8vM3bR0XSvt8qJurOCLlHieFWcEU4NJMHg7J19bwzZyJmV5gWNMQ2etaKf877DFglmk9jd9G7FP_ylJX5BQ6HzUKBkCk_QAQrEnzHInYYk9UWZcWkbrsCXgine-usQQYKSqVtVxzIqFPpl0HYn8UKe9_LXXuFOIKLT6zo017XIihGLaOk467NTuBTTx6WzxD7xeqowwZ31d3Pgi_canZbcIPJ_UIfZU04U_IKZTjGAZXWXp8viVvaOizChsdGJTJE24hEtcPnHuSEAZ4PyfKS-sabb3hUMKAZYk2bGVQW1rf2AqXp0MLeAWtUuGxqyJK2d-2zriEZ9elkV1x7DOujl4tOQy7XoubERRhwp_BhARdMLVdHLvEeZAgD0D1OokhR6fE00enGaPWrtKbV_dNqyYEwMxfCW-dzkTiifT__EhjZOLXy_zX-nGAmClRTmwmnASI807lq0&sai=AMfl-YQlBAn2IkL_y85ngBtwLN_wJSQ1lvCTIMEsEm43m5qWEBbZ_IZJ5-62xNRTuuYHeCF2wAntVwVmiLERwzPtWJgbqlMahzhdb_MSs27ZKX9Y23XF2eRLclhJmxnAsoJ6zV78auR8C6Rr0Q2ttEVsSdhzTrJPxuaYUIzOeQP7F2WolO85dbQgL5P6bcQlZJ2G4dzV1gv8B6bXa27pLCbvsNErfLjDGfJ61Xh0DU9G0NjHHSsIm1HZkJxwlCJfqh9UjhgsFuOb5w-bD-aJjVMQ&sig=Cg0ArKJSzGKhPwfVQGofEAE&uach_m=%5BUACH%5D&pr=13:ZYQSLQAAAABZUPcQLWj19HSgiG0BQMFYx2cj5Q&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=138&cbvp=1&cstd=133&cisv=r20231207.32168&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 21 Dec 2023 10:23:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cdgv_nationalpost_trending_articles_20231221052515_6583c8668193a_new.mp4
d14c63magvk61v.cloudfront.net/videos/22507/cdgv_nationalpost/20231221052515_6583c8668193a/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://d14c63magvk61v.cloudfront.net/videos/22507/cdgv_nationalpost/20231221052515_6583c8668193a/cdgv_nationalpost_trending_articles_20231221052515_6583c8668193a_new.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:6800:0:2f8e:a8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f8f4831b541ee2739728a4ebc98838867cb66671c7fb85ff2e45ca29d7c40eb

Request headers

Referer
https://www.saultstar.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=32768-

Response headers

date
Thu, 21 Dec 2023 05:35:23 GMT
x-amz-version-id
vKimUfah49W2UdVbV5Fj1QTbZ1uQABwy
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-request-id
PHB0MDZXYP0H8H71
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
age
17300
x-cache
Hit from cloudfront
Content-Range
bytes 32768-2936474/2936475
Content-Length
2903707
x-amz-id-2
MEcJjxvyU3Td8/iAUTXXakV5zCaIqxFxtCA89xAoa4310Hl9csmNxPbVA1CBqR2vMGcZuWln5ms=
last-modified
Thu, 21 Dec 2023 05:25:18 GMT
server
AmazonS3
etag
"e6024e1dc279104fb677cbe4a941f621"
content-type
video/mp4
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
vPiYfwhcI-V3l49N5XA29QAlWUSej0MeCrKKPz1eIPAE6aeHmipasA==
main.19.8.466.js
static.adsafeprotected.com/ Frame 9BD2 		213 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.466.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=4811995650&chanId=21733580793&placementId=6404573011&pubCreative=138455016757&pubOrder=3265484082&cb=945831159&custom=story&custom2=1&adsafe_par&impId=0304ef4d-9feb-11ee-8ef6-0ad1c86a73cb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 20:53:12 GMT
x-amz-version-id
xzgJjX2ySahBlQ72zDUgnxljnut_sNmJ
content-encoding
gzip
via
1.1 fac4016d40efb9989ddc8d36322eeefc.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
age
653431
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 13 Dec 2023 19:37:51 GMT
server
AmazonS3
etag
W/"eac384b0904b6f5677cb58a4d4e104c8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
_E18jId-i7kWZrF4L11ZO_u2w4MnPAXyQEgXTDvFyUbq1RuAHeI80A==
main.19.8.466.js
static.adsafeprotected.com/ Frame 2107 		213 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.466.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=1x1&pubId=4946417229&chanId=21733580793&placementId=6123534386&pubCreative=138406246893&pubOrder=3089429980&cb=1596192753&custom=story&custom2=2&adsafe_par&impId=0304ef4e-9feb-11ee-8ef6-0ad1c86a73cb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 20:53:12 GMT
x-amz-version-id
xzgJjX2ySahBlQ72zDUgnxljnut_sNmJ
content-encoding
gzip
via
1.1 fac4016d40efb9989ddc8d36322eeefc.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
age
653431
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 13 Dec 2023 19:37:51 GMT
server
AmazonS3
etag
W/"eac384b0904b6f5677cb58a4d4e104c8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
B8n38mUYJUuqrW5eknyr8Sert5ii1bmW5Gg95cx9K2soVv94xKdsgg==
vf-css.40a2fd7581527feec93c.js
cdn.viafoura.net/chunks/ 		324 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vf-css.40a2fd7581527feec93c.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
afc743ae9a3466a4def62d091d9c2242310eeca63f91c1a7e080acead8bf2bbd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
EJWtje1whMwL_6va_0qpAUnXwBkNQ9KF
content-encoding
br
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
age
584103
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:14 GMT
server
AmazonS3
etag
W/"6bd561dea1a920eb43da9b8ec6f07a78"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
Vt4tM5dxMmTdlZb9bLE9z9V7AjrFGfv6AH8yBTh-EOQSoADHCjbv8w==
LoginRadiusV2.js
auth.lrcontent.com/v2/ 		211 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/LoginRadiusV2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:42 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
3026
x-amz-cf-pop
MXP64-P1
cf-polished
origSize=1336927
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 04 Dec 2023 07:20:21 GMT
server
cloudflare
etag
W/"34dedade3a8f1aa4aa0db4d3bf475de7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
838f69456c1e0e1e-MXP
x-amz-cf-id
itRUbf-mKOowZopnVUD8_fILNo57XL4L1LfIbpx7pn4zy9YHbtpAVw==
expires
Thu, 21 Dec 2023 14:23:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D72 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bv-aULhKEZYvWKdqqjuwPvOC1wAUAAAAAOAHgBAI&bg=!DwylDEPNAAY3kmNgF5I7ADQBe5WfODRs71TTGGIyyfTd2r3llBC_C45hCQqeX2xvfeTy8lGcmcBAG0kj9R9aG3JWSz-CAgAAAHBSAAAAAWgBBwoAF2_RrQwSWIyZKAhPZQsJmA-b9fsMLIVdmQMYG3C6XB6XSsZr3k-efsBETeyP7GdRGlngTDWKuKwqRMyzT7ToyfjTCNzvmRhdywBwv0NLwLUDM5_y3ZiGPCLAO7cEy8IUl8r9EKz9qqXBsmaZtn2PDMGqvHe49uSYJj2fNvA8-3rgGd-dlezV1ca1JrSpAohPw-iApK4l2MwA0kx6x1vX7TP4X-tkVhs6UygNSirPvT_iUSkaAU_j_EigNKZRLgfQDpPIMWh5g1XRaqiD9zPiFOZ0I0zYMA0xidLkP9Q9dfDU423qCSvf6QKkGPG8ebI_pmpKtkrgywNdnG3UbO8B7c4LBf8xi959jvu7dTexLJk3RwaACfC-FG_AV43HEVJcN8KFN18tZRJn-fvOy9nyTWyVP_W-aWKh-UhDmxTU0hW5kU8jjDECCChpjNj1_XnVoGwsO-a7Jefz5kzIAyFjz7hUvMJSrdHBUldCBMkUCSd7sSIoO8GnZWc-nsCpQk80S_C7RLN3YAc7iL-9fMAEmxysb7bpqMrVUOqcQKUzFnDncaJ0PKV7Oben9J8OcHZ2TzBL-bwWvSCwTXNQq2gIcV8ZdT_FB1U0q-6-CjStmVECwo-idLM60-ntgdShDp5X31uMlL8U89KRy-UVUx7iEYdbu6zF1gsfu9wVKPf-7wd4ZZgxPcXmoHGxG2QEsTQ3ZBEcYLexDPbsayGPVgJ6XkhBu2iytYBwGbwlogsUYP3nKN_n5lYXmQXAdwr54z4ynsSATZ1f7cOkj99glZixs7ycHjp8hpSKMozMB912LXZAfJS5izVjkuB8CsmbhQtgpnzW-Zc5fOzWxGgnj1vmOWhwxqWrIEnGbqxhM7mCv47wRz0K5paKIEgHRTvzVbP6k1xkBbyRNaLrcJ-USQaSuksadnc9W4pVTvOj4jR0xmWT2jJbqClNRczg3uHDE4d3k8lO-TLpCuoBDlQPn0usjCitoA5cmlQvtEc-5Ie6qbVm83Ekf6Y1HQwRyRtMrXnRnofbzHyjaDc1D1Yr2tyuvarJEfPZ8ek-rE9rOPOiO3ZT0afLdh97vfGZ_XSniW_VLpYp
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 46B5 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1641032752205660160/index.html?e=69&leftOffset=0&topOffset=0&c=QJieSQ8HT8&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:11::215:14d7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:43 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Thu, 21 Dec 2023 10:38:43 GMT
Enabler_01_246.js
s0.2mdn.net/879366/ Frame 46B5 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1641032752205660160/index.html?e=69&leftOffset=0&topOffset=0&c=QJieSQ8HT8&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1641032752205660160/index.html?e=69&leftOffset=0&topOffset=0&c=QJieSQ8HT8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:47:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41795
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 22:47:08 GMT
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Dec 2023 10:23:43 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=y0un&k=ZQl3YQlhCTk5NglkCWV1LXdlc3QtMWIJaAlpLTAzMmMzMzMxMWNkMmNiZTkxCXUJNWRjNTQ3NzUtNTk4ZS00MmRmLWI5NWYtMjUzZWQ5Yzg5NThlCXYJMjgyNDAzMTctMDRhMi00MjY1LWI5M2MtNGQ4NWU3Y2RhODdiCXN2CWpzcmRuCXZsCTIwMjMxMjIxLjA5NTAJdnQJMjAyMzEyMjEuMDk1MAl2cwkyMDIzMTAwNAl2YwkyMDIzMDEyMDUJc3QJMjAyMzEyMjEuMTAyMzQyCWkJNDVmNzhkNmItNzQyNy00ZWJhLWExZTMtNmZhYmY3NmFmMjE0CWYJaHR0cHM6Ly93d3cuc2F1bHRzdGFyLmNvbS9uZXdzL3RoZXNzYWxvbi1iYW5kLW9mZmljZS1ibG9ja2luZy1lbGVjdGlvbi1hcHBlYWwtcHJvY2Vzcy1vZmZpY2lhbHMtc2F5CXEJMjNhYWFmYzQtMzQ0OC00ZWQzLWEyYjctNGU1Y2U1MTI1MTM2CW0JMjIzNDIJYgkyNjIJZwk0MTAJdAk1NzM3CWMJNTc5MglsCTE0ODQwCXoJMTQwMzYJcwk1NzYwCXAJMjI1MDcJdwluZXdzCWNzCUlBQjEyCWN6CQlnYwlDSAlncglMVQlndAlsdWNlcm5lCWdkCWZhbHNlCWduCUNvcnBvcmF0ZQluZQlpdgluZAlpdglzZAlzYXVsdHN0YXIuY29tCXNlCTYyNDMxOTcwMDkJbWMJMzA4MQluZglpdglxcAk1MAlxdAkyNTAwCXBuCTM5MjkJdm4JMjU4NjY4OQlodgkxCXZwCTEJdmcJcHIJY2kJNmFhZjg5YjEtZmEwOC1iZTgyLWZhNTEtZWNhMWRhZTM4NjhiCWNwCXBkCXZ2CTIwMjMwOTI1XzIzMzc6cGQxX2h0bWw1OjMuNjA5LjEJd3QJNTE4CWFkVGFnCS8vYS5qc3Jkbi5jb20vcHJlYmlkL3RhZ3MvcDIyNTA3LWRzLWRlc2t0b3AuanNvbj9hY2E9MSZlbnYuc2Q9c2F1bHRzdGFyLmNvbSZlbnYuZ2M9Q0g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
svod-module-js.af0a0ec7f140c97a1728.js
cdn.viafoura.net/chunks/vuex_store/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.af0a0ec7f140c97a1728.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a633cd18a8ef38d694ec323dfd22731854e161f2ebee27b2eb9870a7df78980

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
oVcFYRVQ6xZnBh6.ADJboKZ1fI_ywaEX
content-encoding
br
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
age
584103
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:02 GMT
server
AmazonS3
etag
W/"29fcd3e8ac2266d59e9874ce666e077c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
6z6HzpmH3K6Erfrh6o6ocuBjvX1Vg9nobZWNcdYk2i3zgFAzRBAtnw==
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.saultstar.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 21 Dec 2023 10:23:43 GMT
prebidjs
rtb.openx.net/openrtbb/ Frame DAFA 		53 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
131144d7a63b875b0d23632bc31613aaa0afb5078642d52afd62cbe3ccdeae96

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:43 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
pbjs
htlb.casalemedia.com/openrtb/ Frame DAFA 		36 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=448676
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b0a031cd77f75c218ac849defd4547e2f847a61b88be317bf5460869c361d1d

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVVFO0L8y5%2BSZyGO%2B4euM5yLXA43rAA6VsPxNZiFn4YgIWxW4s2AlUHSbxVs%2FgRO6NxfQCGjGavl2WbMa1Rj8jx8%2FelWaZr8k9e2AL8zS54Mnu9mq7Pzr9Qpzsv1m7V25WwhHkZ7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
838f69463e7001e7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame DAFA 		184 B
473 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
3785065ccb1d6b6c3833e92be1772f67518de0360df6f5e9924b85a89e342702

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.5.0
Content-Type
application/json
access-control-allow-origin
https://www.saultstar.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame DAFA 		11 B
207 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://www.saultstar.com
pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
auction
tlx.3lift.com/header/ Frame DAFA 		19 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.15.0&referrer=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&tmax=3000
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.127.90.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-90-98.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
accept-ch
sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.saultstar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid.json
reachms.bfmio.com/ Frame DAFA 		0
244 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://reachms.bfmio.com/bid.json?exchange_id=3e98022f-b10f-4ed4-b657-4b531e2eea72
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.111.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-111-75.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.saultstar.com
date
Thu, 21 Dec 2023 10:23:43 GMT
access-control-expose-headers
location
access-control-allow-credentials
true
server
nginx/1.18.0 (Ubuntu)
vary
Origin
expires
Thu, 01 Jan 1970 00:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame DAFA 		426 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2214bf3af71f6a3be%22%3A%22fc436484eaa0d0cecf8a%7C640x480%7Cgpid%3DvideoIn%2Cc%3Dv%2Cp%3D1%2C%22%7D&ref=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&s=8cdd5eb3-c023-4e4e-a487-5c4a22d9bfa2&pv=566a910b-e35a-4eea-bb1c-256bb856f239&vp=mobile&lib_name=prebid&lib_v=8.15.0&us=3&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22saultstar.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22saultstar.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22distroscale.com%22%2C%22sid%22%3A%226243197009%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f97917fa7f71af70afc082f4631725f58b7e1f1ed162fb4e6c1bafb36dc0f9b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-24
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
277
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
id
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-98f242814303/contentcontainer/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-98f242814303/contentcontainer/id?container_id=a3bf5f43-d88d-44aa-aaba-ea8bfbbcb071
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.25.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-25-219.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-allow-methods
PATCH,POST,PUT,DELETE,GET
access-control-allow-origin
https://www.saultstar.com
access-control-max-age
43200
content-length
0
date
Thu, 21 Dec 2023 10:23:43 GMT
en-us-conversations-json.7aff9ec30b6ea57ee66a.js
cdn.viafoura.net/chunks/languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-conversations-json.7aff9ec30b6ea57ee66a.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26b999061170bdf96251cff7ab6a43b5ba181f932ab665fecf223351041fa56c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
vLCs6EOtkrPAAICB2kqJqgTTSGb.m8QI
content-encoding
br
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
age
584103
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:07:59 GMT
server
AmazonS3
etag
W/"f324508daf28301e1b28ae173430df6c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
yq7UwtDVMLeudnDN13DN9OuahDvm3D28pc3x3h4u3NLoksLZrdqJpg==
en-us-polls-json.2812a77675029447a7ed.js
cdn.viafoura.net/chunks/languages/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-polls-json.2812a77675029447a7ed.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e486df7ba45e08e0e3f628f3762298333b7eab804ec4bd409bac2019dd1c5fac

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:43 GMT
x-amz-version-id
Ubrsxpg7walBQoMjGwBPqZdZbwdtJZg1
content-encoding
br
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
age
584101
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:07:57 GMT
server
AmazonS3
etag
W/"16a99085cd414699a85efd37a7a687b8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
TR3TNy48ByzQLroTdHRacRlIKTBndxIHZ56zs3B5nlq6EVBv-tfKuA==
content-module-js.7798c6bdeac24852e662.js
cdn.viafoura.net/chunks/vuex_store/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/content-module-js.7798c6bdeac24852e662.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b4a45b9fcfe0184fe34be438e0e8fbf7405b77533ec8651a7fad8a68b69ea11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
gf6QWt9dHny6gaASjdaDF6ey34kFX9wh
content-encoding
br
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
age
584104
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:01 GMT
server
AmazonS3
etag
W/"9b3eb1c661ab4f7814202cb3a3b5d4f2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
tjcoc4tIS3QFSFF21NFje2MaiJ1H39nXqNn5iS1Zk6pNwm6mniONLQ==
content_container-module-js.fa3b9bff61e36ba589fc.js
cdn.viafoura.net/chunks/vuex_store/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/content_container-module-js.fa3b9bff61e36ba589fc.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf9563db7498f5d8616e581d56c1c9eb63f3afe652bfdada5677e6cd65d165f8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
78TOZLwxYLGOPTBefUlsYOz0esf7OkNc
content-encoding
br
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
age
584104
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:01 GMT
server
AmazonS3
etag
W/"2839974c29f026fd2b99b90ced12ff72"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
vZa46uQ-k21oupZPHXlQuYQIvlykBCsWsw4_r8juSX-JGALZ45q1fQ==
livecomments-module-js.ed6e4cb586437a3c35bc.js
cdn.viafoura.net/chunks/default~vuex_store/liveblog-module-js~vuex_store/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/default~vuex_store/liveblog-module-js~vuex_store/livecomments-module-js.ed6e4cb586437a3c35bc.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
638cb5eb34ef72ab24ce3bf36f86c40620bb9e2dd838df4866521a18503097a4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
YeNcvrx34f0RSy3isxlNflXmvF10r5Tp
content-encoding
br
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
age
584104
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:01 GMT
server
AmazonS3
etag
W/"3f56cd6d0647ced4b7cf83779ff615a1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
kNEOF-EZj5CZi8c4sqxVjFFL7nO-YLd1eyYAv_AhT0Sc_cctMvIuLw==
livecomments-module-js.f7f2f676ab51247ee410.js
cdn.viafoura.net/chunks/vuex_store/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/livecomments-module-js.f7f2f676ab51247ee410.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4942e6ba858aacd9cf2f14ebf4a12c8b3360d15443c69c563490933f57ca7749

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
r0gIFZ0BcHnQ09PrsHD3JmotUcmDvvZ_
content-encoding
br
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
age
584104
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:02 GMT
server
AmazonS3
etag
W/"e21fc1790e668fd3ac73d3c6ac66df5e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
ePz2GIKA_ajCObnbV6LOtebmORIjIJZ3vRtRWl5d9LtAjRY4HaCbKQ==
0.ac4f2e47c1a4be7479c4.css
cdn.viafoura.net/ 		87 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/0.ac4f2e47c1a4be7479c4.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
539af1417d45cd20b630bad77d4e5804fbd01265998540ed0ec43fe52eac4318

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
gpN42TAv.srWYOfy4k17nS3jUoqv4Pkh
content-encoding
br
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
age
584104
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:24 GMT
server
AmazonS3
etag
W/"2d7a91f49598bb45e2cc402b1bdfaaf1"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
rLWWoUPepUBEnrt_fSPIVC9fhm-48AWq0iZ4mS6GdeIRzeKnap9S5w==
da.b79be6c6b662312af897.js
cdn.viafoura.net/chunks/ 		141 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/da.b79be6c6b662312af897.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aac34d8c2d9f201d0ecead6f52fc8a121dbff6efefa42591d746de3f90142d1e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
o2kzYhUbvD89uzbd41oVZy6w9H6EYrVB
content-encoding
br
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
age
584104
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:09 GMT
server
AmazonS3
etag
W/"1b089566c49db5106974702e56d402b4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
yqy4gHBgik3oeKYskdD6QerzwjNu8VJWCBofB0xX5r03M6JtxLSRGQ==
172.8c0ba99141c5e7e7c1ee.css
cdn.viafoura.net/ 		1 KB
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/172.8c0ba99141c5e7e7c1ee.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e552b7ac693a2a9735c6ad91ffe028b30bc282b7bf36d1c17fdd0eae3771a00a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
dW_K0Tn_u_5cisGQQdnDiMxMK65sG2_5
content-encoding
br
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
age
584104
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:25 GMT
server
AmazonS3
etag
W/"f24717e9e9c40eafa5b7d052e30ab7ec"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
eEqF7trTCRLIxkS_ihhl9bdMy9oWBm0p5EE9aYdVGmE2pCQ0-nyIWg==
tray-trigger.8fe40899aa87d9e30e46.js
cdn.viafoura.net/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/tray-trigger.8fe40899aa87d9e30e46.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f18ad02fab1aef3c3b4132bf5341d739be3b1b425cc9fd3d64d5bab2f52c6287

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
SMPZd0wo4N7m8S9FUKKHWaAlTWt1c.Jo
content-encoding
br
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
age
584104
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:19 GMT
server
AmazonS3
etag
W/"e65216249d99ed90d7a1a497a726617f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
L_FJ86mPlt5GBnmpoNRXDPRxIFdxxBptmRLeaUufEIbH-JL5cN0lew==
en-us-trending_articles-json.4144c36ba3aff198b791.js
cdn.viafoura.net/chunks/languages/ 		1 KB
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-trending_articles-json.4144c36ba3aff198b791.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
934181308271f5b7ce0168538d1a901088657e1b406afa8c56fb9b99d39b931e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:43 GMT
x-amz-version-id
vc1IS6.2DmcX1rZomgXGTTVaMVR5SNGq
content-encoding
br
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
age
584101
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:07:48 GMT
server
AmazonS3
etag
W/"50c3be85e339866f7ea6ed08ae895327"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
7FtoRdnf2qp-R2fCYazkTYaXFiFRO2u7SELtEiijfC5yd-wn5LsQwg==
id
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-98f242814303/contentcontainer/ 		763 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-98f242814303/contentcontainer/id?container_id=a3bf5f43-d88d-44aa-aaba-ea8bfbbcb071
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.71.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-71-155.compute-1.amazonaws.com
Software
/
Resource Hash
659372fb0cc364e7bef6063bbfadc56f69af001b8e8a36c7ca9f703505d71064

Request headers

Accept
application/json
Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

access-control-allow-origin
https://www.saultstar.com
date
Thu, 21 Dec 2023 10:23:43 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
317
content-type
application/json
roboto-700.woff2
cdn.viafoura.net/front/assets/fonts/roboto/ 		0
0
roboto-regular.woff2
cdn.viafoura.net/front/assets/fonts/roboto/ 		0
0
roboto-italic.woff2
cdn.viafoura.net/front/assets/fonts/roboto/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-italic.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d81cea0747b72749235dbf26147ef5f8391f9b5c30497b6fb2d1881486512d4d

Request headers

Referer
https://www.saultstar.com/
Origin
https://www.saultstar.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:42 GMT
x-amz-version-id
oE21zu9nTimXaXHd6KwdfQA2sxj8Z.aB
via
1.1 1b7d5366c33b2955ce3e4c9398a0f058.cloudfront.net (CloudFront)
age
584102
x-amz-cf-pop
AMS58-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
54136
last-modified
Thu, 01 Sep 2022 19:35:44 GMT
server
AmazonS3
etag
"d6014e8c7bc6e309f52ef06bd16549f4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
IYuUSXQfEqwVbriHDz6wK2ug45-ENPDBJUcw-ijU2KT1rHOMNnQ-bA==
ingest
i.viafoura.co/v3/www.saultstar.com/ 		67 B
393 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/www.saultstar.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.71.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-71-155.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.saultstar.com
date
Thu, 21 Dec 2023 10:23:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=xcgk&k=ZQl3d2EJYQkxMDUzCWQJZXUtd2VzdC0xYgloCWktMDMyYzMzMzExY2QyY2JlOTEJdQk1ZGM1NDc3NS01OThlLTQyZGYtYjk1Zi0yNTNlZDljODk1OGUJdgkyODI0MDMxNy0wNGEyLTQyNjUtYjkzYy00ZDg1ZTdjZGE4N2IJc3YJanNyZG4JdmwJMjAyMzEyMjEuMDk1MAl2dAkyMDIzMTIyMS4wOTUwCXZzCTIwMjMxMDA0CXZjCTIwMjMwMTIwNQlzdAkyMDIzMTIyMS4xMDIzNDIJaQk0NWY3OGQ2Yi03NDI3LTRlYmEtYTFlMy02ZmFiZjc2YWYyMTQJZglodHRwczovL3d3dy5zYXVsdHN0YXIuY29tL25ld3MvdGhlc3NhbG9uLWJhbmQtb2ZmaWNlLWJsb2NraW5nLWVsZWN0aW9uLWFwcGVhbC1wcm9jZXNzLW9mZmljaWFscy1zYXkJcQkyM2FhYWZjNC0zNDQ4LTRlZDMtYTJiNy00ZTVjZTUxMjUxMzYJbQkyMjM0MgliCTI2MglnCTQxMAl0CTU3MzcJYwk1NzkyCWwJMTQ4NDAJegkxNDAzNglzCTU3NjAJcAkyMjUwNwl3CW5ld3MJY3MJSUFCMTIJY3oJCWdjCUNICWdyCUxVCWd0CWx1Y2VybmUJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCXNhdWx0c3Rhci5jb20Jc2UJNjI0MzE5NzAwOQltYwkzMDgxCW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JMzkyOQl2bgkyNTg2Njg5CWh2CTEJdnAJMQl2ZwlwcgljaQk2YWFmODliMS1mYTA4LWJlODItZmE1MS1lY2ExZGFlMzg2OGIJY3AJcGQJdnYJMjAyMzA5MjVfMjMzNzpwZDFfaHRtbDU6My42MDkuMQl3dAk1MTgJd3dhCWJpZGRlcjpvcGVueHxpeHxydWJpY29ufHVucnVseXx0cmlwbGVsaWZ0fGJlYWNoZnJvbnR8c29ub2JpCWFkVGFnCS8vYS5qc3Jkbi5jb20vcHJlYmlkL3RhZ3MvcDIyNTA3LWRzLWRlc2t0b3AuanNvbj9hY2E9MSZlbnYuc2Q9c2F1bHRzdGFyLmNvbSZlbnYuZ2M9Q0g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
appInfo
config.lrcontent.com/ciam/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca8e011c30e88f7508e3aa362170192447703c3054a19d3df50335a6d9576640

Request headers

Referer
https://www.saultstar.com/
X-Requested-With
XMLHttpRequest
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:43 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
cache-control
max-age=86400
cf-ray
838f69475e4d5246-MXP
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.saultstar.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
838f6946fdc75246-MXP
date
Thu, 21 Dec 2023 10:23:43 GMT
server
cloudflare
vary
Origin
all
notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-98f242814303/ 		36 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-98f242814303/all
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.71.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-71-155.compute-1.amazonaws.com
Software
/
Resource Hash
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://www.saultstar.com
date
Thu, 21 Dec 2023 10:23:43 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
59
content-type
application/json; charset=utf-8
sca.17.6.2.js
static.adsafeprotected.com/ Frame 326C 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 fac4016d40efb9989ddc8d36322eeefc.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
age
7899273
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
bUffhAx6LdYIVY39ykQppsmL0muzBwpHU8BzBugNo15lnWQcujwZDA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=728x90&pubId=4811995650&chanId=21733580793&placementId=6404573011&pubCreative=138455016757&pubOrder=3265484082&cb=945831159&custom=story&custom2=1&adsafe_par&impId=0304ef4d-9feb-11ee-8ef6-0ad1c86a73cb&adsafe_url=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.saultstar.com%2F&adsafe_type=f&adsafe_jsinfo=,id:5917d734-fd5f-6279-1949-0b50c51fa166,c:xqGbLs,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-7949887ccd-vfrdc,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:267,mot:0,app:0,maw:0,fm:tZ4hy9M+11%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C1216%7C1217%7C13%7C14%7C15%7C16%7C17*.928934%7C171%7C181%7C182%7C183%7C184%7C185%7C191%7C1921%7C1922,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:284,oid:03efc4d7-9feb-11ee-b5c5-16afaae0bcb0,v:19.8.466,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.133.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-133-115.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
server
nginx
x-server-name
app42.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame C8BD 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 fac4016d40efb9989ddc8d36322eeefc.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
age
7899273
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
ZZaVTqRASAwRoL0eOtXbtbKVFhIvZsp1BfC8S7PtSi0YX-RBAi2qYA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=1x1&pubId=4946417229&chanId=21733580793&placementId=6123534386&pubCreative=138406246893&pubOrder=3089429980&cb=1596192753&custom=story&custom2=2&adsafe_par&impId=0304ef4e-9feb-11ee-8ef6-0ad1c86a73cb&adsafe_url=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.saultstar.com%2F&adsafe_type=f&adsafe_jsinfo=,id:5b88092c-e2cb-5f22-f366-1c296e611e28,c:xqGbLG,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-7949887ccd-h6wdq,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:436.1231.728.90,am:i,cc:436.1231.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:283,mot:0,app:0,maw:0,fm:tZ4hy9W+11%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C1216%7C1217%7C13%7C14%7C15%7C16%7C171%7C172%7C18*.928934%7C181%7C182%7C183%7C184%7C185%7C191%7C1921%7C1922,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:288,oid:03efc4ab-9feb-11ee-b8d9-9a91464c6294,v:19.8.466,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.133.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-133-115.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
server
nginx
x-server-name
app44.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
roboto-regular.woff
cdn.viafoura.net/front/assets/fonts/roboto/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-regular.woff
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55110586d3719c3e8bdaa21f06e4cc1c0a7451abbae662344cbd4411536b585f

Request headers

Referer
https://www.saultstar.com/
Origin
https://www.saultstar.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:41 GMT
x-amz-version-id
jywHqFIVR4hqkmfIemEHzj37T8ExCO7j
via
1.1 1b7d5366c33b2955ce3e4c9398a0f058.cloudfront.net (CloudFront)
age
584103
x-amz-cf-pop
AMS58-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
65244
last-modified
Thu, 01 Sep 2022 19:35:45 GMT
server
AmazonS3
etag
"73f26bf98a715ecab4d2287ff3a02ad0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
v_AM7myDGptIMUsEX0Xrmyf1XVOLI5eAg0wUMt0zSyrfIndTR1IeSw==
roboto-700.woff
cdn.viafoura.net/front/assets/fonts/roboto/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-700.woff
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61e16263ed1227e721bffd26891b13a4d07c5140249fa78f297b51845ee169db

Request headers

Referer
https://www.saultstar.com/
Origin
https://www.saultstar.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:41 GMT
x-amz-version-id
Q7d1CtlkSAmpCtjLkHpLoUYnzjjN1wK9
via
1.1 1b7d5366c33b2955ce3e4c9398a0f058.cloudfront.net (CloudFront)
age
584103
x-amz-cf-pop
AMS58-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
65292
last-modified
Thu, 01 Sep 2022 19:35:44 GMT
server
AmazonS3
etag
"8b2b2aae46819bb8c37c438760dbb4f6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
91R_vdJbEM4duBVQ_pXNKA2xNdGYJELd9at3tlNpNFPO0b3PrTfxBg==
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5917d734-fd5f-6279-1949-0b50c51fa166&tv=%7Bc:xqGbM0,pingTime:0,time:318,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:284%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:318,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:283,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~100%5D,as:%5B50~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tZ4hy9M+11%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C1216%7C1217%7C13%7C14%7C15%7C16%7C17*.928934%7C171%7C181%7C182%7C183%7C184%7C185%7C191%7C1921%7C1922,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,siq:284%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
server
nginx
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5917d734-fd5f-6279-1949-0b50c51fa166&tv=%7Bc:xqGbMi,pingTime:-2,time:336,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:475,beZ:476,mfA:742,cmA:742,inA:742,inZ:745,prA:745,prZ:755,si:759,poA:759,poZ:767,cmZ:767,mfZ:767,loA:795,loZ:797,ltA:810,ltZ:810,mdA:476,mdZ:703%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:284%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:336,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:283,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B67~100%5D,as:%5B67~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tZ4hy9M+11%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C1216%7C1217%7C13%7C14%7C15%7C16%7C17*.928934%7C171%7C18.928934%7C181%7C182%7C183%7C184%7C185%7C191%7C1921%7C1922,idMap:17*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:284,slid:%5Bgoogle_ads_iframe_/3081/SMCO_ENCO_ON_SaultStar_EN_WEB/news/story_0,google_ads_iframe_/3081/SMCO_ENCO_ON_SaultStar_EN_WEB/news/story_0__container__,ad-1,ad__inner-1,main-content%5D,sinceFw:52,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5b88092c-e2cb-5f22-f366-1c296e611e28&tv=%7Bc:xqGbMj,pingTime:-2,time:327,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:470,beZ:471,mfA:754,cmA:754,inA:754,inZ:755,prA:755,prZ:757,si:759,poA:759,poZ:763,cmZ:763,mfZ:763,loA:787,loZ:788,ltA:798,ltZ:798,mdA:471,mdZ:661%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:288%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:327,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:288,wc:0.0.1600.1200,ac:436.1231.728.90,am:i,cc:436.1231.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tZ4hy9M+11%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C1216%7C1217%7C13%7C14%7C15%7C16%7C17.928934%7C171%7C172%7C18*.928934%7C181%7C182%7C183%7C184%7C185%7C191%7C1921%7C1922,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:288,slid:%5Bgoogle_ads_iframe_/3081/SMCO_ENCO_ON_SaultStar_EN_WEB/news/story_1,google_ads_iframe_/3081/SMCO_ENCO_ON_SaultStar_EN_WEB/news/story_1__container__,ad-2,ad__inner-2,main-content%5D,sinceFw:39,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
syncframe
gum.criteo.com/ Frame 9E43 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.saultstar.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 10:23:42 GMT
server
Kestrel
server-processing-duration-in-ticks
287891
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Dec 2023 10:23:43 GMT
kugel.png
s0.2mdn.net/sadbundle/1641032752205660160/images/ Frame 46B5 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1641032752205660160/images/kugel.png?1627300914395
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bebc691e1da8b3f1666256854df12d7297ab623ad436a3fe0b13cc03440847d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1641032752205660160/index.html?e=69&leftOffset=0&topOffset=0&c=QJieSQ8HT8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 20 Dec 2024 07:18:09 GMT
date
Thu, 21 Dec 2023 07:18:09 GMT
x-content-type-options
nosniff
age
11134
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9417
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 20:55:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
view
googleads4.g.doubleclick.net/pcs/ Frame 0AA6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAjXAwT12FP_eGAOmr7zACP2ojvhrrqWwU4B2eO6rBSqvc3Yh3SOQDmXqwksXa-wdhMLajoEUPxu9bNhDAUV41wsMzGimX997PiEdZD3kru-Uuaqsy21dzyiJXam5KxcotcQwiuA1K6raFFEPNPQ5d3gdFkRzd2fTWhi2zEi_Wi_iYxvZTbKil1pfUSisYPPmFIOjerSp33eeDlZZuB2Q2WUp7b_ZSMHn3Ft81fPmVSoWV_XCzH0vpJdR6XLoOmVEaWoKIPwPPhgpU_H2yQVNx4tXSQo88wdMDTQWqI5SiultpniYDL-Na_ylpE2Q1E2-qmDGSE8gQ1UutWnomABt7dRps0UY0oP4Viy1ZzEawtiH5H8r-gKcLqvdlp4Dtmt4XiuggTA0j0F756zk0AiXxbwSPpF0lWHMM3EF9R-YZjFIRuOGapRwRK_5hB5G1FWcfDC3YSNi7_6pg2ta3ptLrmzuuRrCEJ44P04QgHtPfrIUoIy5eUIafj82dt5tmHiPXmsdi1eXyqFrA6gC9dxgqYNI6IMcYkEoLkL9_QaepIuPcerQIZ1OANiidsEdMecJli5yjkweAcrWzrLcfibXBP3JpLEV4u-F--oztryfvujGPqBygacppQhH1l1A44pU0cSFPAWJkj-JSnN40SlLMnr9FYhU0jQKD-fjPOrxRQJpTJznQeRcGCSOe4DDEVD3eI_wiCxucN2e3Q_7cILCJRccfSJiR7Agj6BaUKPhSxCKHPCDuF-TX1qpEtq9E3KllTtQTKbWrd6d5-h42d-v41u2sWW2Cc4qjF9gSdTy_S6jsJydYG1FS90FeSZNLBRlbrnC8ekCgGOxeBCl_tRCBOeBILvwFWGdsnXJcwUpYOLpkhxvH-fePbOtSjqdwPMKtHp3tfm6GMydgUaqv0LdE9lJT9AF_U2FOXI8pHvce5SIx_1oy1bFjLQxkUtBNNyIk0RkQDslMMd3QBB85TW_WK0tcpYzRulYuXvCl2W3K-qFtLjilCynDMsV8eJ_naN5lv2RmniftT8vM3bR0XSvt8qJurOCLlHieFWcEU4NJMHg7J19bwzZyJmV5gWNMQ2etaKf877DFglmk9jd9G7FP_ylJX5BQ6HzUKBkCk_QAQrEnzHInYYk9UWZcWkbrsCXgine-usQQYKSqVtVxzIqFPpl0HYn8UKe9_LXXuFOIKLT6zo017XIihGLaOk467NTuBTTx6WzxD7xeqowwZ31d3Pgi_canZbcIPJ_UIfZU04U_IKZTjGAZXWXp8viVvaOizChsdGJTJE24hEtcPnHuSEAZ4PyfKS-sabb3hUMKAZYk2bGVQW1rf2AqXp0MLeAWtUuGxqyJK2d-2zriEZ9elkV1x7DOujl4tOQy7XoubERRhwp_BhARdMLVdHLvEeZAgD0D1OokhR6fE00enGaPWrtKbV_dNqyYEwMxfCW-dzkTiifT__EhjZOLXy_zX-nGAmClRTmwmnASI807lq0&sai=AMfl-YQlBAn2IkL_y85ngBtwLN_wJSQ1lvCTIMEsEm43m5qWEBbZ_IZJ5-62xNRTuuYHeCF2wAntVwVmiLERwzPtWJgbqlMahzhdb_MSs27ZKX9Y23XF2eRLclhJmxnAsoJ6zV78auR8C6Rr0Q2ttEVsSdhzTrJPxuaYUIzOeQP7F2WolO85dbQgL5P6bcQlZJ2G4dzV1gv8B6bXa27pLCbvsNErfLjDGfJ61Xh0DU9G0NjHHSsIm1HZkJxwlCJfqh9UjhgsFuOb5w-bD-aJjVMQ&sig=Cg0ArKJSzGKhPwfVQGofEAE&uach_m=%5BUACH%5D&pr=13:ZYQSLQAAAABZUPcQLWj19HSgiG0BQMFYx2cj5Q&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=504&vt=11&dtpt=366&dett=3&cstd=133&cisv=r20231207.32168&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
muenzberg.jpg
s0.2mdn.net/sadbundle/1641032752205660160/images/ Frame 46B5 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1641032752205660160/images/muenzberg.jpg?1627300914395
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81ca8de6889663c7eb7f708f31a60b6e2902189eb7b6babac00d356b55f24be3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1641032752205660160/index.html?e=69&leftOffset=0&topOffset=0&c=QJieSQ8HT8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 20 Dec 2024 07:18:09 GMT
date
Thu, 21 Dec 2023 07:18:09 GMT
x-content-type-options
nosniff
age
11134
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48007
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 20:55:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.saultstar.com/
X-Requested-With
XMLHttpRequest
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 10:23:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://www.saultstar.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.saultstar.com
Connection
keep-alive
Date
Thu, 21 Dec 2023 10:23:43 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5b88092c-e2cb-5f22-f366-1c296e611e28&tv=%7Bc:xqGbNj,time:389,type:e,im:%7Bpci:%7Btdr:64%7D%7D,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:389,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:288,wc:0.0.1600.1200,ac:436.1231.728.90,am:i,cc:436.1231.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B105~0%5D,as:%5B105~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tZ4hy9M+11%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C1216%7C1217%7C13%7C14%7C15%7C16%7C17.928934%7C171%7C172%7C18*.928934%7C181%7C182%7C183%7C184%7C185%7C191%7C1921%7C1922,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:288%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5917d734-fd5f-6279-1949-0b50c51fa166&tv=%7Bc:xqGbNj,time:399,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:399,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:283,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B130~100%5D,as:%5B130~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tZ4hy9M+11%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C1216%7C1217%7C13%7C14%7C15%7C16%7C17*.928934%7C171%7C18.928934%7C181%7C182%7C183%7C184%7C185%7C191%7C1921%7C1922,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,siq:284%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
server
nginx
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/getconfig/ Frame 46B5 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
892f3faf807b13d5f33cd670397faadc6d579b10b5397a13873319919464fca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5778
x-xss-protection
0
vorhang.jpg
s0.2mdn.net/sadbundle/1641032752205660160/images/ Frame 46B5 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1641032752205660160/images/vorhang.jpg?1627300914395
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df1a7e1d5aa9cdec0fb2502ba9fb2df51b420be8f48e6a22fec8b8131811b9ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1641032752205660160/index.html?e=69&leftOffset=0&topOffset=0&c=QJieSQ8HT8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 20 Dec 2024 07:18:09 GMT
date
Thu, 21 Dec 2023 07:18:09 GMT
x-content-type-options
nosniff
age
11134
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17907
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 20:55:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
sid
mug.criteo.com/ Frame 9E43
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=saultstar.com&sn=ChromeSyncframe&so=0&topUrl=www.saultstar.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=0jchiHxjKzUzK1ZJT3hhVThoa3pEdGJ4NUhmcUl1WUd4VENGbjhGdkZqVFBqQjc2SmdvVzdsSzNMaXFXZERpa0RkV2J4OWpRRDdoZUdCeVR5Nmd1c3Q2ZW9wdmJRWVBWek5FWmNRTHkxVUw5alpwZURYcHJTOUlsK09ueH...
420 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=0jchiHxjKzUzK1ZJT3hhVThoa3pEdGJ4NUhmcUl1WUd4VENGbjhGdkZqVFBqQjc2SmdvVzdsSzNMaXFXZERpa0RkV2J4OWpRRDdoZUdCeVR5Nmd1c3Q2ZW9wdmJRWVBWek5FWmNRTHkxVUw5alpwZURYcHJTOUlsK09ueHYzRXRxR1EwM1ZPWlJSaFNLZzhEYllyUWlSVnhoSzJRdlJRL1UyN09UU0VPbTBkSW9RUmF5eDVCNzN1dGVzV2dnRU42NXJONXptWlZVdm1FTzlwMWo4bW5mRkVtWFRFc0w4cVM3YjdyaTZ2UUdzRmVvdDZzOXdXdTMzS2w3K0o3MHc3YmlxTWFXU2FOQWdxVld0Wm9ETmJwTzJLTVl1RDJtOWxkWWtrVExLQy8xejdHQk1adz18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9eb0bdb9f0b16d16240dac041eba34b58c66d651528c68f8ca4db7a7ab8f87eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2324147
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=0jchiHxjKzUzK1ZJT3hhVThoa3pEdGJ4NUhmcUl1WUd4VENGbjhGdkZqVFBqQjc2SmdvVzdsSzNMaXFXZERpa0RkV2J4OWpRRDdoZUdCeVR5Nmd1c3Q2ZW9wdmJRWVBWek5FWmNRTHkxVUw5alpwZURYcHJTOUlsK09ueHYzRXRxR1EwM1ZPWlJSaFNLZzhEYllyUWlSVnhoSzJRdlJRL1UyN09UU0VPbTBkSW9RUmF5eDVCNzN1dGVzV2dnRU42NXJONXptWlZVdm1FTzlwMWo4bW5mRkVtWFRFc0w4cVM3YjdyaTZ2UUdzRmVvdDZzOXdXdTMzS2w3K0o3MHc3YmlxTWFXU2FOQWdxVld0Wm9ETmJwTzJLTVl1RDJtOWxkWWtrVExLQy8xejdHQk1adz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
299604
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 46B5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Dec 2023 10:23:43 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 3D03 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:03:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
55227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Dec 2024 19:03:16 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5917d734-fd5f-6279-1949-0b50c51fa166&tv=%7Bc:xqGbR6,pingTime:-10,time:634,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703154223544%7C%7Cbe054cd100bbfb7bc4a16596cc165b7a%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7C927e932018b7357e5aabbcd442931e9a%7C%7C626e85af5824d8a37bee81ff34cd3680%7C%7Cdf80c65233c38ae6a6ec2e7fa090b15d%7C%7Ca42f74245ae2f362ab4c93f7930571b0%7C%7Ce9d6668ffaa67cb5d8b322e7f09b8b0b%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame A87B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIo_GFblEHVDa_VIBMYrrFZnDtyI2mfF_v3seDqN6yhGUJu117rQVL75DsjjZnc890ezOEuueGf_kn1LHeyO1Gge6uG1n01RvMiPiitK4Jc0oY1d78YgFw-8R_bRjsrdx_Zel68UyVtFOH5nV3hqQtAfUq&sig=Cg0ArKJSzPYmgH9BTWOSEAE&id=lidar2&mcvt=1000&p=157,436,247,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2023189716&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703154222430&rpt=166&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=kgsn&k=ZQl3d2gJYQkxOTEwCWQJZXUtd2VzdC0xYgloCWktMDMyYzMzMzExY2QyY2JlOTEJdQk1ZGM1NDc3NS01OThlLTQyZGYtYjk1Zi0yNTNlZDljODk1OGUJdgkyODI0MDMxNy0wNGEyLTQyNjUtYjkzYy00ZDg1ZTdjZGE4N2IJc3YJanNyZG4JdmwJMjAyMzEyMjEuMDk1MAl2dAkyMDIzMTIyMS4wOTUwCXZzCTIwMjMxMDA0CXZjCTIwMjMwMTIwNQlzdAkyMDIzMTIyMS4xMDIzNDIJaQk0NWY3OGQ2Yi03NDI3LTRlYmEtYTFlMy02ZmFiZjc2YWYyMTQJZglodHRwczovL3d3dy5zYXVsdHN0YXIuY29tL25ld3MvdGhlc3NhbG9uLWJhbmQtb2ZmaWNlLWJsb2NraW5nLWVsZWN0aW9uLWFwcGVhbC1wcm9jZXNzLW9mZmljaWFscy1zYXkJcQkyM2FhYWZjNC0zNDQ4LTRlZDMtYTJiNy00ZTVjZTUxMjUxMzYJbQkyMjM0MgliCTI2MglnCTQxMAl0CTU3MzcJYwk1NzkyCWwJMTQ4NDAJegkxNDAzNglzCTU3NjAJcAkyMjUwNwl3CW5ld3MJY3MJSUFCMTIJY3oJCWdjCUNICWdyCUxVCWd0CWx1Y2VybmUJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCXNhdWx0c3Rhci5jb20Jc2UJNjI0MzE5NzAwOQltYwkzMDgxCW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JMzkyOQl2bgkyNTg2Njg5CWh2CTEJdnAJMQl2ZwlwcgljaQk2YWFmODliMS1mYTA4LWJlODItZmE1MS1lY2ExZGFlMzg2OGIJY3AJcGQJdnYJMjAyMzA5MjVfMjMzNzpwZDFfaHRtbDU6My42MDkuMQl3dAk1MTgJd3doCWJpZGRlcjpub25lLGNwbTowCWFkVGFnCS8vYS5qc3Jkbi5jb20vcHJlYmlkL3RhZ3MvcDIyNTA3LWRzLWRlc2t0b3AuanNvbj9hY2E9MSZlbnYuc2Q9c2F1bHRzdGFyLmNvbSZlbnYuZ2M9Q0g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
pblib.min.js
a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/ Frame 93C8 		368 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8ed5a17cc40a3e61b27ffc7085528079e8c2591633b0433ca7ae3fdee18cc30

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 22 Dec 2023 06:08:11 GMT
x-amz-version-id
N2rhRmpluJJr8dne7Zwm5odAsuj70Rdj
content-encoding
gzip
date
Thu, 21 Dec 2023 10:23:43 GMT
akamai-cache-status
Hit from child
x-amz-request-id
9Z6Y386EV47N1F92
akamai-grn
0.9d7d1302.1703154223.422e1977
x-amz-server-side-encryption
AES256
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
117939
x-amz-id-2
s0Fmu4m5lGW3x977DjdsW369AYVd8g02hsxPWB207eg2l6oP3EHgnJNRyk8GeqxpN2HBBiHIPt8=
last-modified
Mon, 25 Sep 2023 23:37:33 GMT
server
AmazonS3
etag
"91adb5acce8739f457d0f760e6a9193c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=71068
accept-ranges
bytes
quic-version
0x00000001
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 93C8 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Thu, 21 Dec 2023 10:23:43 GMT
191231-96143263832481.js
js-sec.indexww.com/ht/p/ Frame 93C8 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37f9b8c4f451c35a6bfa6f0053259ee5b69287dc9fc8b2fe366b7d25d312f1d9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 10:15:36 GMT
server
cloudflare
age
406
etag
W/"905900-7e27-60d026177336b"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
838f694be82e01fc-ZRH
expires
Thu, 21 Dec 2023 14:23:43 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=ul2q&k=ZQl3ZQlhCTE5MTgJZAlldS13ZXN0LTFiCWgJaS0wMzJjMzMzMTFjZDJjYmU5MQl1CTVkYzU0Nzc1LTU5OGUtNDJkZi1iOTVmLTI1M2VkOWM4OTU4ZQl2CTI4MjQwMzE3LTA0YTItNDI2NS1iOTNjLTRkODVlN2NkYTg3Yglzdglqc3Jkbgl2bAkyMDIzMTIyMS4wOTUwCXZ0CTIwMjMxMjIxLjA5NTAJdnMJMjAyMzEwMDQJdmMJMjAyMzAxMjA1CXN0CTIwMjMxMjIxLjEwMjM0MglpCTQ1Zjc4ZDZiLTc0MjctNGViYS1hMWUzLTZmYWJmNzZhZjIxNAlmCWh0dHBzOi8vd3d3LnNhdWx0c3Rhci5jb20vbmV3cy90aGVzc2Fsb24tYmFuZC1vZmZpY2UtYmxvY2tpbmctZWxlY3Rpb24tYXBwZWFsLXByb2Nlc3Mtb2ZmaWNpYWxzLXNheQlxCTIzYWFhZmM0LTM0NDgtNGVkMy1hMmI3LTRlNWNlNTEyNTEzNgltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNTczNwljCTU3OTIJbAkxNDg0MAl6CTE0MDM2CXMJNTc2MAlwCTIyNTA3CXcJbmV3cwljcwlJQUIxMgljegkJZ2MJQ0gJZ3IJTFUJZ3QJbHVjZXJuZQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJc2F1bHRzdGFyLmNvbQlzZQk2MjQzMTk3MDA5CW1jCTMwODEJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQl2cAkxCXZnCXByCWNpCTZhYWY4OWIxLWZhMDgtYmU4Mi1mYTUxLWVjYTFkYWUzODY4YgljcAlwZAl2dgkyMDIzMDkyNV8yMzM3OnBkMV9odG1sNTozLjYwOS4xCXd0CTUxOAl3ZQlbd2VdIGVycm9yOk5vIHZhbGlkIGJpZHMgcmVjZWl2ZWQJYWRUYWcJLy9hLmpzcmRuLmNvbS9wcmViaWQvdGFncy9wMjI1MDctZHMtZGVza3RvcC5qc29uP2FjYT0xJmVudi5zZD1zYXVsdHN0YXIuY29tJmVudi5nYz1DSA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame B183 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
events
api.permutive.com/v2.0/batch/ 		101 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6f4abfb9b465e92c6c72bb5a73a64989553c203b7604db64fd6fd3ad98498597

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:44 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
minimal.mp4
a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/ Frame 93C8 		843 B
873 B 		Media
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/minimal.mp4
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://www.saultstar.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

quic-version
0x00000001
x-amz-version-id
a5770JiD4onMVIXMo5lps_CnGxMPdeDf
date
Thu, 21 Dec 2023 10:23:44 GMT
akamai-cache-status
Hit from child
x-amz-request-id
9Z6X1M2VQ1EDYZJH
akamai-grn
0.9d7d1302.1703154224.422e1a39
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-842/843
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
843
x-amz-id-2
EG6uiMhuTz4iUH4FhnFQMHN+SX6pwi+2ZTWANboIoq0rJ0jP1PSWs3kv7V1PpO8XW9AR/YKgNXU=
last-modified
Mon, 25 Sep 2023 23:37:31 GMT
server
AmazonS3
etag
"fb62001afaa95ed461f35992d7431867"
content-type
video/mp4
cache-control
max-age=43796
accept-ranges
bytes
expires
Thu, 21 Dec 2023 22:33:40 GMT
bridge3.609.1_en.html
imasdk.googleapis.com/js/core/ Frame DA23 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
494951
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245986
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 16:54:33 GMT
expires
Sat, 14 Dec 2024 16:54:33 GMT
last-modified
Fri, 15 Dec 2023 16:47:56 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 93C8 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 10:23:44 GMT
p22507-yb-desktop.json
a.jsrdn.com/prebid/tags/ Frame 93C8 		14 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/prebid/tags/p22507-yb-desktop.json?aca=1&env.sd=saultstar.com&env.gc=CH
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5194c7838f6cd490276fa655094416eadff9c3729821076d1956a177561242fc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 22 Dec 2023 09:44:23 GMT
x-amz-version-id
qFtRzHih2wTEqTojCdmAYy4wTf3qEFeB
content-encoding
gzip
date
Thu, 21 Dec 2023 10:23:44 GMT
akamai-cache-status
Hit from child
x-amz-request-id
8B0TRT9NHXGAJTJS
akamai-grn
0.9d7d1302.1703154224.422e1a3f
x-amz-server-side-encryption
AES256
akamai-mon-iucid-del
1543115
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1638
x-amz-id-2
usUYofjX1lUxSEdfy3RdlNopdlNvjc+QThRBUzv7Fe8TMTw4dqUcvJFFb4DM9a/gsB3eg+PtP4M=
last-modified
Thu, 21 Dec 2023 09:42:44 GMT
server
AmazonS3
etag
"fdf54c393687af5730aa5ed939dfa884"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-max-age
3600
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
access-control-allow-methods
GET, HEAD
cache-control
max-age=84039
access-control-allow-credentials
true
accept-ranges
bytes
quic-version
0x00000001
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 512F 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 21 Dec 2023 10:48:24 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=7n46&k=ZQl3YQlhCTIwNDYJZAlldS13ZXN0LTFiCWgJaS0wMzJjMzMzMTFjZDJjYmU5MQl1CTVkYzU0Nzc1LTU5OGUtNDJkZi1iOTVmLTI1M2VkOWM4OTU4ZQl2CTI4MjQwMzE3LTA0YTItNDI2NS1iOTNjLTRkODVlN2NkYTg3Yglzdglqc3Jkbgl2bAkyMDIzMTIyMS4wOTUwCXZ0CTIwMjMxMjIxLjA5NTAJdnMJMjAyMzEwMDQJdmMJMjAyMzAxMjA1CXN0CTIwMjMxMjIxLjEwMjM0MglpCTQ1Zjc4ZDZiLTc0MjctNGViYS1hMWUzLTZmYWJmNzZhZjIxNAlmCWh0dHBzOi8vd3d3LnNhdWx0c3Rhci5jb20vbmV3cy90aGVzc2Fsb24tYmFuZC1vZmZpY2UtYmxvY2tpbmctZWxlY3Rpb24tYXBwZWFsLXByb2Nlc3Mtb2ZmaWNpYWxzLXNheQlxCTIzYWFhZmM0LTM0NDgtNGVkMy1hMmI3LTRlNWNlNTEyNTEzNgltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNTczNwljCTU3OTIJbAkxNDg0MAl6CTE0MDM2CXMJNTc2MAlwCTIyNTA3CXcJbmV3cwljcwlJQUIxMgljegkJZ2MJQ0gJZ3IJTFUJZ3QJbHVjZXJuZQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJc2F1bHRzdGFyLmNvbQlzZQk2MjQzMTk3MDA5CW1jCTMwODEJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQl2cAkxCXZnCXByCWNpCWQzNWI0ZDg5LTEyNzEtNzViNi03M2Y2LTU0Y2NkMjc4MDljMAljcAl5Ygl2dgkyMDIzMDkyNV8yMzM3OnBkMV9odG1sNTozLjYwOS4xCXd0CTcxNglhZFRhZwkvL2EuanNyZG4uY29tL3ByZWJpZC90YWdzL3AyMjUwNy15Yi1kZXNrdG9wLmpzb24_YWNhPTEmZW52LnNkPXNhdWx0c3Rhci5jb20mZW52LmdjPUNI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:44 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ Frame 93C8 		1 KB
768 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
47119823791aab6070737002c815249477ac964500c9d0c6ef94ee67c8acde72

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:43 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.saultstar.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
216
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Dec 2023 10:23:44 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 93C8 		138 B
814 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
d09a9b7b5a899a5e61dfd84dee7200b59666a37c0abd1af50366d23575d7a2da
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:44 GMT
an-x-request-uuid
a3310de3-03fe-4de3-9dac-5e0b6dabe896
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.saultstar.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.9; 176.10.106.9; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 93C8 		184 B
473 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
1b6ba926a5b6a1ab89ec3c6f01134a85c67cb61633cda0ba61ab2a68fd0a4ef2

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.5.0
Content-Type
application/json
access-control-allow-origin
https://www.saultstar.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
prebidjs
rtb.openx.net/openrtbb/ Frame 93C8 		53 B
95 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
f4bc87a7be38d9eec90a5616b6dea993707f33d17f02afb3593b97603aef4505

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:44 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=wb96&k=ZQl3d2EJYQkyMDU3CWQJZXUtd2VzdC0xYgloCWktMDMyYzMzMzExY2QyY2JlOTEJdQk1ZGM1NDc3NS01OThlLTQyZGYtYjk1Zi0yNTNlZDljODk1OGUJdgkyODI0MDMxNy0wNGEyLTQyNjUtYjkzYy00ZDg1ZTdjZGE4N2IJc3YJanNyZG4JdmwJMjAyMzEyMjEuMDk1MAl2dAkyMDIzMTIyMS4wOTUwCXZzCTIwMjMxMDA0CXZjCTIwMjMwMTIwNQlzdAkyMDIzMTIyMS4xMDIzNDIJaQk0NWY3OGQ2Yi03NDI3LTRlYmEtYTFlMy02ZmFiZjc2YWYyMTQJZglodHRwczovL3d3dy5zYXVsdHN0YXIuY29tL25ld3MvdGhlc3NhbG9uLWJhbmQtb2ZmaWNlLWJsb2NraW5nLWVsZWN0aW9uLWFwcGVhbC1wcm9jZXNzLW9mZmljaWFscy1zYXkJcQkyM2FhYWZjNC0zNDQ4LTRlZDMtYTJiNy00ZTVjZTUxMjUxMzYJbQkyMjM0MgliCTI2MglnCTQxMAl0CTU3MzcJYwk1NzkyCWwJMTQ4NDAJegkxNDAzNglzCTU3NjAJcAkyMjUwNwl3CW5ld3MJY3MJSUFCMTIJY3oJCWdjCUNICWdyCUxVCWd0CWx1Y2VybmUJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCXNhdWx0c3Rhci5jb20Jc2UJNjI0MzE5NzAwOQltYwkzMDgxCW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JMzkyOQl2bgkyNTg2Njg5CWh2CTEJdnAJMQl2ZwlwcgljaQlkMzViNGQ4OS0xMjcxLTc1YjYtNzNmNi01NGNjZDI3ODA5YzAJY3AJeWIJdnYJMjAyMzA5MjVfMjMzNzpwZDFfaHRtbDU6My42MDkuMQl3dAk3MTYJd3dhCWJpZGRlcjptZWRpYW5ldHxhcHBuZXh1c3xydWJpY29ufG9wZW54CWFkVGFnCS8vYS5qc3Jkbi5jb20vcHJlYmlkL3RhZ3MvcDIyNTA3LXliLWRlc2t0b3AuanNvbj9hY2E9MSZlbnYuc2Q9c2F1bHRzdGFyLmNvbSZlbnYuZ2M9Q0g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:44 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5b88092c-e2cb-5f22-f366-1c296e611e28&tv=%7Bc:xqGc1c,pingTime:-10,time:1250,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703154223544%7C%7Cbe054cd100bbfb7bc4a16596cc165b7a%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7C927e932018b7357e5aabbcd442931e9a%7C%7C626e85af5824d8a37bee81ff34cd3680%7C%7Cdf80c65233c38ae6a6ec2e7fa090b15d%7C%7Ca42f74245ae2f362ab4c93f7930571b0%7C%7Ce9d6668ffaa67cb5d8b322e7f09b8b0b%7C%7C1663701684,sca:%7Bspg:5917d734-fd5f-6279-1949-0b50c51fa166%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:44 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5917d734-fd5f-6279-1949-0b50c51fa166&tv=%7Bc:xqGc29,pingTime:1,time:1319,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:284%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1319,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:283,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1050~100%5D,as:%5B1050~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:105,fm:tZ4hy9M+11%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C1216%7C1217%7C13%7C14%7C15%7C16%7C17*.928934%7C171%7C18.928934%7C181%7C182%7C183%7C184%7C185%7C191%7C1921%7C1922,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,siq:284,sis:433%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:44 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5917d734-fd5f-6279-1949-0b50c51fa166&tv=%7Bc:xqGc2a,pingTime:1,time:1320,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:284%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1320,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:283,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1051~100%5D,as:%5B1051~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:105,fm:tZ4hy9M+11%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C1216%7C1217%7C13%7C14%7C15%7C16%7C17*.928934%7C171%7C18.928934%7C181%7C182%7C183%7C184%7C185%7C191%7C1921%7C1922,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,siq:284,sis:433,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:44 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5917d734-fd5f-6279-1949-0b50c51fa166&tv=%7Bc:xqGc2a,pingTime:1,time:1320,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:284%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1320,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:283,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1051~100%5D,as:%5B1051~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:105,fm:tZ4hy9M+11%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C1216%7C1217%7C13%7C14%7C15%7C16%7C17*.928934%7C171%7C18.928934%7C181%7C182%7C183%7C184%7C185%7C191%7C1921%7C1922,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,siq:284,sis:433,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:44 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=grwp&k=ZQl3d2gJYQkyMzAyCWQJZXUtd2VzdC0xYgloCWktMDMyYzMzMzExY2QyY2JlOTEJdQk1ZGM1NDc3NS01OThlLTQyZGYtYjk1Zi0yNTNlZDljODk1OGUJdgkyODI0MDMxNy0wNGEyLTQyNjUtYjkzYy00ZDg1ZTdjZGE4N2IJc3YJanNyZG4JdmwJMjAyMzEyMjEuMDk1MAl2dAkyMDIzMTIyMS4wOTUwCXZzCTIwMjMxMDA0CXZjCTIwMjMwMTIwNQlzdAkyMDIzMTIyMS4xMDIzNDIJaQk0NWY3OGQ2Yi03NDI3LTRlYmEtYTFlMy02ZmFiZjc2YWYyMTQJZglodHRwczovL3d3dy5zYXVsdHN0YXIuY29tL25ld3MvdGhlc3NhbG9uLWJhbmQtb2ZmaWNlLWJsb2NraW5nLWVsZWN0aW9uLWFwcGVhbC1wcm9jZXNzLW9mZmljaWFscy1zYXkJcQkyM2FhYWZjNC0zNDQ4LTRlZDMtYTJiNy00ZTVjZTUxMjUxMzYJbQkyMjM0MgliCTI2MglnCTQxMAl0CTU3MzcJYwk1NzkyCWwJMTQ4NDAJegkxNDAzNglzCTU3NjAJcAkyMjUwNwl3CW5ld3MJY3MJSUFCMTIJY3oJCWdjCUNICWdyCUxVCWd0CWx1Y2VybmUJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCXNhdWx0c3Rhci5jb20Jc2UJNjI0MzE5NzAwOQltYwkzMDgxCW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JMzkyOQl2bgkyNTg2Njg5CWh2CTEJdnAJMQl2ZwlwcgljaQlkMzViNGQ4OS0xMjcxLTc1YjYtNzNmNi01NGNjZDI3ODA5YzAJY3AJeWIJdnYJMjAyMzA5MjVfMjMzNzpwZDFfaHRtbDU6My42MDkuMQl3dAk3MTYJd3doCWJpZGRlcjpub25lLGNwbTowCWFkVGFnCS8vYS5qc3Jkbi5jb20vcHJlYmlkL3RhZ3MvcDIyNTA3LXliLWRlc2t0b3AuanNvbj9hY2E9MSZlbnYuc2Q9c2F1bHRzdGFyLmNvbSZlbnYuZ2M9Q0g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:44 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 8CDD 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:37:35 GMT
content-encoding
gzip
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C2
age
2770
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
vturwe75odHgPJDFTiCzb4S8k1tBMl0KsZet868BhJIUmQ5Gm9s3xQ==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8CDD 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Thu, 21 Dec 2023 10:23:44 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=1ibl&k=ZQl3ZQlhCTIzMDgJZAlldS13ZXN0LTFiCWgJaS0wMzJjMzMzMTFjZDJjYmU5MQl1CTVkYzU0Nzc1LTU5OGUtNDJkZi1iOTVmLTI1M2VkOWM4OTU4ZQl2CTI4MjQwMzE3LTA0YTItNDI2NS1iOTNjLTRkODVlN2NkYTg3Yglzdglqc3Jkbgl2bAkyMDIzMTIyMS4wOTUwCXZ0CTIwMjMxMjIxLjA5NTAJdnMJMjAyMzEwMDQJdmMJMjAyMzAxMjA1CXN0CTIwMjMxMjIxLjEwMjM0MglpCTQ1Zjc4ZDZiLTc0MjctNGViYS1hMWUzLTZmYWJmNzZhZjIxNAlmCWh0dHBzOi8vd3d3LnNhdWx0c3Rhci5jb20vbmV3cy90aGVzc2Fsb24tYmFuZC1vZmZpY2UtYmxvY2tpbmctZWxlY3Rpb24tYXBwZWFsLXByb2Nlc3Mtb2ZmaWNpYWxzLXNheQlxCTIzYWFhZmM0LTM0NDgtNGVkMy1hMmI3LTRlNWNlNTEyNTEzNgltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNTczNwljCTU3OTIJbAkxNDg0MAl6CTE0MDM2CXMJNTc2MAlwCTIyNTA3CXcJbmV3cwljcwlJQUIxMgljegkJZ2MJQ0gJZ3IJTFUJZ3QJbHVjZXJuZQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJc2F1bHRzdGFyLmNvbQlzZQk2MjQzMTk3MDA5CW1jCTMwODEJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQl2cAkxCXZnCXByCWNpCWQzNWI0ZDg5LTEyNzEtNzViNi03M2Y2LTU0Y2NkMjc4MDljMAljcAl5Ygl2dgkyMDIzMDkyNV8yMzM3OnBkMV9odG1sNTozLjYwOS4xCXd0CTcxNgl3ZQlbd2VdIGVycm9yOk5vIHZhbGlkIGJpZHMgcmVjZWl2ZWQJYWRUYWcJLy9hLmpzcmRuLmNvbS9wcmViaWQvdGFncy9wMjI1MDcteWItZGVza3RvcC5qc29uP2FjYT0xJmVudi5zZD1zYXVsdHN0YXIuY29tJmVudi5nYz1DSA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:44 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 8CDD 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
date
Thu, 21 Dec 2023 10:23:40 GMT
x-amz-cf-pop
FRA56-C2
age
6053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
6CF7L9WRtx9D8LmLLpaAVlRtnSo44U1Aj7b02sqoIBY6yeJsz8p3pg==
minimal.mp4
a.jsrdn.com/vplayer-parallel/20230925_2337/aps_html5/ Frame 8CDD 		843 B
873 B 		Media
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/aps_html5/minimal.mp4
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://www.saultstar.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

quic-version
0x00000001
x-amz-version-id
zRWvm9d8xNj89crISHGVixL8ukFcwFUU
date
Thu, 21 Dec 2023 10:23:44 GMT
akamai-cache-status
Hit from child
x-amz-request-id
B0EQXDNKT5RYNYMX
akamai-grn
0.9d7d1302.1703154224.422e1c65
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-842/843
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
843
x-amz-id-2
vUEnQjp6+Dyb+rzROXBqFOa+t3aSkDGxvzGdAVV/ygVGkKzJtKnVcs/joO5R9fBRgVBZaxRwnzU=
last-modified
Mon, 25 Sep 2023 23:37:38 GMT
server
AmazonS3
etag
"fb62001afaa95ed461f35992d7431867"
content-type
video/mp4
cache-control
max-age=75752
accept-ranges
bytes
expires
Fri, 22 Dec 2023 07:26:16 GMT
bridge3.609.1_en.html
imasdk.googleapis.com/js/core/ Frame 5E4E 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
494951
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245986
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 16:54:33 GMT
expires
Sat, 14 Dec 2024 16:54:33 GMT
last-modified
Fri, 15 Dec 2023 16:47:56 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 8CDD 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 10:23:44 GMT
510b2083-6681-4521-93bd-7d95b5afa83c
config.aps.amazon-adsystem.com/configs/ Frame 8CDD 		564 B
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/510b2083-6681-4521-93bd-7d95b5afa83c
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-6.ams54.r.cloudfront.net
Software
CloudFront /
Resource Hash
7a9c46b0959c82edbb5bd561835579f816fcc2eadcc2217d415c66e88b8eb80d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:55:01 GMT
via
1.1 4cc2a0a7eb7d5483edc69be298297f9e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS54-C1
age
1723
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
W1gubVTrCcOMPZ9rzPoIVudrE9cEDLAC5i9t8AyotD9c3ltkv-fr0w==
config
c.amazon-adsystem.com/cdn/prod/ Frame 8CDD 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.saultstar.com&pubid=510b2083-6681-4521-93bd-7d95b5afa83c
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:44 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.saultstar.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
pp9xA20Pkc6FYin5kjoZrAzAXzOO5IHhWPmdjX1P0j7bkbVq1bZPRg==
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D023 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 21 Dec 2023 10:48:24 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=sep9&k=ZQl3YQlhCTIzNzYJZAlldS13ZXN0LTFiCWgJaS0wMzJjMzMzMTFjZDJjYmU5MQl1CTVkYzU0Nzc1LTU5OGUtNDJkZi1iOTVmLTI1M2VkOWM4OTU4ZQl2CTI4MjQwMzE3LTA0YTItNDI2NS1iOTNjLTRkODVlN2NkYTg3Yglzdglqc3Jkbgl2bAkyMDIzMTIyMS4wOTUwCXZ0CTIwMjMxMjIxLjA5NTAJdnMJMjAyMzEwMDQJdmMJMjAyMzAxMjA1CXN0CTIwMjMxMjIxLjEwMjM0MglpCTQ1Zjc4ZDZiLTc0MjctNGViYS1hMWUzLTZmYWJmNzZhZjIxNAlmCWh0dHBzOi8vd3d3LnNhdWx0c3Rhci5jb20vbmV3cy90aGVzc2Fsb24tYmFuZC1vZmZpY2UtYmxvY2tpbmctZWxlY3Rpb24tYXBwZWFsLXByb2Nlc3Mtb2ZmaWNpYWxzLXNheQlxCTIzYWFhZmM0LTM0NDgtNGVkMy1hMmI3LTRlNWNlNTEyNTEzNgltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNTczNwljCTU3OTIJbAkxNDg0MAl6CTE0MDM2CXMJNTc2MAlwCTIyNTA3CXcJbmV3cwljcwlJQUIxMgljegkJZ2MJQ0gJZ3IJTFUJZ3QJbHVjZXJuZQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJc2F1bHRzdGFyLmNvbQlzZQk2MjQzMTk3MDA5CW1jCTMwODEJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQl2cAkxCXZnCXByCWNpCWZmOGUzMzkxLTBhNzUtYTIwMS04NjVmLWM0NjFjNzUwMzViYQljcAlhegl2dgkyMDIzMDkyNV8yMzM3OmFwc19odG1sNTozLjYwOS4xCXd0CTYzNwlhZFRhZwkvL2MuYW1hem9uLWFkc3lzdGVtLmNvbS9lL2R0Yi9iaWQ_YXBzU2xvdElEPURlc2t0b3AmZGVhbHM9MSZzaWQ9NjI0MzE5NzAwOQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:44 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 8CDD 		179 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&pid=rtDAx4KcQ8KVq&cb=0&ws=564x317&v=23.1211.1645&t=2000&slots=%5B%7B%22id%22%3A%22Desktop%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&schain=1.0%2C1!distroscale.com%2C6243197009%2C1%2C%2C%2C&pubid=510b2083-6681-4521-93bd-7d95b5afa83c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22f1038be6-7b9e-4864-95d5-0db9373384ad%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
4d2ca649146edcfbd70eefad0c0a701b5e76fc71e46909f634a3a8d15cc7ae2f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
0SP7ZY0W8PHJBPHXBKPT
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
179
x-amz-cf-id
M4MUT6SnecCw8OEH-OV1tglr1SaGmjlft0Z6YC9gbKlu0FRX6Lep-w==
iu3
aax-eu.amazon-adsystem.com/s/ Frame 0C30 		0
0
pblib.min.js
a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/ Frame C080 		368 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8ed5a17cc40a3e61b27ffc7085528079e8c2591633b0433ca7ae3fdee18cc30

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 22 Dec 2023 06:08:11 GMT
x-amz-version-id
N2rhRmpluJJr8dne7Zwm5odAsuj70Rdj
content-encoding
gzip
date
Thu, 21 Dec 2023 10:23:44 GMT
akamai-cache-status
Hit from child
x-amz-request-id
9Z6Y386EV47N1F92
akamai-grn
0.9d7d1302.1703154224.422e1e8e
x-amz-server-side-encryption
AES256
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
117939
x-amz-id-2
s0Fmu4m5lGW3x977DjdsW369AYVd8g02hsxPWB207eg2l6oP3EHgnJNRyk8GeqxpN2HBBiHIPt8=
last-modified
Mon, 25 Sep 2023 23:37:33 GMT
server
AmazonS3
etag
"91adb5acce8739f457d0f760e6a9193c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=71067
accept-ranges
bytes
quic-version
0x00000001
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame C080 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Thu, 21 Dec 2023 10:23:44 GMT
191231-96143263832481.js
js-sec.indexww.com/ht/p/ Frame C080 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37f9b8c4f451c35a6bfa6f0053259ee5b69287dc9fc8b2fe366b7d25d312f1d9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 10:15:36 GMT
server
cloudflare
age
407
etag
W/"905900-7e27-60d026177336b"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
838f6950a81f01fc-ZRH
expires
Thu, 21 Dec 2023 14:23:44 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=bcl7&k=ZQl3ZQlhCTI2NzkJZAlldS13ZXN0LTFiCWgJaS0wMzJjMzMzMTFjZDJjYmU5MQl1CTVkYzU0Nzc1LTU5OGUtNDJkZi1iOTVmLTI1M2VkOWM4OTU4ZQl2CTI4MjQwMzE3LTA0YTItNDI2NS1iOTNjLTRkODVlN2NkYTg3Yglzdglqc3Jkbgl2bAkyMDIzMTIyMS4wOTUwCXZ0CTIwMjMxMjIxLjA5NTAJdnMJMjAyMzEwMDQJdmMJMjAyMzAxMjA1CXN0CTIwMjMxMjIxLjEwMjM0MglpCTQ1Zjc4ZDZiLTc0MjctNGViYS1hMWUzLTZmYWJmNzZhZjIxNAlmCWh0dHBzOi8vd3d3LnNhdWx0c3Rhci5jb20vbmV3cy90aGVzc2Fsb24tYmFuZC1vZmZpY2UtYmxvY2tpbmctZWxlY3Rpb24tYXBwZWFsLXByb2Nlc3Mtb2ZmaWNpYWxzLXNheQlxCTIzYWFhZmM0LTM0NDgtNGVkMy1hMmI3LTRlNWNlNTEyNTEzNgltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNTczNwljCTU3OTIJbAkxNDg0MAl6CTE0MDM2CXMJNTc2MAlwCTIyNTA3CXcJbmV3cwljcwlJQUIxMgljegkJZ2MJQ0gJZ3IJTFUJZ3QJbHVjZXJuZQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJc2F1bHRzdGFyLmNvbQlzZQk2MjQzMTk3MDA5CW1jCTMwODEJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQl2cAkxCXZnCXByCWNpCWZmOGUzMzkxLTBhNzUtYTIwMS04NjVmLWM0NjFjNzUwMzViYQljcAlhegl2dgkyMDIzMDkyNV8yMzM3OmFwc19odG1sNTozLjYwOS4xCXd0CTYzNwl3ZQlbd2VdIGVycm9yOk5vIHZhbGlkIGJpZHMgcmVjZWl2ZWQJYWRUYWcJLy9jLmFtYXpvbi1hZHN5c3RlbS5jb20vZS9kdGIvYmlkP2Fwc1Nsb3RJRD1EZXNrdG9wJmRlYWxzPTEmc2lkPTYyNDMxOTcwMDk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:44 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
minimal.mp4
a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/ Frame C080 		843 B
873 B 		Media
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/minimal.mp4
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://www.saultstar.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

quic-version
0x00000001
x-amz-version-id
a5770JiD4onMVIXMo5lps_CnGxMPdeDf
date
Thu, 21 Dec 2023 10:23:44 GMT
akamai-cache-status
Hit from child
x-amz-request-id
9Z6X1M2VQ1EDYZJH
akamai-grn
0.9d7d1302.1703154224.422e1ef8
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-842/843
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
843
x-amz-id-2
EG6uiMhuTz4iUH4FhnFQMHN+SX6pwi+2ZTWANboIoq0rJ0jP1PSWs3kv7V1PpO8XW9AR/YKgNXU=
last-modified
Mon, 25 Sep 2023 23:37:31 GMT
server
AmazonS3
etag
"fb62001afaa95ed461f35992d7431867"
content-type
video/mp4
cache-control
max-age=43796
accept-ranges
bytes
expires
Thu, 21 Dec 2023 22:33:40 GMT
bridge3.609.1_en.html
imasdk.googleapis.com/js/core/ Frame FAF4 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
494951
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245986
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 16:54:33 GMT
expires
Sat, 14 Dec 2024 16:54:33 GMT
last-modified
Fri, 15 Dec 2023 16:47:56 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame C080 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 10:23:44 GMT
p22507-xp-desktop.json
a.jsrdn.com/prebid/tags/ Frame C080 		9 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/prebid/tags/p22507-xp-desktop.json?aca=1&env.sd=saultstar.com&env.gc=CH
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c82a1f58bd36809c7a40324d2b34cbe9b3c2925c0cfe9aeb499dd33c048542ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 22 Dec 2023 09:44:40 GMT
x-amz-version-id
yEuW7l6G9n2AqC6Eix6gclNx9T6y2uqY
content-encoding
gzip
date
Thu, 21 Dec 2023 10:23:44 GMT
akamai-cache-status
Hit from child
x-amz-request-id
FJZKVQMQ82W2NREP
akamai-grn
0.9d7d1302.1703154224.422e1f01
x-amz-server-side-encryption
AES256
akamai-mon-iucid-del
1543115
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1464
x-amz-id-2
3yD1lNVOhl3XA58Nzqd4L6EU5Z97I1UdkRNnZDo9TajptYF/m3rt51sJpBZ6Y0xKowlg9BtKK+Y=
last-modified
Thu, 21 Dec 2023 09:42:44 GMT
server
AmazonS3
etag
"0c18350755ce79517b0bf9dbb6a41a43"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-max-age
3600
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
access-control-allow-methods
GET, HEAD
cache-control
max-age=84056
access-control-allow-credentials
true
accept-ranges
bytes
quic-version
0x00000001
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9835 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 21 Dec 2023 10:48:24 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=mb5m&k=ZQl3YQlhCTI3ODQJZAlldS13ZXN0LTFiCWgJaS0wMzJjMzMzMTFjZDJjYmU5MQl1CTVkYzU0Nzc1LTU5OGUtNDJkZi1iOTVmLTI1M2VkOWM4OTU4ZQl2CTI4MjQwMzE3LTA0YTItNDI2NS1iOTNjLTRkODVlN2NkYTg3Yglzdglqc3Jkbgl2bAkyMDIzMTIyMS4wOTUwCXZ0CTIwMjMxMjIxLjA5NTAJdnMJMjAyMzEwMDQJdmMJMjAyMzAxMjA1CXN0CTIwMjMxMjIxLjEwMjM0MglpCTQ1Zjc4ZDZiLTc0MjctNGViYS1hMWUzLTZmYWJmNzZhZjIxNAlmCWh0dHBzOi8vd3d3LnNhdWx0c3Rhci5jb20vbmV3cy90aGVzc2Fsb24tYmFuZC1vZmZpY2UtYmxvY2tpbmctZWxlY3Rpb24tYXBwZWFsLXByb2Nlc3Mtb2ZmaWNpYWxzLXNheQlxCTIzYWFhZmM0LTM0NDgtNGVkMy1hMmI3LTRlNWNlNTEyNTEzNgltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNTczNwljCTU3OTIJbAkxNDg0MAl6CTE0MDM2CXMJNTc2MAlwCTIyNTA3CXcJbmV3cwljcwlJQUIxMgljegkJZ2MJQ0gJZ3IJTFUJZ3QJbHVjZXJuZQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJc2F1bHRzdGFyLmNvbQlzZQk2MjQzMTk3MDA5CW1jCTMwODEJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQl2cAkxCXZnCXByCWNpCTEzYzMxZmY5LWUxMzktZmViNi1mNTEyLTgyNjA0MjEwMTQwZAljcAl4cAl2dgkyMDIzMDkyNV8yMzM3OnBkMV9odG1sNTozLjYwOS4xCXd0CTc0OAlhZFRhZwkvL2EuanNyZG4uY29tL3ByZWJpZC90YWdzL3AyMjUwNy14cC1kZXNrdG9wLmpzb24_YWNhPTEmZW52LnNkPXNhdWx0c3Rhci5jb20mZW52LmdjPUNI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:44 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.saultstar.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 21 Dec 2023 10:23:44 GMT
bid.json
reachms.bfmio.com/ Frame C080 		0
242 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://reachms.bfmio.com/bid.json?exchange_id=9cc7c99c-d543-4cd0-af43-57cdf7e98477
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.111.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-111-75.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.saultstar.com
date
Thu, 21 Dec 2023 10:23:44 GMT
access-control-expose-headers
location
access-control-allow-credentials
true
server
nginx/1.18.0 (Ubuntu)
vary
Origin
expires
Thu, 01 Jan 1970 00:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame C080 		425 B
888 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2242cdf935997778%22%3A%22eb59b1a7ffa50d04142c%7C640x480%7Cgpid%3DvideoIn%2Cc%3Dv%2Cp%3D1%2C%22%7D&ref=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&s=3d13aacc-a885-422f-ba5c-6090fa845524&pv=a253c4b1-fea8-4b38-ac56-7f1557fff6eb&vp=mobile&lib_name=prebid&lib_v=8.15.0&us=3&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22saultstar.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22saultstar.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nextovp.com%22%2C%22sid%22%3A%223756802991%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
51946688449aa14768f363027735ac05ab6de381a9229f7ff92ac5a4d48510ff
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:45 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-24
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
276
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame C080 		0
164 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://www.saultstar.com
pragma
no-cache
date
Thu, 21 Dec 2023 10:23:45 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=4y74&k=ZQl3d2EJYQkyODI4CWQJZXUtd2VzdC0xYgloCWktMDMyYzMzMzExY2QyY2JlOTEJdQk1ZGM1NDc3NS01OThlLTQyZGYtYjk1Zi0yNTNlZDljODk1OGUJdgkyODI0MDMxNy0wNGEyLTQyNjUtYjkzYy00ZDg1ZTdjZGE4N2IJc3YJanNyZG4JdmwJMjAyMzEyMjEuMDk1MAl2dAkyMDIzMTIyMS4wOTUwCXZzCTIwMjMxMDA0CXZjCTIwMjMwMTIwNQlzdAkyMDIzMTIyMS4xMDIzNDIJaQk0NWY3OGQ2Yi03NDI3LTRlYmEtYTFlMy02ZmFiZjc2YWYyMTQJZglodHRwczovL3d3dy5zYXVsdHN0YXIuY29tL25ld3MvdGhlc3NhbG9uLWJhbmQtb2ZmaWNlLWJsb2NraW5nLWVsZWN0aW9uLWFwcGVhbC1wcm9jZXNzLW9mZmljaWFscy1zYXkJcQkyM2FhYWZjNC0zNDQ4LTRlZDMtYTJiNy00ZTVjZTUxMjUxMzYJbQkyMjM0MgliCTI2MglnCTQxMAl0CTU3MzcJYwk1NzkyCWwJMTQ4NDAJegkxNDAzNglzCTU3NjAJcAkyMjUwNwl3CW5ld3MJY3MJSUFCMTIJY3oJCWdjCUNICWdyCUxVCWd0CWx1Y2VybmUJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCXNhdWx0c3Rhci5jb20Jc2UJNjI0MzE5NzAwOQltYwkzMDgxCW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JMzkyOQl2bgkyNTg2Njg5CWh2CTEJdnAJMQl2ZwlwcgljaQkxM2MzMWZmOS1lMTM5LWZlYjYtZjUxMi04MjYwNDIxMDE0MGQJY3AJeHAJdnYJMjAyMzA5MjVfMjMzNzpwZDFfaHRtbDU6My42MDkuMQl3dAk3NDgJd3dhCWJpZGRlcjpiZWFjaGZyb250fHNvbm9iaXx1bnJ1bHkJYWRUYWcJLy9hLmpzcmRuLmNvbS9wcmViaWQvdGFncy9wMjI1MDcteHAtZGVza3RvcC5qc29uP2FjYT0xJmVudi5zZD1zYXVsdHN0YXIuY29tJmVudi5nYz1DSA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:44 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame B183 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=56399386&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
0285656c0531ce023489eb405a9e7d895b12a4e7e8324722ddda4e79fd052f9c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 21 Dec 2023 10:23:43 GMT
content-length
1571
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 3FB3 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=24CFB76E-4F04-4690-9211-6A07901FE725&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 21 Dec 2023 10:23:45 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
dcm
aax-eu.amazon-adsystem.com/s/ Frame C2F6 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=24CFB76E-4F04-4690-9211-6A07901FE725&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Dec 2023 10:23:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
0DN7P7SE5K9Z4JSNF8T2
Pug
image2.pubmatic.com/AdServer/ Frame 9DD1
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Rvg8U0H_NgNdqGIGR68pBRH_Ml5d-j1eSPo-X7fc
42 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Rvg8U0H_NgNdqGIGR68pBRH_Ml5d-j1eSPo-X7fc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Dec 2023 10:23:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 21 Dec 2023 10:23:45 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Rvg8U0H_NgNdqGIGR68pBRH_Ml5d-j1eSPo-X7fc
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 5F7F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5148106858807832576&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5148106858807832576&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Dec 2023 10:23:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
b2838237-899e-4e9a-9911-08ac17801d38
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 21 Dec 2023 10:23:45 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5148106858807832576&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
176.10.106.9; 176.10.106.9; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7B02 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UID24CFB76E-4F04-4690-9211-6A07901FE725
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Dec 2023 10:23:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
K3BNGRMPHVQJGH6W59QD
mw
mwzeom.zeotap.com/ Frame B183 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=24CFB76E-4F04-4690-9211-6A07901FE725
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
838f6952d9a34c50-MXP
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame B183
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=24CFB76E-4F04-4690-9211-6A07901FE725&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=24CFB76E-4F04-4690-9211-6A07901FE725&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=24CFB76E-4F04-4690-9211-6A07901FE725&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:48 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:48 GMT
frontend-id
14
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=24CFB76E-4F04-4690-9211-6A07901FE725&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame B183
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=24CFB76E-4F04-4690-9211-6A07901FE725&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:45 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame B183 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:45 GMT
server
Kestrel
content-length
70
content-type
image/gif
24CFB76E-4F04-4690-9211-6A07901FE725
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B183 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/24CFB76E-4F04-4690-9211-6A07901FE725?gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:d9af:10ed:ca45:5b1a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame B183
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=24CFB76E-4F04-4690-9211-6A07901FE725&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-p4eaDipE2uWx_aLApdcEDr9IDDb.kF0-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-p4eaDipE2uWx_aLApdcEDr9IDDb.kF0-~A&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-p4eaDipE2uWx_aLApdcEDr9IDDb.kF0-~A&gdpr=0
date
Thu, 21 Dec 2023 10:23:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=6a61&k=ZQl3d2gJYQkzMTk3CWQJZXUtd2VzdC0xYgloCWktMDMyYzMzMzExY2QyY2JlOTEJdQk1ZGM1NDc3NS01OThlLTQyZGYtYjk1Zi0yNTNlZDljODk1OGUJdgkyODI0MDMxNy0wNGEyLTQyNjUtYjkzYy00ZDg1ZTdjZGE4N2IJc3YJanNyZG4JdmwJMjAyMzEyMjEuMDk1MAl2dAkyMDIzMTIyMS4wOTUwCXZzCTIwMjMxMDA0CXZjCTIwMjMwMTIwNQlzdAkyMDIzMTIyMS4xMDIzNDIJaQk0NWY3OGQ2Yi03NDI3LTRlYmEtYTFlMy02ZmFiZjc2YWYyMTQJZglodHRwczovL3d3dy5zYXVsdHN0YXIuY29tL25ld3MvdGhlc3NhbG9uLWJhbmQtb2ZmaWNlLWJsb2NraW5nLWVsZWN0aW9uLWFwcGVhbC1wcm9jZXNzLW9mZmljaWFscy1zYXkJcQkyM2FhYWZjNC0zNDQ4LTRlZDMtYTJiNy00ZTVjZTUxMjUxMzYJbQkyMjM0MgliCTI2MglnCTQxMAl0CTU3MzcJYwk1NzkyCWwJMTQ4NDAJegkxNDAzNglzCTU3NjAJcAkyMjUwNwl3CW5ld3MJY3MJSUFCMTIJY3oJCWdjCUNICWdyCUxVCWd0CWx1Y2VybmUJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCXNhdWx0c3Rhci5jb20Jc2UJNjI0MzE5NzAwOQltYwkzMDgxCW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JMzkyOQl2bgkyNTg2Njg5CWh2CTEJdnAJMQl2ZwlwcgljaQkxM2MzMWZmOS1lMTM5LWZlYjYtZjUxMi04MjYwNDIxMDE0MGQJY3AJeHAJdnYJMjAyMzA5MjVfMjMzNzpwZDFfaHRtbDU6My42MDkuMQl3dAk3NDgJd3doCWJpZGRlcjpub25lLGNwbTowCWFkVGFnCS8vYS5qc3Jkbi5jb20vcHJlYmlkL3RhZ3MvcDIyNTA3LXhwLWRlc2t0b3AuanNvbj9hY2E9MSZlbnYuc2Q9c2F1bHRzdGFyLmNvbSZlbnYuZ2M9Q0g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:45 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
index.html
a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/ Frame B92E 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6395e8bd3c20d6fa5091a8aa3115a117c563df4de3d633ddd3ac29c850ad7a82

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
akamai-cache-status
Hit from child
akamai-grn
0.9d7d1302.1703154225.422e21d3
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cache-control
max-age=32778
content-encoding
gzip
content-length
7092
content-type
text/html
date
Thu, 21 Dec 2023 10:23:45 GMT
etag
"6cc843f2b3e98f70da2d0b2c3180f82c"
expires
Thu, 21 Dec 2023 19:30:03 GMT
last-modified
Mon, 25 Sep 2023 23:38:10 GMT
quic-version
0x00000001
server
AmazonS3
vary
Accept-Encoding
x-amz-id-2
ohgobox6XKbaLHaupLxaHeCylkqayTpGuYqwuunP0jEzSkJw1sEtlDbKOrMwYHckcs5uhXb88iU=
x-amz-request-id
SNCRERG6BQ03Y1EM
x-amz-server-side-encryption
AES256
x-amz-version-id
yTs1LCmDwj3VOL.X_ikp7RjZcEdsAfWk
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=qnvf&k=ZQl3ZQlhCTMxOTgJZAlldS13ZXN0LTFiCWgJaS0wMzJjMzMzMTFjZDJjYmU5MQl1CTVkYzU0Nzc1LTU5OGUtNDJkZi1iOTVmLTI1M2VkOWM4OTU4ZQl2CTI4MjQwMzE3LTA0YTItNDI2NS1iOTNjLTRkODVlN2NkYTg3Yglzdglqc3Jkbgl2bAkyMDIzMTIyMS4wOTUwCXZ0CTIwMjMxMjIxLjA5NTAJdnMJMjAyMzEwMDQJdmMJMjAyMzAxMjA1CXN0CTIwMjMxMjIxLjEwMjM0MglpCTQ1Zjc4ZDZiLTc0MjctNGViYS1hMWUzLTZmYWJmNzZhZjIxNAlmCWh0dHBzOi8vd3d3LnNhdWx0c3Rhci5jb20vbmV3cy90aGVzc2Fsb24tYmFuZC1vZmZpY2UtYmxvY2tpbmctZWxlY3Rpb24tYXBwZWFsLXByb2Nlc3Mtb2ZmaWNpYWxzLXNheQlxCTIzYWFhZmM0LTM0NDgtNGVkMy1hMmI3LTRlNWNlNTEyNTEzNgltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNTczNwljCTU3OTIJbAkxNDg0MAl6CTE0MDM2CXMJNTc2MAlwCTIyNTA3CXcJbmV3cwljcwlJQUIxMgljegkJZ2MJQ0gJZ3IJTFUJZ3QJbHVjZXJuZQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJc2F1bHRzdGFyLmNvbQlzZQk2MjQzMTk3MDA5CW1jCTMwODEJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQl2cAkxCXZnCXByCWNpCTEzYzMxZmY5LWUxMzktZmViNi1mNTEyLTgyNjA0MjEwMTQwZAljcAl4cAl2dgkyMDIzMDkyNV8yMzM3OnBkMV9odG1sNTozLjYwOS4xCXd0CTc0OAl3ZQlbd2VdIGVycm9yOk5vIHZhbGlkIGJpZHMgcmVjZWl2ZWQJYWRUYWcJLy9hLmpzcmRuLmNvbS9wcmViaWQvdGFncy9wMjI1MDcteHAtZGVza3RvcC5qc29uP2FjYT0xJmVudi5zZD1zYXVsdHN0YXIuY29tJmVudi5nYz1DSA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:45 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B92E 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.jsrdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Thu, 21 Dec 2023 10:23:45 GMT
minimal.mp4
a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/ Frame B92E 		843 B
873 B 		Media
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/minimal.mp4
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

quic-version
0x00000001
x-amz-version-id
YutMv6I3oJyM1Gkwh5ebWbrhOB6c6G2Q
date
Thu, 21 Dec 2023 10:23:45 GMT
akamai-cache-status
Hit from child
x-amz-request-id
GCS2V7RVHNZDG9CZ
akamai-grn
0.9d7d1302.1703154225.422e2206
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-842/843
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
843
x-amz-id-2
QllXZEQ+Zk1tcWXJLrYOPoANA9Xt6EAquXqBRY0/aaRunh3LkpN5Av8jMlAEqGyazOO3MJQ/7Xg=
last-modified
Mon, 25 Sep 2023 23:38:11 GMT
server
AmazonS3
etag
"fb62001afaa95ed461f35992d7431867"
content-type
video/mp4
cache-control
max-age=14377
accept-ranges
bytes
expires
Thu, 21 Dec 2023 14:23:22 GMT
bridge3.609.1_en.html
imasdk.googleapis.com/js/core/ Frame 3113 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a.jsrdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
494952
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245986
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 16:54:33 GMT
expires
Sat, 14 Dec 2024 16:54:33 GMT
last-modified
Fri, 15 Dec 2023 16:47:56 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame B92E 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.jsrdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 10:23:45 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7425 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 21 Dec 2023 10:48:24 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=eihm&k=ZQl3YQlhCTMzNDIJZAlldS13ZXN0LTFiCWgJaS0wMzJjMzMzMTFjZDJjYmU5MQl1CTVkYzU0Nzc1LTU5OGUtNDJkZi1iOTVmLTI1M2VkOWM4OTU4ZQl2CTI4MjQwMzE3LTA0YTItNDI2NS1iOTNjLTRkODVlN2NkYTg3Yglzdglqc3Jkbgl2bAkyMDIzMTIyMS4wOTUwCXZ0CTIwMjMxMjIxLjA5NTAJdnMJMjAyMzEwMDQJdmMJMjAyMzAxMjA1CXN0CTIwMjMxMjIxLjEwMjM0MglpCTQ1Zjc4ZDZiLTc0MjctNGViYS1hMWUzLTZmYWJmNzZhZjIxNAlmCWh0dHBzOi8vd3d3LnNhdWx0c3Rhci5jb20vbmV3cy90aGVzc2Fsb24tYmFuZC1vZmZpY2UtYmxvY2tpbmctZWxlY3Rpb24tYXBwZWFsLXByb2Nlc3Mtb2ZmaWNpYWxzLXNheQlxCTIzYWFhZmM0LTM0NDgtNGVkMy1hMmI3LTRlNWNlNTEyNTEzNgltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNTczNwljCTU3OTIJbAkxNDg0MAl6CTE0MDM2CXMJNTc2MAlwCTIyNTA3CXcJbmV3cwljcwlJQUIxMgljegkJZ2MJQ0gJZ3IJTFUJZ3QJbHVjZXJuZQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJc2F1bHRzdGFyLmNvbQlzZQk2MjQzMTk3MDA5CW1jCTMwODEJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQl2cAkxCXZnCXByCWNpCTNiN2YwOGJjLTY3YjgtYTQwOC01ZTYyLTdiNWNmYzVlODA0YgljcAlnMgl2dgkyMDIzMDkyNV8yMzM3OmltYV9odG1sNTozLjYwOS4xCXd0CTUzOAlhZFRhZwkvL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS8yMTg3NDE1NTEzMywzMDgxLzIyNTA3XzQ5NTMwMzY3MDkmZGVzY3JpcHRpb25fdXJsPWh0dHBzJTNBJTJGJTJGd3d3LnNhdWx0c3Rhci5jb20lMkZuZXdzJTJGdGhlc3NhbG9uLWJhbmQtb2ZmaWNlLWJsb2NraW5nLWVsZWN0aW9uLWFwcGVhbC1wcm9jZXNzLW9mZmljaWFscy1zYXkmdGZjZD0wJm5wYT0wJnN6PTY0MHg0ODAlN0MxMjgweDcyMCU3QzE5MjB4MTA4MCU3QzQwMHgzMDAmY3VzdF9wYXJhbXM9ZHNtY20lM0QxJTI2ZHNkJTNEc2F1bHRzdGFyLmNvbSZnZGZwX3JlcT0xJm91dHB1dD12YXN0JnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0PTEmZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPTI1MTY5NSZnZHByPTAmZ2Rwcl9jb25zZW50PSZ1c19wcml2YWN5PQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:45 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 3113 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21874155133%2C3081%2F22507_4953036709&description_url=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&tfcd=0&npa=0&sz=640x480%7C1280x720%7C1920x1080%7C400x300&cust_params=dsmcm%3D1%26dsd%3Dsaultstar.com&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2461245394131400&gdpr=0&gdpr_consent&us_privacy&vpa=auto&vpmute=1&sdkv=h.3.609.1&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=549016916&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&media_url=https%3A%2F%2Fa.jsrdn.com%2Fvplayer-parallel%2F20230925_2337%2Fima_html5%2Fminimal.mp4&sid=0E908E73-9AD9-4CD8-9659-3B586557A1D6&nel=0&eid=44772139%2C44777649%2C44781409%2C44801480%2C44804291%2C44806733&ref=https%3A%2F%2Fwww.saultstar.com%2F&url=https%3A%2F%2Fwww.saultstar.com%2F&dt=1703154225489&scor=267135304659293&ged=ve4_td0_tt0_pd0_la0_er0.0.154.300_vi0.0.317.564_vp100_eb24427
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:45 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AA6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4102868849806&version=m202309260101&ct=76&x=13&cor=9652634306557070000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 3113 		0
0
index.html
a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/ Frame 5CFF 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6395e8bd3c20d6fa5091a8aa3115a117c563df4de3d633ddd3ac29c850ad7a82

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
akamai-cache-status
Hit from child
akamai-grn
0.9d7d1302.1703154225.422e2629
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cache-control
max-age=32778
content-encoding
gzip
content-length
7092
content-type
text/html
date
Thu, 21 Dec 2023 10:23:45 GMT
etag
"6cc843f2b3e98f70da2d0b2c3180f82c"
expires
Thu, 21 Dec 2023 19:30:03 GMT
last-modified
Mon, 25 Sep 2023 23:38:10 GMT
quic-version
0x00000001
server
AmazonS3
vary
Accept-Encoding
x-amz-id-2
ohgobox6XKbaLHaupLxaHeCylkqayTpGuYqwuunP0jEzSkJw1sEtlDbKOrMwYHckcs5uhXb88iU=
x-amz-request-id
SNCRERG6BQ03Y1EM
x-amz-server-side-encryption
AES256
x-amz-version-id
yTs1LCmDwj3VOL.X_ikp7RjZcEdsAfWk
csi
csi.gstatic.com/ Frame 3113 		0
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5CFF 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.jsrdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Thu, 21 Dec 2023 10:23:45 GMT
minimal.mp4
a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/ Frame 5CFF 		843 B
873 B 		Media
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/minimal.mp4
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

quic-version
0x00000001
x-amz-version-id
YutMv6I3oJyM1Gkwh5ebWbrhOB6c6G2Q
date
Thu, 21 Dec 2023 10:23:45 GMT
akamai-cache-status
Hit from child
x-amz-request-id
GCS2V7RVHNZDG9CZ
akamai-grn
0.9d7d1302.1703154225.422e265d
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-842/843
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
843
x-amz-id-2
QllXZEQ+Zk1tcWXJLrYOPoANA9Xt6EAquXqBRY0/aaRunh3LkpN5Av8jMlAEqGyazOO3MJQ/7Xg=
last-modified
Mon, 25 Sep 2023 23:38:11 GMT
server
AmazonS3
etag
"fb62001afaa95ed461f35992d7431867"
content-type
video/mp4
cache-control
max-age=14377
accept-ranges
bytes
expires
Thu, 21 Dec 2023 14:23:22 GMT
bridge3.609.1_en.html
imasdk.googleapis.com/js/core/ Frame AC1E 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a.jsrdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
494953
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245986
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 16:54:33 GMT
expires
Sat, 14 Dec 2024 16:54:33 GMT
last-modified
Fri, 15 Dec 2023 16:47:56 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 5CFF 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.jsrdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 10:23:46 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/control/ Frame 4D62 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/control/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:33:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 21 Dec 2023 10:33:16 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=hd1h&k=ZQl3YQlhCTM5NDMJZAlldS13ZXN0LTFiCWgJaS0wMzJjMzMzMTFjZDJjYmU5MQl1CTVkYzU0Nzc1LTU5OGUtNDJkZi1iOTVmLTI1M2VkOWM4OTU4ZQl2CTI4MjQwMzE3LTA0YTItNDI2NS1iOTNjLTRkODVlN2NkYTg3Yglzdglqc3Jkbgl2bAkyMDIzMTIyMS4wOTUwCXZ0CTIwMjMxMjIxLjA5NTAJdnMJMjAyMzEwMDQJdmMJMjAyMzAxMjA1CXN0CTIwMjMxMjIxLjEwMjM0MglpCTQ1Zjc4ZDZiLTc0MjctNGViYS1hMWUzLTZmYWJmNzZhZjIxNAlmCWh0dHBzOi8vd3d3LnNhdWx0c3Rhci5jb20vbmV3cy90aGVzc2Fsb24tYmFuZC1vZmZpY2UtYmxvY2tpbmctZWxlY3Rpb24tYXBwZWFsLXByb2Nlc3Mtb2ZmaWNpYWxzLXNheQlxCTIzYWFhZmM0LTM0NDgtNGVkMy1hMmI3LTRlNWNlNTEyNTEzNgltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNTczNwljCTU3OTIJbAkxNDg0MAl6CTE0MDM2CXMJNTc2MAlwCTIyNTA3CXcJbmV3cwljcwlJQUIxMgljegkJZ2MJQ0gJZ3IJTFUJZ3QJbHVjZXJuZQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJc2F1bHRzdGFyLmNvbQlzZQk2MjQzMTk3MDA5CW1jCTMwODEJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQl2cAkxCXZnCXByCWNpCWI1ZDZhZTdlLWI3MzMtZjQzMC0zOWExLTRlZTA2NGQwODJiOQljcAlnZwl2dgkyMDIzMDkyNV8yMzM3OmltYV9odG1sNTozLjYwOS4xCXd0CTY1MglhZFRhZwkvL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS8zNDIzMDEwOSwzMDgxLzIyNTA3Xzg4NTgwNjk4OTcmZGVzY3JpcHRpb25fdXJsPWh0dHBzJTNBJTJGJTJGd3d3LnNhdWx0c3Rhci5jb20lMkZuZXdzJTJGdGhlc3NhbG9uLWJhbmQtb2ZmaWNlLWJsb2NraW5nLWVsZWN0aW9uLWFwcGVhbC1wcm9jZXNzLW9mZmljaWFscy1zYXkmdGZjZD0wJm5wYT0wJnN6PTY0MHg0ODAlN0MxMjgweDcyMCU3QzE5MjB4MTA4MCU3QzQwMHgzMDAmY3VzdF9wYXJhbXM9ZHNtY20lM0QxJTI2ZHNkJTNEc2F1bHRzdGFyLmNvbSZnZGZwX3JlcT0xJm91dHB1dD12YXN0JnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0PTEmZW52PXZwJmltcGw9cyZjb3JyZWxhdG9yPTU0MzYxOSZnZHByPTAmZ2Rwcl9jb25zZW50PSZ1c19wcml2YWN5PQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame AC1E 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F34230109%2C3081%2F22507_8858069897&description_url=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&tfcd=0&npa=0&sz=640x480%7C1280x720%7C1920x1080%7C400x300&cust_params=dsmcm%3D1%26dsd%3Dsaultstar.com&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4194220351888683&gdpr=0&gdpr_consent&us_privacy&vpa=auto&vpmute=1&sdkv=h.3.609.1&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=549016916&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&media_url=https%3A%2F%2Fa.jsrdn.com%2Fvplayer-parallel%2F20230925_2337%2Fima_html5%2Fminimal.mp4&sid=75470718-BD78-455E-B818-7B24D222CDEE&nel=0&eid=44768716%2C44772139%2C44777649%2C44781409%2C44804291%2C44806075&ref=https%3A%2F%2Fwww.saultstar.com%2F&url=https%3A%2F%2Fwww.saultstar.com%2F&dt=1703154226089&scor=2610077909262314&ged=ve4_td0_tt0_pd0_la0_er0.0.154.300_vi0.0.317.564_vp100_eb24427
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame AC1E 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lqf21vgn&c=4820757911292&slotId=2410378955646&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pblib.min.js
a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/ Frame DA07 		368 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8ed5a17cc40a3e61b27ffc7085528079e8c2591633b0433ca7ae3fdee18cc30

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 22 Dec 2023 06:08:11 GMT
x-amz-version-id
N2rhRmpluJJr8dne7Zwm5odAsuj70Rdj
content-encoding
gzip
date
Thu, 21 Dec 2023 10:23:46 GMT
akamai-cache-status
Hit from child
x-amz-request-id
9Z6Y386EV47N1F92
akamai-grn
0.9d7d1302.1703154226.422e289e
x-amz-server-side-encryption
AES256
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
117939
x-amz-id-2
s0Fmu4m5lGW3x977DjdsW369AYVd8g02hsxPWB207eg2l6oP3EHgnJNRyk8GeqxpN2HBBiHIPt8=
last-modified
Mon, 25 Sep 2023 23:37:33 GMT
server
AmazonS3
etag
"91adb5acce8739f457d0f760e6a9193c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=71065
accept-ranges
bytes
quic-version
0x00000001
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame DA07 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Thu, 21 Dec 2023 10:23:46 GMT
191231-96143263832481.js
js-sec.indexww.com/ht/p/ Frame DA07 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/191231-96143263832481.js
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37f9b8c4f451c35a6bfa6f0053259ee5b69287dc9fc8b2fe366b7d25d312f1d9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 10:15:36 GMT
server
cloudflare
age
409
etag
W/"905900-7e27-60d026177336b"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
838f695a98fa01fc-ZRH
expires
Thu, 21 Dec 2023 14:23:46 GMT
minimal.mp4
a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/ Frame DA07 		843 B
877 B 		Media
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/minimal.mp4
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://www.saultstar.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

quic-version
0x00000001
x-amz-version-id
a5770JiD4onMVIXMo5lps_CnGxMPdeDf
date
Thu, 21 Dec 2023 10:23:46 GMT
akamai-cache-status
Hit from child
x-amz-request-id
9Z6X1M2VQ1EDYZJH
akamai-grn
0.9d7d1302.1703154226.422e28fc
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-842/843
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
843
x-amz-id-2
EG6uiMhuTz4iUH4FhnFQMHN+SX6pwi+2ZTWANboIoq0rJ0jP1PSWs3kv7V1PpO8XW9AR/YKgNXU=
last-modified
Mon, 25 Sep 2023 23:37:31 GMT
server
AmazonS3
etag
"fb62001afaa95ed461f35992d7431867"
content-type
video/mp4
cache-control
max-age=43794
accept-ranges
bytes
expires
Thu, 21 Dec 2023 22:33:40 GMT
bridge3.609.1_en.html
imasdk.googleapis.com/js/core/ Frame 5B81 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
494953
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245986
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 16:54:33 GMT
expires
Sat, 14 Dec 2024 16:54:33 GMT
last-modified
Fri, 15 Dec 2023 16:47:56 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame DA07 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 10:23:46 GMT
p22507-ds-desktop-os.json
a.jsrdn.com/prebid/tags/os/ Frame DA07 		11 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/prebid/tags/os/p22507-ds-desktop-os.json?aca=1&env.sd=saultstar.com&env.gc=CH&env.se=6243197009
Requested by
Host: www.saultstar.com
URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21241841fbfd49cf25d514ba29086ad36330dc7e2f1cf42be9c93e81b250877f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 22 Dec 2023 09:45:36 GMT
x-amz-version-id
pcGe5V1Dux5RrAwEHCMNOmGYIFOSpAj0
content-encoding
gzip
date
Thu, 21 Dec 2023 10:23:46 GMT
akamai-cache-status
Hit from child
x-amz-request-id
5S6MJSVEEXJ7WZJY
akamai-grn
0.9d7d1302.1703154226.422e2909
x-amz-server-side-encryption
AES256
akamai-mon-iucid-del
1543115
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1461
x-amz-id-2
GKFLC52rFH0epU68D/eGF/cK7RNHynILp9/yZeoObSTJg/PnjNczazZU7Ask+hfJ/cdtomKqQN4=
last-modified
Thu, 21 Dec 2023 09:42:42 GMT
server
AmazonS3
etag
"871f230b1ad5a54a6f3210231e0d51a0"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-max-age
3600
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
access-control-allow-methods
GET, HEAD
cache-control
max-age=84110
access-control-allow-credentials
true
accept-ranges
bytes
quic-version
0x00000001
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F0E0 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2122
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 21 Dec 2023 10:48:24 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=ubuc&k=ZQl3YQlhCTQ0MDgJZAlldS13ZXN0LTFiCWgJaS0wMzJjMzMzMTFjZDJjYmU5MQl1CTVkYzU0Nzc1LTU5OGUtNDJkZi1iOTVmLTI1M2VkOWM4OTU4ZQl2CTI4MjQwMzE3LTA0YTItNDI2NS1iOTNjLTRkODVlN2NkYTg3Yglzdglqc3Jkbgl2bAkyMDIzMTIyMS4wOTUwCXZ0CTIwMjMxMjIxLjA5NTAJdnMJMjAyMzEwMDQJdmMJMjAyMzAxMjA1CXN0CTIwMjMxMjIxLjEwMjM0MglpCTQ1Zjc4ZDZiLTc0MjctNGViYS1hMWUzLTZmYWJmNzZhZjIxNAlmCWh0dHBzOi8vd3d3LnNhdWx0c3Rhci5jb20vbmV3cy90aGVzc2Fsb24tYmFuZC1vZmZpY2UtYmxvY2tpbmctZWxlY3Rpb24tYXBwZWFsLXByb2Nlc3Mtb2ZmaWNpYWxzLXNheQlxCTIzYWFhZmM0LTM0NDgtNGVkMy1hMmI3LTRlNWNlNTEyNTEzNgltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNTczNwljCTU3OTIJbAkxNDg0MAl6CTE0MDM2CXMJNTc2MAlwCTIyNTA3CXcJbmV3cwljcwlJQUIxMgljegkJZ2MJQ0gJZ3IJTFUJZ3QJbHVjZXJuZQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJc2F1bHRzdGFyLmNvbQlzZQk2MjQzMTk3MDA5CW1jCTMwODEJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQl2cAkxCXZnCXByCWNpCTQzNmY2NjM2LTViYWYtZjAzMS00ZDllLWE2NWQ5MzE0MGRiMwljcAl0ZAl2dgkyMDIzMDkyNV8yMzM3OnBkMV9odG1sNTozLjYwOS4xCXd0CTcwOQlhZFRhZwkvL2EuanNyZG4uY29tL3ByZWJpZC90YWdzL29zL3AyMjUwNy1kcy1kZXNrdG9wLW9zLmpzb24_YWNhPTEmZW52LnNkPXNhdWx0c3Rhci5jb20mZW52LmdjPUNIJmVudi5zZT02MjQzMTk3MDA5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame DA07 		35 B
611 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=842213
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d72f06af0711b02ad85c651465a9b3a66d6c38565ccde841667b881f28dbe49c

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGeZJoOGdPyhMYEXHdYGa4ROJVQRyUtOdL4p6M6bMVzmGfQAQr3PDHSRwJX80meNRPc%2FCT%2BE%2BWlyE9vHxeH6yG3tZPgd3eWAvI9UAIKyx8B51ZANOzDgPWDddlw%2F92omIYbD%2B%2FuB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
838f695b8e9801e7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
35
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame DA07 		184 B
473 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
7b95d72059f05e99ab9cf49c9cb4284e87582df8ff9e6a90bd81dd5fa8ae92c0

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.5.0
Content-Type
application/json
access-control-allow-origin
https://www.saultstar.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
prebidjs
rtb.openx.net/openrtbb/ Frame DA07 		53 B
95 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/pd1_html5/pblib.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
156e7137e9f6b6117203c6436ff137e0873a0dc929dbf3dc55428eb9ddc5a9bf

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=902p&k=ZQl3d2EJYQk0NDIyCWQJZXUtd2VzdC0xYgloCWktMDMyYzMzMzExY2QyY2JlOTEJdQk1ZGM1NDc3NS01OThlLTQyZGYtYjk1Zi0yNTNlZDljODk1OGUJdgkyODI0MDMxNy0wNGEyLTQyNjUtYjkzYy00ZDg1ZTdjZGE4N2IJc3YJanNyZG4JdmwJMjAyMzEyMjEuMDk1MAl2dAkyMDIzMTIyMS4wOTUwCXZzCTIwMjMxMDA0CXZjCTIwMjMwMTIwNQlzdAkyMDIzMTIyMS4xMDIzNDIJaQk0NWY3OGQ2Yi03NDI3LTRlYmEtYTFlMy02ZmFiZjc2YWYyMTQJZglodHRwczovL3d3dy5zYXVsdHN0YXIuY29tL25ld3MvdGhlc3NhbG9uLWJhbmQtb2ZmaWNlLWJsb2NraW5nLWVsZWN0aW9uLWFwcGVhbC1wcm9jZXNzLW9mZmljaWFscy1zYXkJcQkyM2FhYWZjNC0zNDQ4LTRlZDMtYTJiNy00ZTVjZTUxMjUxMzYJbQkyMjM0MgliCTI2MglnCTQxMAl0CTU3MzcJYwk1NzkyCWwJMTQ4NDAJegkxNDAzNglzCTU3NjAJcAkyMjUwNwl3CW5ld3MJY3MJSUFCMTIJY3oJCWdjCUNICWdyCUxVCWd0CWx1Y2VybmUJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCXNhdWx0c3Rhci5jb20Jc2UJNjI0MzE5NzAwOQltYwkzMDgxCW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JMzkyOQl2bgkyNTg2Njg5CWh2CTEJdnAJMQl2ZwlwcgljaQk0MzZmNjYzNi01YmFmLWYwMzEtNGQ5ZS1hNjVkOTMxNDBkYjMJY3AJdGQJdnYJMjAyMzA5MjVfMjMzNzpwZDFfaHRtbDU6My42MDkuMQl3dAk3MDkJd3dhCWJpZGRlcjppeC1vc3xydWJpY29uLW9zfG9wZW54LW9zCWFkVGFnCS8vYS5qc3Jkbi5jb20vcHJlYmlkL3RhZ3Mvb3MvcDIyNTA3LWRzLWRlc2t0b3Atb3MuanNvbj9hY2E9MSZlbnYuc2Q9c2F1bHRzdGFyLmNvbSZlbnYuZ2M9Q0gmZW52LnNlPTYyNDMxOTcwMDk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=7vam&k=ZQl3d2gJYQk0NTQwCWQJZXUtd2VzdC0xYgloCWktMDMyYzMzMzExY2QyY2JlOTEJdQk1ZGM1NDc3NS01OThlLTQyZGYtYjk1Zi0yNTNlZDljODk1OGUJdgkyODI0MDMxNy0wNGEyLTQyNjUtYjkzYy00ZDg1ZTdjZGE4N2IJc3YJanNyZG4JdmwJMjAyMzEyMjEuMDk1MAl2dAkyMDIzMTIyMS4wOTUwCXZzCTIwMjMxMDA0CXZjCTIwMjMwMTIwNQlzdAkyMDIzMTIyMS4xMDIzNDIJaQk0NWY3OGQ2Yi03NDI3LTRlYmEtYTFlMy02ZmFiZjc2YWYyMTQJZglodHRwczovL3d3dy5zYXVsdHN0YXIuY29tL25ld3MvdGhlc3NhbG9uLWJhbmQtb2ZmaWNlLWJsb2NraW5nLWVsZWN0aW9uLWFwcGVhbC1wcm9jZXNzLW9mZmljaWFscy1zYXkJcQkyM2FhYWZjNC0zNDQ4LTRlZDMtYTJiNy00ZTVjZTUxMjUxMzYJbQkyMjM0MgliCTI2MglnCTQxMAl0CTU3MzcJYwk1NzkyCWwJMTQ4NDAJegkxNDAzNglzCTU3NjAJcAkyMjUwNwl3CW5ld3MJY3MJSUFCMTIJY3oJCWdjCUNICWdyCUxVCWd0CWx1Y2VybmUJZ2QJZmFsc2UJZ24JQ29ycG9yYXRlCW5lCWl2CW5kCWl2CXNkCXNhdWx0c3Rhci5jb20Jc2UJNjI0MzE5NzAwOQltYwkzMDgxCW5mCWl2CXFwCTUwCXF0CTI1MDAJcG4JMzkyOQl2bgkyNTg2Njg5CWh2CTEJdnAJMQl2ZwlwcgljaQk0MzZmNjYzNi01YmFmLWYwMzEtNGQ5ZS1hNjVkOTMxNDBkYjMJY3AJdGQJdnYJMjAyMzA5MjVfMjMzNzpwZDFfaHRtbDU6My42MDkuMQl3dAk3MDkJd3doCWJpZGRlcjpub25lLGNwbTowCWFkVGFnCS8vYS5qc3Jkbi5jb20vcHJlYmlkL3RhZ3Mvb3MvcDIyNTA3LWRzLWRlc2t0b3Atb3MuanNvbj9hY2E9MSZlbnYuc2Q9c2F1bHRzdGFyLmNvbSZlbnYuZ2M9Q0gmZW52LnNlPTYyNDMxOTcwMDk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
index.html
a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/ Frame EBFD 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6395e8bd3c20d6fa5091a8aa3115a117c563df4de3d633ddd3ac29c850ad7a82

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
akamai-cache-status
Hit from child
akamai-grn
0.9d7d1302.1703154226.422e2a37
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cache-control
max-age=32777
content-encoding
gzip
content-length
7092
content-type
text/html
date
Thu, 21 Dec 2023 10:23:46 GMT
etag
"6cc843f2b3e98f70da2d0b2c3180f82c"
expires
Thu, 21 Dec 2023 19:30:03 GMT
last-modified
Mon, 25 Sep 2023 23:38:10 GMT
quic-version
0x00000001
server
AmazonS3
vary
Accept-Encoding
x-amz-id-2
ohgobox6XKbaLHaupLxaHeCylkqayTpGuYqwuunP0jEzSkJw1sEtlDbKOrMwYHckcs5uhXb88iU=
x-amz-request-id
SNCRERG6BQ03Y1EM
x-amz-server-side-encryption
AES256
x-amz-version-id
yTs1LCmDwj3VOL.X_ikp7RjZcEdsAfWk
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=2ruk&k=ZQl3ZQlhCTQ1NDEJZAlldS13ZXN0LTFiCWgJaS0wMzJjMzMzMTFjZDJjYmU5MQl1CTVkYzU0Nzc1LTU5OGUtNDJkZi1iOTVmLTI1M2VkOWM4OTU4ZQl2CTI4MjQwMzE3LTA0YTItNDI2NS1iOTNjLTRkODVlN2NkYTg3Yglzdglqc3Jkbgl2bAkyMDIzMTIyMS4wOTUwCXZ0CTIwMjMxMjIxLjA5NTAJdnMJMjAyMzEwMDQJdmMJMjAyMzAxMjA1CXN0CTIwMjMxMjIxLjEwMjM0MglpCTQ1Zjc4ZDZiLTc0MjctNGViYS1hMWUzLTZmYWJmNzZhZjIxNAlmCWh0dHBzOi8vd3d3LnNhdWx0c3Rhci5jb20vbmV3cy90aGVzc2Fsb24tYmFuZC1vZmZpY2UtYmxvY2tpbmctZWxlY3Rpb24tYXBwZWFsLXByb2Nlc3Mtb2ZmaWNpYWxzLXNheQlxCTIzYWFhZmM0LTM0NDgtNGVkMy1hMmI3LTRlNWNlNTEyNTEzNgltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNTczNwljCTU3OTIJbAkxNDg0MAl6CTE0MDM2CXMJNTc2MAlwCTIyNTA3CXcJbmV3cwljcwlJQUIxMgljegkJZ2MJQ0gJZ3IJTFUJZ3QJbHVjZXJuZQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJc2F1bHRzdGFyLmNvbQlzZQk2MjQzMTk3MDA5CW1jCTMwODEJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQl2cAkxCXZnCXByCWNpCTQzNmY2NjM2LTViYWYtZjAzMS00ZDllLWE2NWQ5MzE0MGRiMwljcAl0ZAl2dgkyMDIzMDkyNV8yMzM3OnBkMV9odG1sNTozLjYwOS4xCXd0CTcwOQl3ZQlbd2VdIGVycm9yOk5vIHZhbGlkIGJpZHMgcmVjZWl2ZWQJYWRUYWcJLy9hLmpzcmRuLmNvbS9wcmViaWQvdGFncy9vcy9wMjI1MDctZHMtZGVza3RvcC1vcy5qc29uP2FjYT0xJmVudi5zZD1zYXVsdHN0YXIuY29tJmVudi5nYz1DSCZlbnYuc2U9NjI0MzE5NzAwOQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
envelope
lexicon.33across.com/v1/ 		49 B
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&gdpr=0&src=pbjs&ver=8.23.0&coppa=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
beacon
ap.lijit.com/ Frame 7903 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13402707
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
86ccd74d72ddfde5285cf54118621f3d9952c3804f77f108c5917e44e9f60857

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
1062
Content-Type
text/html
Date
Thu, 21 Dec 2023 10:23:46 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap6ams1
usync.html
eus.rubiconproject.com/ Frame 953A 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Dec 2023 10:23:46 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1D73 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=165445
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 21 Dec 2023 10:23:46 GMT
expires
Sat, 23 Dec 2023 08:21:11 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 9A61 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
188
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
838f695c5bd601fc-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 21 Dec 2023 10:23:46 GMT
expires
Thu, 21 Dec 2023 14:23:46 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 926A 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2012%2C2034%2C2033%2C2055%2C172%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C237%2C459%2C70%2C97%2C55%2C77%2C2023%2C2022%2C3012%2C262%2C461%2C244%2C201%2C2039%2C246%2C4%2C203%2C326%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
12ee0ac36f750e7fc45b846f57ed8257ab1c0711de18649a3848d92d6bb23335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8364
content-type
text/html; charset=UTF-8
date
Thu, 21 Dec 2023 10:23:46 GMT
expires
Sat, 23 Dec 2023 10:23:46 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
postmedia-d.openx.net/w/1.0/ Frame 21D1 		967 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://postmedia-d.openx.net/w/1.0/pd
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b874fd980c44f48cae413f6d415eb57528e3faa2f898a53d2fdefcb98eb2e8c3

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
544
content-type
text/html
date
Thu, 21 Dec 2023 10:23:46 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6256 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
17528
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 21 Dec 2023 10:23:46 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
337, 60075
X-Served-By
cache-lga13626-LGA, cache-mxp6968-MXP
X-Timer
S1703154227.675650,VS0,VE0
generic
match.adsrvr.org/track/cmf/ 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
server
Kestrel
content-length
70
content-type
image/gif
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://cs.admanmedia.com/c01d0246d79eba64b8a7cca07e5b7dc7.gif?puid=cfe797c9-3bde-40a0-be4b-5152f6c16709&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DqU...
  • https://match.sharethrough.com/sync/v1?source_id=qUVJTHutDLcyGRS8xfsW2M4g&source_user_id=7d15ccd1-17f2-4e59-a227-d95803d49e1c&gdpr=0&gdpr_consent=
0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=qUVJTHutDLcyGRS8xfsW2M4g&source_user_id=7d15ccd1-17f2-4e59-a227-d95803d49e1c&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.58.18.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-18-253.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:47 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:46 GMT
Server
nginx
Location
https://match.sharethrough.com/sync/v1?source_id=qUVJTHutDLcyGRS8xfsW2M4g&source_user_id=7d15ccd1-17f2-4e59-a227-d95803d49e1c&gdpr=0&gdpr_consent=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=5148106858807832576
0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=5148106858807832576
Protocol
H2
Server
52.58.18.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-18-253.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
an-x-request-uuid
4650e861-ffe9-4915-ab49-67127d9673b3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=5148106858807832576
x-proxy-origin
176.10.106.9; 176.10.106.9; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame EBFD 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.jsrdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Thu, 21 Dec 2023 10:23:46 GMT
minimal.mp4
a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/ Frame EBFD 		843 B
876 B 		Media
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/minimal.mp4
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

quic-version
0x00000001
x-amz-version-id
YutMv6I3oJyM1Gkwh5ebWbrhOB6c6G2Q
date
Thu, 21 Dec 2023 10:23:46 GMT
akamai-cache-status
Hit from child
x-amz-request-id
GCS2V7RVHNZDG9CZ
akamai-grn
0.9d7d1302.1703154226.422e2a60
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-842/843
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
843
x-amz-id-2
QllXZEQ+Zk1tcWXJLrYOPoANA9Xt6EAquXqBRY0/aaRunh3LkpN5Av8jMlAEqGyazOO3MJQ/7Xg=
last-modified
Mon, 25 Sep 2023 23:38:11 GMT
server
AmazonS3
etag
"fb62001afaa95ed461f35992d7431867"
content-type
video/mp4
cache-control
max-age=14376
accept-ranges
bytes
expires
Thu, 21 Dec 2023 14:23:22 GMT
pixel
cm.g.doubleclick.net/ Frame 7903
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SDI0dnVQWkhZNnNiUlRuSFNfQ2NkQmZR&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SDI0dnVQWkhZNnNiUlRuSFNfQ2NkQmZR&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 21 Dec 2023 10:23:46 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SDI0dnVQWkhZNnNiUlRuSFNfQ2NkQmZR&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame 7903
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:46 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame 7903
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=OPU3c6c278813bc4cdea7a6462599ad9b93&gdpr=0&gdpr_consent=&pid=103
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=OPU3c6c278813bc4cdea7a6462599ad9b93&gdpr=0&gdpr_consent=&pid=103
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:46 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ce.lijit.com/merge?3pid=OPU3c6c278813bc4cdea7a6462599ad9b93&gdpr=0&gdpr_consent=&pid=103
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
131
expires
Mon, 01 Jan 1990 00:00:00 GMT
merge
ap.lijit.com/ Frame 7903
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=6584122D2DAB8414788550E8BLIS&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/merge?pid=94&3pid=6584122D2DAB8414788550E8BLIS&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:46 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ap.lijit.com/merge?pid=94&3pid=6584122D2DAB8414788550E8BLIS&gdpr=0&gdpr_consent=
date
Thu, 21 Dec 2023 10:23:46 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 7903
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=9da368c1-8ea5-4617-a99a-fd2fcfeae893&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=f01d5a6e-8214-490c-8e61-0954ecef49c3&gdpr=&gdpr_consent=&us_privacy=
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=f01d5a6e-8214-490c-8e61-0954ecef49c3&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:47 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

location
//ce.lijit.com/merge?pid=26&3pid=f01d5a6e-8214-490c-8e61-0954ecef49c3&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 21 Dec 2023 10:23:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
merge
ce.lijit.com/ Frame 7903
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=y9bdgjZml1fN&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=y9bdgjZml1fN&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:46 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://ce.lijit.com/merge?pid=49&3pid=y9bdgjZml1fN&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-db744d8c7-dz6jq
expires
-1
did=6aa2cf85-e4c2-5567-a579-204435430218KrushID=6aa2cf85-e4c2-5567-a579-204435430218
www.getpublica.com/usermatch/ Frame 7903
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://getpublica.com/usermatch/did=6aa2cf85-e4c2-5567-a579-204435430218KrushID=6aa2cf85-e4c2-5567-a579-204435430218
  • https://www.getpublica.com/usermatch/did=6aa2cf85-e4c2-5567-a579-204435430218KrushID=6aa2cf85-e4c2-5567-a579-204435430218
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.getpublica.com/usermatch/did=6aa2cf85-e4c2-5567-a579-204435430218KrushID=6aa2cf85-e4c2-5567-a579-204435430218
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
H2
Server
34.249.200.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-200-254.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

location
https://www.getpublica.com/usermatch/did=6aa2cf85-e4c2-5567-a579-204435430218KrushID=6aa2cf85-e4c2-5567-a579-204435430218
date
Thu, 21 Dec 2023 10:23:47 GMT
content-length
166
content-type
text/html
ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame 7903 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame 7903
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=5148106858807832576&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=5148106858807832576&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:46 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
an-x-request-uuid
fd706db0-647c-40a4-878e-ee7cc34102ba
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ce.lijit.com/merge?pid=92&3pid=5148106858807832576&gdpr=0&gdpr_consent=
x-proxy-origin
176.10.106.9; 176.10.106.9; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 7903
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LQF21RQD-T-B1QW&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LQF21RQD-T-B1QW&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:46 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LQF21RQD-T-B1QW&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5e091a4bda7cb1b96cf60040ae4e8596
Expires
0
merge
ce.lijit.com/ Frame 7903
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=z3C_H8h3tU_UIOFKzieqSZh3sRLUcr4SwXL4fEkd
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=z3C_H8h3tU_UIOFKzieqSZh3sRLUcr4SwXL4fEkd
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:46 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=z3C_H8h3tU_UIOFKzieqSZh3sRLUcr4SwXL4fEkd
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 7903
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LQF21RQD-T-B1QW&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQF21RQD-T-B1QW&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LQF21RQD-T-B1QW&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
eea754ae2ea80a3b4eb2fcf35349058a
Expires
0
merge
ce.lijit.com/ Frame 7903
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1703154226628&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=7DD430A8B53B4C809DD734663E0CCC03
0
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=7DD430A8B53B4C809DD734663E0CCC03
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:46 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

date
Thu, 21 Dec 2023 10:23:46 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=7DD430A8B53B4C809DD734663E0CCC03
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 20 Dec 2023 10:23:46 GMT
generic
data.adsrvr.org/track/cmf/ Frame 7903 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
server
Kestrel
content-length
70
content-type
image/gif
merge
ce.lijit.com/ Frame 7903
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1703154226905
  • https://ad.turn.com/r/cs?pid=45&rndcb=5736065238
  • https://sync.1rx.io/usersync/turn/8170217125147634428?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-1e47fa13-08a2-46b9-8e53-fd58209a9b7a-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-1e47fa13-08a2-46b9-8e53-fd58209a9b7a-003
  • https://ce.lijit.com/merge?pid=97&3pid=RX-1e47fa13-08a2-46b9-8e53-fd58209a9b7a-003
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-1e47fa13-08a2-46b9-8e53-fd58209a9b7a-003
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:47 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

location
https://ce.lijit.com/merge?pid=97&3pid=RX-1e47fa13-08a2-46b9-8e53-fd58209a9b7a-003
date
Thu, 21 Dec 2023 10:23:47 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1e47fa1308a246b98e53fd58209a9b7a003
content-type
text/html
dot.gif
s0.2mdn.net/ Frame 7903
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SDI0dnVQWkhZNnNiUlRuSFNfQ2NkQmZR&gdpr=0
  • https://s0.2mdn.net/dot.gif?gdpr=0
43 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
H3
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:42:27 GMT
x-content-type-options
nosniff
age
49279
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 20:42:27 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 7903
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=H24vuPZHY6sbRTnHS_CcdBfQ&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:8b265751633741c747cda48647c16948
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:8b265751633741c747cda48647c16948
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:47 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

date
Thu, 21 Dec 2023 10:23:47 GMT
server
Aorta/20231219.0f0182a99
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:8b265751633741c747cda48647c16948
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
c71a6e46d04c
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame 7903
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=a6c3e51b-5aaa-4810-a384-25f0c2621ff4
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=a6c3e51b-5aaa-4810-a384-25f0c2621ff4
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:46 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=a6c3e51b-5aaa-4810-a384-25f0c2621ff4
Date
Thu, 21 Dec 2023 10:23:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame 953A 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
baebdfcea04cb3ef643935edd933754294f292f44426f3f4b015053ca749c288

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 10:23:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Dec 2023 19:16:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31991
Connection
keep-alive
Content-Length
13201
Expires
Thu, 21 Dec 2023 19:16:57 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A3A8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.saultstar.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48df530b5926b5d54ac2434d9de70ddc96c9f1d5a03d0efbc104f40511b93f34

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
838f695cc89601e7-ZRH
content-encoding
br
content-type
text/html
date
Thu, 21 Dec 2023 10:23:46 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSVsdzTV%2FzaZ8KDh41CyBahVXYMQyP63xk6eOe3oqMHzTeiS09FQXq1cyrgUjspPWR%2BJlF7rTJ3t0jF0DVeCTBo%2BdVNlL2MhQnh62xNwDtcKsYweW2jQLY%2B8Rx2mU%2Fs5T9KxG2FD%2FoKggA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sd
us-u.openx.net/w/1.0/ Frame 21D1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZYQSMgAIje0DIQBU
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZYQSMgAIje0DIQBU&_test=ZYQSMgAIje0DIQBU
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZYQSMgAIje0DIQBU&_test=ZYQSMgAIje0DIQBU
Requested by
Host: postmedia-d.openx.net
URL: https://postmedia-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://postmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mxp6921-MXP
pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1703154227.861854,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZYQSMgAIje0DIQBU&_test=ZYQSMgAIje0DIQBU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
6
tr.blismedia.com/v1/dpusync/ Frame 21D1
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/openx
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=6584122D2DAB8414788550E8BLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D6584122D2DAB84147885...
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=6584122D2DAB8414788550E8BLIS
  • https://pixel.rubiconproject.com/exchange/sync.php?p=blismedia
  • https://tr.blismedia.com/v1/dpusync/6?uid=LQF21RQD-T-B1QW
49 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/dpusync/6?uid=LQF21RQD-T-B1QW
Requested by
Host: postmedia-d.openx.net
URL: https://postmedia-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://postmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
cache-control
no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://tr.blismedia.com/v1/dpusync/6?uid=LQF21RQD-T-B1QW
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
579d6dd278f76ae39d067788043e4297
Expires
0
ox
match.prod.bidr.io/cookie-sync/ Frame 21D1 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ox
Requested by
Host: postmedia-d.openx.net
URL: https://postmedia-d.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.76.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-76-92.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://postmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:46 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 21D1
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=38c4d4ef496a159e&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAI7GvJ3IcojgNq4cSKAAAAAAA&expiration=1703240626&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAI7GvJ3IcojgNq4cSKAAAAAAA&expiration=1703240626&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: postmedia-d.openx.net
URL: https://postmedia-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://postmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAI7GvJ3IcojgNq4cSKAAAAAAA&expiration=1703240626&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame 21D1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=MIBurtXwXfNq7otgA4NejrAKagk
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=MIBurtXwXfNq7otgA4NejrAKagk
Requested by
Host: postmedia-d.openx.net
URL: https://postmedia-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://postmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=MIBurtXwXfNq7otgA4NejrAKagk
Date
Thu, 21 Dec 2023 10:23:47 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
dds
rtb.openx.net/sync/ Frame 21D1
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=HFfO4oWWimWcmgcKuYI4_w==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: postmedia-d.openx.net
URL: https://postmedia-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://postmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
57c6229a-bcbc-a102-4b39-5d4895cccf0c
pr-bh.ybp.yahoo.com/sync/openx/ Frame 21D1 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/57c6229a-bcbc-a102-4b39-5d4895cccf0c?gdpr=0
Requested by
Host: postmedia-d.openx.net
URL: https://postmedia-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:d9af:10ed:ca45:5b1a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://postmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame 21D1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dopenx%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=openx&user_id=k-4wLqfqn7W4McDctvA0SbxdxgYY_7ScnyW3ftyw&gdpr=&gdpr_consent=
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=f01d5a6e-8214-490c-8e61-0954ecef49c3&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=f01d5a6e-8214-490c-8e61-0954ecef49c3&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: postmedia-d.openx.net
URL: https://postmedia-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://postmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=f01d5a6e-8214-490c-8e61-0954ecef49c3&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 21 Dec 2023 10:23:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 21D1
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=DifhqhqJ9gQ-Tl4WO97X2V_dp4knFp5NiohxkKCJUrQ&pi=openx&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073053&val=DifhqhqJ9gQ-Tl4WO97X2V_dp4knFp5NiohxkKCJUrQ&pi=openx&gdpr=0
Requested by
Host: postmedia-d.openx.net
URL: https://postmedia-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://postmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073053&val=DifhqhqJ9gQ-Tl4WO97X2V_dp4knFp5NiohxkKCJUrQ&pi=openx&gdpr=0
pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT, Thu, 21 Dec 2023 10:23:46 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 21D1
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1Pm6SNP-sBjPqeQd1a6vHoP-tEXP-7tF2vvhe2S6
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1Pm6SNP-sBjPqeQd1a6vHoP-tEXP-7tF2vvhe2S6
Requested by
Host: postmedia-d.openx.net
URL: https://postmedia-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://postmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1Pm6SNP-sBjPqeQd1a6vHoP-tEXP-7tF2vvhe2S6
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3718 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=165445
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 21 Dec 2023 10:23:46 GMT
expires
Sat, 23 Dec 2023 08:21:11 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4EC3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=165445
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 21 Dec 2023 10:23:46 GMT
expires
Sat, 23 Dec 2023 08:21:11 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame F885 		1 KB
635 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13402707
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e6afa2c25506bf723578e6e6525240047b85298e6d156f99e9a8ee3ef88d338b

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
616
content-type
text/html
date
Thu, 21 Dec 2023 10:23:46 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync
ib.adnxs.com/ Frame 6256 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
an-x-request-uuid
5c41ff2d-321a-4145-87c3-ade1dfc781d8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.10.106.9; 176.10.106.9; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bridge3.609.1_en.html
imasdk.googleapis.com/js/core/ Frame AAF0 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a.jsrdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
494953
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245986
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 16:54:33 GMT
expires
Sat, 14 Dec 2024 16:54:33 GMT
last-modified
Fri, 15 Dec 2023 16:47:56 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame EBFD 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.jsrdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 10:23:46 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 15B0 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2122
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 21 Dec 2023 10:48:24 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=sw6c&k=ZQl3YQlhCTQ2NDYJZAlldS13ZXN0LTFiCWgJaS0wMzJjMzMzMTFjZDJjYmU5MQl1CTVkYzU0Nzc1LTU5OGUtNDJkZi1iOTVmLTI1M2VkOWM4OTU4ZQl2CTI4MjQwMzE3LTA0YTItNDI2NS1iOTNjLTRkODVlN2NkYTg3Yglzdglqc3Jkbgl2bAkyMDIzMTIyMS4wOTUwCXZ0CTIwMjMxMjIxLjA5NTAJdnMJMjAyMzEwMDQJdmMJMjAyMzAxMjA1CXN0CTIwMjMxMjIxLjEwMjM0MglpCTQ1Zjc4ZDZiLTc0MjctNGViYS1hMWUzLTZmYWJmNzZhZjIxNAlmCWh0dHBzOi8vd3d3LnNhdWx0c3Rhci5jb20vbmV3cy90aGVzc2Fsb24tYmFuZC1vZmZpY2UtYmxvY2tpbmctZWxlY3Rpb24tYXBwZWFsLXByb2Nlc3Mtb2ZmaWNpYWxzLXNheQlxCTIzYWFhZmM0LTM0NDgtNGVkMy1hMmI3LTRlNWNlNTEyNTEzNgltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNTczNwljCTU3OTIJbAkxNDg0MAl6CTE0MDM2CXMJNTc2MAlwCTIyNTA3CXcJbmV3cwljcwlJQUIxMgljegkJZ2MJQ0gJZ3IJTFUJZ3QJbHVjZXJuZQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJc2F1bHRzdGFyLmNvbQlzZQk2MjQzMTk3MDA5CW1jCTMwODEJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQl2cAkxCXZnCXByCWNpCTRlMTU1MjUxLTI3ZGEtZmVkYS1hYjBmLTJlNzU1OWRjZDE1ZQljcAlkcwl2dgkyMDIzMDkyNV8yMzM3OmltYV9odG1sNTozLjYwOS4xCXd0CTczMwlhZFRhZwkvL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS8zNDIzMDEwOSwzMDgxLzI4ODUxMDI5NDkmZGVzY3JpcHRpb25fdXJsPWh0dHBzJTNBJTJGJTJGd3d3LnNhdWx0c3Rhci5jb20lMkZuZXdzJTJGdGhlc3NhbG9uLWJhbmQtb2ZmaWNlLWJsb2NraW5nLWVsZWN0aW9uLWFwcGVhbC1wcm9jZXNzLW9mZmljaWFscy1zYXkmdGZjZD0wJm5wYT0wJnN6PTY0MHg0ODAlN0M0MDB4MzAwJmN1c3RfcGFyYW1zPWRzbWNtJTNEMSUyNmRzZCUzRHNhdWx0c3Rhci5jb20mZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmVudj12cCZpbXBsPXMmY29ycmVsYXRvcj01NjQ5ODImZ2Rwcj0wJmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mZHNrZXk9ZW5hYmxlZA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EBFD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.609.1&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44805105&id=ima_html5&c=4405000374960373&domain=www.saultstar.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.jsrdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.80.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-80-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 21 Dec 2023 10:23:46 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.80.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-80-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 21 Dec 2023 10:23:46 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
merge
ce.lijit.com/ Frame F885 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=afef9a1e-c6a4-0946-3d52-fd1b122a3d17&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:46 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F885
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=ca3a3563-b96f-0ad5-0db5-f55a9845fa79
  • https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=ca3a3563-b96f-0ad5-0db5-f55a9845fa79
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662089531975746
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662089531975746
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:47 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
28
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662089531975746
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
838f695f1dff4bf1-MXP
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame F885
Redirect Chain
  • https://dsp-ap.eskimi.com/pixelGet?ex=14&gdpr=0&dest=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539901412%26val%3D%7Bdmp_id%7D%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D
  • https://eu-u.openx.net/w/1.0/sd?id=539901412&val=6b7c0c78-ffce-47a3-a324-27a620b857fb&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=539901412&val=6b7c0c78-ffce-47a3-a324-27a620b857fb&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?id=539901412&val=6b7c0c78-ffce-47a3-a324-27a620b857fb&gdpr=0&gdpr_consent=
date
Thu, 21 Dec 2023 10:23:45 GMT
cache-control
no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
179
content-type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame F885
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=b18b99e5-cbbf-4078-a1d2-817a462357b1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=b18b99e5-cbbf-4078-a1d2-817a462357b1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=b18b99e5-cbbf-4078-a1d2-817a462357b1
Date
Thu, 21 Dec 2023 10:23:47 GMT
Connection
keep-alive
X-CI-RTID
1238ecb4-606f-4c9d-8f15-158e9804a02b
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame F885
Redirect Chain
  • https://um.simpli.fi/ox_match/gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=7DD430A8B53B4C809DD734663E0CCC03
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=7DD430A8B53B4C809DD734663E0CCC03
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 21 Dec 2023 10:23:46 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=7DD430A8B53B4C809DD734663E0CCC03
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 20 Dec 2023 10:23:46 GMT
sd
us-u.openx.net/w/1.0/ Frame F885
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sd
us-u.openx.net/w/1.0/ Frame F885
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=5107433831682305669
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5107433831682305669
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5107433831682305669
Date
Thu, 21 Dec 2023 10:23:46 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
match.adsrvr.org/track/cmf/ Frame A3A8
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYQSLZvLl7V8PbUJjgqsXgAA%265227&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.saultstar.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Date
Thu, 21 Dec 2023 10:23:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
7
ie
match.prod.bidr.io/cookie-sync/ Frame A3A8 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.saultstar.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.76.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-76-92.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 21 Dec 2023 10:23:46 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A3A8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.saultstar.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3601:d9af:10ed:ca45:5b1a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB
date
Thu, 21 Dec 2023 10:23:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame A3A8
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=6cadaa375721181d&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIkR3GV0d_YwNnn2oMAAAAAAA&expiration=1703240626&is_secure=true
43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIkR3GV0d_YwNnn2oMAAAAAAA&expiration=1703240626&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.saultstar.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QFwDaoSfKHIjqUuO3h6I9wFmKOBJAAv%2BN0CPhS8lr8QzWX3MjuFUq8monkr6lk5mO%2BC6X7X84Xp64m4paAZQ0plmbp9eK8i6UQExy3E5DOwzxxaxniv7uPXV5lAOqKLESEYRzhd"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
838f695e8f4f01db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIkR3GV0d_YwNnn2oMAAAAAAA&expiration=1703240626&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
usermatchredir
ssum-sec.casalemedia.com/ Frame A3A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEw0c71oMBdgWz25f7R1cl8&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEw0c71oMBdgWz25f7R1cl8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.saultstar.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVDHLoe65mhJpkmxHN6jTZmyhtRSo4pJPMUy453N5ShjpmEC0lnGDC96ckz%2ByoPAiiedeg5up0iUBYiURYNB31eQQudgNwUXYbG7nEE39Rbk84sPbF%2B02XX%2FUetjpM1E%2BTqTSlj%2BjLAQvA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
838f695d99d901e7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEw0c71oMBdgWz25f7R1cl8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A3A8 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.saultstar.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:d9af:10ed:ca45:5b1a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
casale
match.adsrvr.org/track/cmf/ Frame A3A8 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.saultstar.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame A3A8
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433831682305669
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433831682305669
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.saultstar.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiAEehCqTk88hEsZjtJ%2FmLyVvF0bQdUbrMNABK4a5Nacod8WHNzYFihtU667OgdJOrx7EBNUGU9zCoPpp%2BwmIHyJE2414n13sthKWnwu5rS8KqlAWI4uUVW5bjWDqkkpWn4tiKMmrrQUig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
838f695da9e701e7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433831682305669
Date
Thu, 21 Dec 2023 10:23:46 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
htw-pixel.gif
cdn.indexww.com/ht/ Frame A3A8 		43 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZYQSLZvLl7V8PbUJjgqsXgAA%265227
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.saultstar.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
15686
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
838f695d7d9201fc-ZRH
content-length
43
expires
Fri, 22 Dec 2023 10:23:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AAF0 		0
0
ads
pubads.g.doubleclick.net/gampad/ Frame AAF0 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F34230109%2C3081%2F2885102949&description_url=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&tfcd=0&npa=0&sz=640x480%7C400x300&cust_params=dsmcm%3D1%26dsd%3Dsaultstar.com&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3373771678528031&gdpr=0&gdpr_consent&us_privacy&dskey=enabled&vpa=auto&vpmute=1&sdkv=h.3.609.1&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=3163591266&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&media_url=https%3A%2F%2Fa.jsrdn.com%2Fvplayer-parallel%2F20230925_2337%2Fima_html5%2Fminimal.mp4&sid=2395D7C7-C104-4443-9707-D01ED146EA2F&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44805105&ref=https%3A%2F%2Fwww.saultstar.com%2F&url=https%3A%2F%2Fwww.saultstar.com%2F&dt=1703154226840&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&nhd=2&u_h=1200&u_w=1600&u_tz=60&scor=3390810201408000&ged=ve4_td0_tt0_pd0_la0_er0.0.154.300_vi0.0.317.564_vp100_eb24427
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame AAF0 		0
0
index.html
a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/ Frame 2DF2 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6395e8bd3c20d6fa5091a8aa3115a117c563df4de3d633ddd3ac29c850ad7a82

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
akamai-cache-status
Hit from child
akamai-grn
0.9d7d1302.1703154226.422e2bff
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cache-control
max-age=32777
content-encoding
gzip
content-length
7092
content-type
text/html
date
Thu, 21 Dec 2023 10:23:46 GMT
etag
"6cc843f2b3e98f70da2d0b2c3180f82c"
expires
Thu, 21 Dec 2023 19:30:03 GMT
last-modified
Mon, 25 Sep 2023 23:38:10 GMT
quic-version
0x00000001
server
AmazonS3
vary
Accept-Encoding
x-amz-id-2
ohgobox6XKbaLHaupLxaHeCylkqayTpGuYqwuunP0jEzSkJw1sEtlDbKOrMwYHckcs5uhXb88iU=
x-amz-request-id
SNCRERG6BQ03Y1EM
x-amz-server-side-encryption
AES256
x-amz-version-id
yTs1LCmDwj3VOL.X_ikp7RjZcEdsAfWk
csi
csi.gstatic.com/ Frame AAF0 		0
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 2DF2 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.jsrdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Thu, 21 Dec 2023 10:23:46 GMT
minimal.mp4
a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/ Frame 2DF2 		843 B
876 B 		Media
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/minimal.mp4
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

quic-version
0x00000001
x-amz-version-id
YutMv6I3oJyM1Gkwh5ebWbrhOB6c6G2Q
date
Thu, 21 Dec 2023 10:23:46 GMT
akamai-cache-status
Hit from child
x-amz-request-id
GCS2V7RVHNZDG9CZ
akamai-grn
0.9d7d1302.1703154226.422e2c24
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-842/843
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
843
x-amz-id-2
QllXZEQ+Zk1tcWXJLrYOPoANA9Xt6EAquXqBRY0/aaRunh3LkpN5Av8jMlAEqGyazOO3MJQ/7Xg=
last-modified
Mon, 25 Sep 2023 23:38:11 GMT
server
AmazonS3
etag
"fb62001afaa95ed461f35992d7431867"
content-type
video/mp4
cache-control
max-age=14376
accept-ranges
bytes
expires
Thu, 21 Dec 2023 14:23:22 GMT
bridge3.609.1_en.html
imasdk.googleapis.com/js/core/ Frame 62AE 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a.jsrdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
494953
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245986
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 16:54:33 GMT
expires
Sat, 14 Dec 2024 16:54:33 GMT
last-modified
Fri, 15 Dec 2023 16:47:56 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 2DF2 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.jsrdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 10:23:47 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6715 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2122
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 21 Dec 2023 10:48:24 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=tgkm&k=ZQl3YQlhCTQ5MjYJZAlldS13ZXN0LTFiCWgJaS0wMzJjMzMzMTFjZDJjYmU5MQl1CTVkYzU0Nzc1LTU5OGUtNDJkZi1iOTVmLTI1M2VkOWM4OTU4ZQl2CTI4MjQwMzE3LTA0YTItNDI2NS1iOTNjLTRkODVlN2NkYTg3Yglzdglqc3Jkbgl2bAkyMDIzMTIyMS4wOTUwCXZ0CTIwMjMxMjIxLjA5NTAJdnMJMjAyMzEwMDQJdmMJMjAyMzAxMjA1CXN0CTIwMjMxMjIxLjEwMjM0MglpCTQ1Zjc4ZDZiLTc0MjctNGViYS1hMWUzLTZmYWJmNzZhZjIxNAlmCWh0dHBzOi8vd3d3LnNhdWx0c3Rhci5jb20vbmV3cy90aGVzc2Fsb24tYmFuZC1vZmZpY2UtYmxvY2tpbmctZWxlY3Rpb24tYXBwZWFsLXByb2Nlc3Mtb2ZmaWNpYWxzLXNheQlxCTIzYWFhZmM0LTM0NDgtNGVkMy1hMmI3LTRlNWNlNTEyNTEzNgltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNTczNwljCTU3OTIJbAkxNDg0MAl6CTE0MDM2CXMJNTc2MAlwCTIyNTA3CXcJbmV3cwljcwlJQUIxMgljegkJZ2MJQ0gJZ3IJTFUJZ3QJbHVjZXJuZQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJc2F1bHRzdGFyLmNvbQlzZQk2MjQzMTk3MDA5CW1jCTMwODEJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQl2cAkxCXZnCXByCWNpCTZiNDA0NzUyLTBiNGQtYzA2MS1iNGJmLWI0ODA2ZjA1Zjg3YwljcAlkcwl2dgkyMDIzMDkyNV8yMzM3OmltYV9odG1sNTozLjYwOS4xCXd0CTczNQlhZFRhZwkvL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS8zNDIzMDEwOSwzMDgxLzI4ODUxMDI5NDkmZGVzY3JpcHRpb25fdXJsPWh0dHBzJTNBJTJGJTJGd3d3LnNhdWx0c3Rhci5jb20lMkZuZXdzJTJGdGhlc3NhbG9uLWJhbmQtb2ZmaWNlLWJsb2NraW5nLWVsZWN0aW9uLWFwcGVhbC1wcm9jZXNzLW9mZmljaWFscy1zYXkmdGZjZD0wJm5wYT0wJnN6PTY0MHg0ODAlN0M0MDB4MzAwJmN1c3RfcGFyYW1zPWRzbWNtJTNEMSUyNmRzZCUzRHNhdWx0c3Rhci5jb20mZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmVudj12cCZpbXBsPXMmY29ycmVsYXRvcj0zMzE0NzkmZ2Rwcj0wJmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mZHNrZXk9ZW5hYmxlZA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:47 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame B183 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ads
pubads.g.doubleclick.net/gampad/ Frame 62AE 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F34230109%2C3081%2F2885102949&description_url=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&tfcd=0&npa=0&sz=640x480%7C400x300&cust_params=dsmcm%3D1%26dsd%3Dsaultstar.com&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=85093118708568&gdpr=0&gdpr_consent&us_privacy&dskey=enabled&vpa=auto&vpmute=1&sdkv=h.3.609.1&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=593543648&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&media_url=https%3A%2F%2Fa.jsrdn.com%2Fvplayer-parallel%2F20230925_2337%2Fima_html5%2Fminimal.mp4&sid=38D964E5-73F2-46AC-B868-B8751B58E587&nel=0&eid=44730896%2C44731964%2C44772139%2C44777649%2C44781409%2C44804291&ref=https%3A%2F%2Fwww.saultstar.com%2F&url=https%3A%2F%2Fwww.saultstar.com%2F&dt=1703154227073&scor=2898737617903809&ged=ve4_td0_tt0_pd0_la0_er0.0.154.300_vi0.0.317.564_vp100_eb24427
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 62AE 		0
0
index.html
a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/ Frame 1703 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ds_vplayer_detached.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6395e8bd3c20d6fa5091a8aa3115a117c563df4de3d633ddd3ac29c850ad7a82

Request headers

Referer
https://www.saultstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
akamai-cache-status
Hit from child
akamai-grn
0.9d7d1302.1703154227.422e2d8d
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cache-control
max-age=32776
content-encoding
gzip
content-length
7092
content-type
text/html
date
Thu, 21 Dec 2023 10:23:47 GMT
etag
"6cc843f2b3e98f70da2d0b2c3180f82c"
expires
Thu, 21 Dec 2023 19:30:03 GMT
last-modified
Mon, 25 Sep 2023 23:38:10 GMT
quic-version
0x00000001
server
AmazonS3
vary
Accept-Encoding
x-amz-id-2
ohgobox6XKbaLHaupLxaHeCylkqayTpGuYqwuunP0jEzSkJw1sEtlDbKOrMwYHckcs5uhXb88iU=
x-amz-request-id
SNCRERG6BQ03Y1EM
x-amz-server-side-encryption
AES256
x-amz-version-id
yTs1LCmDwj3VOL.X_ikp7RjZcEdsAfWk
csi
csi.gstatic.com/ Frame 62AE 		0
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 1703 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.jsrdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Thu, 21 Dec 2023 10:23:47 GMT
minimal.mp4
a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/ Frame 1703 		843 B
881 B 		Media
General
Check archive.org
Download Go to
Full URL
https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/minimal.mp4
Requested by
Host: a.jsrdn.com
URL: https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6

Request headers

Referer
https://a.jsrdn.com/vplayer-parallel/20230925_2337/ima_html5/index.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

quic-version
0x00000001
x-amz-version-id
YutMv6I3oJyM1Gkwh5ebWbrhOB6c6G2Q
date
Thu, 21 Dec 2023 10:23:47 GMT
akamai-cache-status
Hit from child
x-amz-request-id
GCS2V7RVHNZDG9CZ
akamai-grn
0.9d7d1302.1703154227.422e2dd9
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-842/843
akamai-mon-iucid-del
1527398
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
843
x-amz-id-2
QllXZEQ+Zk1tcWXJLrYOPoANA9Xt6EAquXqBRY0/aaRunh3LkpN5Av8jMlAEqGyazOO3MJQ/7Xg=
last-modified
Mon, 25 Sep 2023 23:38:11 GMT
server
AmazonS3
etag
"fb62001afaa95ed461f35992d7431867"
content-type
video/mp4
cache-control
max-age=14375
accept-ranges
bytes
expires
Thu, 21 Dec 2023 14:23:22 GMT
csi
csi.gstatic.com/ Frame AC1E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lqf21vnw&c=4820757911292&slotId=2410378955646&ghmsh_eids=44768716%2C44772139%2C44777649%2C44781409%2C44804291%2C44806075
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4002:82e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.609.1_en.html
imasdk.googleapis.com/js/core/ Frame AFDA 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a.jsrdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
494954
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245986
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 16:54:33 GMT
expires
Sat, 14 Dec 2024 16:54:33 GMT
last-modified
Fri, 15 Dec 2023 16:47:56 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 1703 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.jsrdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 10:23:47 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 09D2 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2123
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 21 Dec 2023 10:48:24 GMT
1.gif
i.jsrdn.com/i/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jsrdn.com/i/1.gif?r=o7nc&k=ZQl3YQlhCTUxNjgJZAlldS13ZXN0LTFiCWgJaS0wMzJjMzMzMTFjZDJjYmU5MQl1CTVkYzU0Nzc1LTU5OGUtNDJkZi1iOTVmLTI1M2VkOWM4OTU4ZQl2CTI4MjQwMzE3LTA0YTItNDI2NS1iOTNjLTRkODVlN2NkYTg3Yglzdglqc3Jkbgl2bAkyMDIzMTIyMS4wOTUwCXZ0CTIwMjMxMjIxLjA5NTAJdnMJMjAyMzEwMDQJdmMJMjAyMzAxMjA1CXN0CTIwMjMxMjIxLjEwMjM0MglpCTQ1Zjc4ZDZiLTc0MjctNGViYS1hMWUzLTZmYWJmNzZhZjIxNAlmCWh0dHBzOi8vd3d3LnNhdWx0c3Rhci5jb20vbmV3cy90aGVzc2Fsb24tYmFuZC1vZmZpY2UtYmxvY2tpbmctZWxlY3Rpb24tYXBwZWFsLXByb2Nlc3Mtb2ZmaWNpYWxzLXNheQlxCTIzYWFhZmM0LTM0NDgtNGVkMy1hMmI3LTRlNWNlNTEyNTEzNgltCTIyMzQyCWIJMjYyCWcJNDEwCXQJNTczNwljCTU3OTIJbAkxNDg0MAl6CTE0MDM2CXMJNTc2MAlwCTIyNTA3CXcJbmV3cwljcwlJQUIxMgljegkJZ2MJQ0gJZ3IJTFUJZ3QJbHVjZXJuZQlnZAlmYWxzZQlnbglDb3Jwb3JhdGUJbmUJaXYJbmQJaXYJc2QJc2F1bHRzdGFyLmNvbQlzZQk2MjQzMTk3MDA5CW1jCTMwODEJbmYJaXYJcXAJNTAJcXQJMjUwMAlwbgkzOTI5CXZuCTI1ODY2ODkJaHYJMQl2cAkxCXZnCXByCWNpCTg4YmM5MzAwLTI4YzEtZjk4Yi04OGUxLTM5NmFhNWI2M2E5YgljcAlkcwl2dgkyMDIzMDkyNV8yMzM3OmltYV9odG1sNTozLjYwOS4xCXd0CTczNglhZFRhZwkvL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP2l1PS8zNDIzMDEwOSwzMDgxLzI4ODUxMDI5NDkmZGVzY3JpcHRpb25fdXJsPWh0dHBzJTNBJTJGJTJGd3d3LnNhdWx0c3Rhci5jb20lMkZuZXdzJTJGdGhlc3NhbG9uLWJhbmQtb2ZmaWNlLWJsb2NraW5nLWVsZWN0aW9uLWFwcGVhbC1wcm9jZXNzLW9mZmljaWFscy1zYXkmdGZjZD0wJm5wYT0wJnN6PTY0MHg0ODAlN0M0MDB4MzAwJmN1c3RfcGFyYW1zPWRzbWNtJTNEMSUyNmRzZCUzRHNhdWx0c3Rhci5jb20mZ2RmcF9yZXE9MSZvdXRwdXQ9dmFzdCZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJmVudj12cCZpbXBsPXMmY29ycmVsYXRvcj0zMTU1NzgmZ2Rwcj0wJmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mZHNrZXk9ZW5hYmxlZA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.175.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-175-25.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:47 GMT
server
Apache
p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame AFDA 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F34230109%2C3081%2F2885102949&description_url=https%3A%2F%2Fwww.saultstar.com%2Fnews%2Fthessalon-band-office-blocking-election-appeal-process-officials-say&tfcd=0&npa=0&sz=640x480%7C400x300&cust_params=dsmcm%3D1%26dsd%3Dsaultstar.com&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2744129544446716&gdpr=0&gdpr_consent&us_privacy&dskey=enabled&vpa=auto&vpmute=1&sdkv=h.3.609.1&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=593543648&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&media_url=https%3A%2F%2Fa.jsrdn.com%2Fvplayer-parallel%2F20230925_2337%2Fima_html5%2Fminimal.mp4&sid=BD2BDC3F-24E3-474B-BB4E-A7C33D610A80&nel=0&eid=44752657%2C44772139%2C44777649%2C44781409%2C44804291&ref=https%3A%2F%2Fwww.saultstar.com%2F&url=https%3A%2F%2Fwww.saultstar.com%2F&dt=1703154227319&scor=2889926947636114&ged=ve4_td0_tt0_pd0_la0_er0.0.154.300_vi0.0.317.564_vp100_eb24427
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:23:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame AFDA 		0
0
csi
csi.gstatic.com/ Frame AFDA 		0
0
async_usersync
ib.adnxs.com/ Frame 6256 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:47 GMT
an-x-request-uuid
3967cd4c-529f-49f4-ae27-bc48c7c72301
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.10.106.9; 176.10.106.9; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
080bdef5c4640b636727d1e7784e20e41080302b01c332ab353b5e9f26181ce0

Request headers

Referer
https://www.saultstar.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Dec 2023 10:23:48 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.saultstar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
4.f9ad667e290c0364ba0a.css
cdn.viafoura.net/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/4.f9ad667e290c0364ba0a.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1026a9b2d37a5b89f843fa5ab325cda7fdf9cc197154354cb0d2cbb4668d34b2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
KKawCZPfaWgXfFB1_XBz27YvZHjrr7bK
content-encoding
br
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
age
584109
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:24 GMT
server
AmazonS3
etag
W/"7b5dea0177c7fab78296c2a596ffcc75"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
NY0fTvwzN3k_7PKoxG7-LKkXQKgscPpNB9uK8yTYe-lXDEPDixgbhQ==
default~comments_js~conversation_starter_js~liveblog_js~standalone_ad_js~trending_articles_js.5b5cebdb79ba8e6c350f.js
cdn.viafoura.net/chunks/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/default~comments_js~conversation_starter_js~liveblog_js~standalone_ad_js~trending_articles_js.5b5cebdb79ba8e6c350f.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ea96a249420a3e81153fb29900b5ed466b8ac7fbe026ba000c5cc05e0550a75

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
gd7sQPtcy4Im2_DqjExOvGM64ulBr1G2
content-encoding
br
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
age
584109
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:14 GMT
server
AmazonS3
etag
W/"35becdb929483eaf35d8ed2214b8b7a3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
dmNSQO98IlmGlUKHO9tb0AeaWfcO0-wdFQVrvdH_plpm01SU-kilIw==
173.4e13a98ae748b840334a.css
cdn.viafoura.net/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/173.4e13a98ae748b840334a.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80e5988b4d23efd6cee8e63fdce713d953c03e6768b91e08ccd654c539fb4921

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:41 GMT
x-amz-version-id
2Y9dKxIfj4ixBpMW.J5jWiAtztx4VBe3
content-encoding
br
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
age
584108
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:23 GMT
server
AmazonS3
etag
W/"f2e0bfb0f460cccef9a6f132cf37bf27"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
9AXMc4XLqvV3Lw2b-jNpgzcktQiPpwHI1HygAb4XaMjirDJ8ir87kQ==
trending_articles_js.81e5a6e03e588557edaf.js
cdn.viafoura.net/chunks/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/trending_articles_js.81e5a6e03e588557edaf.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d4773994129007749a96cf0620485bad12bf57f3b75818bd5a76494b195cc2b1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:41 GMT
x-amz-version-id
iahMmJx9.vaFJmwH6DUwgRqJ8K1oDe0D
content-encoding
br
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
age
584108
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:17 GMT
server
AmazonS3
etag
W/"eebdb861d4c166fc58d17584a52e7ca0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
bAdzsIR07EoEYwvsBo4om-WYWk8yfiP3qvMGBBmmizZN90MetWWDCA==
trending_articles-module-js.4b646213bee7b0416497.js
cdn.viafoura.net/chunks/vuex_store/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/trending_articles-module-js.4b646213bee7b0416497.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:e600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5283bd4d2d406ed63cc6c7e981da83fd5299886f59a2a48cf14d06ef6b674472

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:41 GMT
x-amz-version-id
ZCMMjBvZSyyZXli6FFh.qKhqS.k8KjqN
content-encoding
br
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
age
584108
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:01 GMT
server
AmazonS3
etag
W/"a7a157dadc9d0cf6bf0155d83d5ffb27"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
GU8imImAgIU6KYBlu9Es6BuaPin4eSS87FLmuEuzeI0zj5ESvZPLxg==
trendingrecommended
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-98f242814303/ 		769 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-98f242814303/trendingrecommended?limit=6&content_container_window_days=7&content_window_hours=3&sorted_by=total_visible_contents
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.71.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-71-155.compute-1.amazonaws.com
Software
/
Resource Hash
8e11b77475acb433c4a9ca0fc3fa63b3c0320a03ababb8fb4f2820aae804f488

Request headers

Accept
application/json
Referer
https://www.saultstar.com/
X-UNIQUE-ID
13bf4df9-794a-4e73-a406-152fde7cac5c
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

access-control-allow-origin
https://www.saultstar.com
date
Thu, 21 Dec 2023 10:23:48 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
481
content-type
application/json
trendingrecommended
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-98f242814303/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-98f242814303/trendingrecommended?limit=6&content_container_window_days=7&content_window_hours=3&sorted_by=total_visible_contents
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.25.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-25-219.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-unique-id
Access-Control-Request-Method
GET
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-allow-methods
PATCH,POST,PUT,DELETE,GET
access-control-allow-origin
https://www.saultstar.com
access-control-max-age
43200
content-length
0
date
Thu, 21 Dec 2023 10:23:48 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=5917d734-fd5f-6279-1949-0b50c51fa166&tv=%7Bc:xqGd4F,pingTime:5,time:5319,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:284%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5319,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:283,wc:0.0.1600.1200,ac:436.157.728.90,am:i,cc:436.157.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5050~100%5D,as:%5B5050~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:108,fm:tZ4hy9M+11%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C1216%7C1217%7C13%7C14%7C15%7C16%7C17*.928934%7C171%7C18.928934%7C181%7C182%7C183%7C184%7C185%7C191%7C1921%7C1922,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,siq:284,sis:433%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.saultstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 10:23:48 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
trendingrecommended
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-98f242814303/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-98f242814303/trendingrecommended?limit=6&content_container_window_days=7&content_window_hours=48&sorted_by=total_visible_contents
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.25.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-25-219.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-unique-id
Access-Control-Request-Method
GET
Origin
https://www.saultstar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-allow-methods
PATCH,POST,PUT,DELETE,GET
access-control-allow-origin
https://www.saultstar.com
access-control-max-age
43200
content-length
0
date
Thu, 21 Dec 2023 10:23:48 GMT
trendingrecommended
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-98f242814303/ 		769 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-98f242814303/trendingrecommended?limit=6&content_container_window_days=7&content_window_hours=48&sorted_by=total_visible_contents
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.71.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-71-155.compute-1.amazonaws.com
Software
/
Resource Hash
2998625de812398464d7007ff065e3944469371e7a6e759e5b5ee079570850dc

Request headers

Accept
application/json
Referer
https://www.saultstar.com/
X-UNIQUE-ID
13bf4df9-794a-4e73-a406-152fde7cac5c
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

access-control-allow-origin
https://www.saultstar.com
date
Thu, 21 Dec 2023 10:23:48 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
479
content-type
application/json
trendingrecommended
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-98f242814303/ Frame 		0
0
trendingrecommended
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-98f242814303/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZYQSLZvLl7V8PbUJjgqsXgAA%265227
Domain
cdn.viafoura.net
URL
https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-700.woff2
Domain
cdn.viafoura.net
URL
https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-regular.woff2
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-LoopMe_rx_n-baidu_n-MediaNet_n-Beeswax_smrt_3lift_n-Outbrain
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lqf21v02&c=127149432759&slotId=63574716379.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lqf21vcb&c=127149432759&slotId=63574716379.5&uet=2&ghmsh_eids=44772139%2C44777649%2C44781409%2C44801480%2C44804291%2C44806733
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?palk=nhd%2Cu_ah%2Cu_aw%2Cu_cd%2Cu_h%2Cu_his%2Cu_tz%2Cu_w&imak=adk%2Cafvsz%2Cctv%2Cdt%2Ceid%2Cfrm%2Cgdpr%2Chl%2Cis_amp%2Cmedia_url%2Cms%2Cnel%2Comid_p%2Cosd%2Cptt%2Cref%2Csdk_apis%2Csdki%2Csdkv%2Csdr%2Csid%2Cu_so%2Cuach%2Cunviewed_position_start%2Curl%2Cvis&ovlk&lid=180&sdkv=h.3.609.1&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44805105&id=ima_html5&c=4471068740769667&domain=a.jsrdn.com
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lqf21w0m&c=1834841707033&slotId=917420853516.5&eee=missing-element&bi=missing-id&faa=1&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lqf21w3z&c=1834841707033&slotId=917420853516.5&uet=2&ghmsh_eids=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44805105
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lqf21w83&c=4019881726859&slotId=2009940863429.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lqf21wal&c=4019881726859&slotId=2009940863429.5&uet=2&ghmsh_eids=44730896%2C44731964%2C44772139%2C44777649%2C44781409%2C44804291
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lqf21wet&c=1764552857745&slotId=882276428872.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lqf21whx&c=1764552857745&slotId=882276428872.5&uet=2&ghmsh_eids=44752657%2C44772139%2C44777649%2C44781409%2C44804291
Domain
livecomments.viafoura.co
URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-98f242814303/trendingrecommended?limit=6&content_container_window_days=30&content_window_hours=48&sorted_by=total_visible_contents
Domain
livecomments.viafoura.co
URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-98f242814303/trendingrecommended?limit=6&content_container_window_days=30&content_window_hours=48&sorted_by=total_visible_contents

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| documentPictureInPicture function| setNptTechAdblockerCookie object| script object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| webpackJsonpFrontEndModules object| tp object| __iasPET object| FrontEndModules object| googletag object| permutive object| apstag object| pbjs object| diagPixSentCodes object| __iasAdRefreshConfig object| _aps boolean| apstagLOADED object| apscustom object| ggeac object| google_tag_data object| google_js_reporting_queue object| pbjsChunk object| _pbjsGlobals object| mnet object| BlockAdBlock object| blockAdBlock object| jwpServices object| jwplacements object| _comscore object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash function| handleLiveTapResponse object| webpackChunkdjango_content_services object| htmx undefined| google_measure_js_timing object| __permutive object| PublisherCommonId object| Sailthru function| __spreadArray function| CXBootstrapLoader function| identifyRootURL function| generateDebugLog object| ms object| COMSCORE object| ns_p function| CXBootstrapper object| Criteo object| _33across string| iasScores number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| vf object| vfQ boolean| femCePnIdReadyTriggered object| dataLayer object| mParticle object| gtm_data_layer string| ds_checkpoint object| vx number| norm object| google_tag_manager object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| viafoura function| postscribe object| google_tag_manager_external function| fbq function| _fbq object| _fbq_gtm_ids function| onYouTubeIframeAPIReady object| Ribn object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle string| GoogleAnalyticsObject function| ga function| e function| t object| marfeel object| PARSELY function| autotrack function| gtag object| mpartical object| gaplugins object| gaData function| _ga_originalSendHitTask object| __connect function| _typeof string| url function| ds_ct308557 object| replaced string| ct3p function| vxtrack45f78d6b-7427-4eba-a1e3-6fabf76af214 function| dvptrack function| tdValidator object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass function| ds_trace_45f78d6b-7427-4eba-a1e3-6fabf76af214 object| google_image_requests function| vxvideojsinit object| googDdmPs function| ds_dvp_next function| ds_dvp_previous number| tmpval function| ds_ctwrap344640 function| ds_float_close number| google_global_correlator object| closure_lm_6608 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 object| __IntegralASExec object| closure_lm_643089 object| closure_lm_650242 object| closure_lm_767283 object| closure_lm_642624

186 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChcKBgjSARDkFgoGCKIBEOQWCgUIChDkFg
.saultstar.com/ Name: pbjs_sharedId
Value: 4c7412a6-9423-4338-bee3-b9a3f6a3f50d
.saultstar.com/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
.saultstar.com/ Name: permutive-id
Value: 8132c82d-5721-479e-83c0-5734278c7f39
www.saultstar.com/ Name: sailthru_pageviews
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1A8f1d7dd2060d7eb266f251703154220
www.saultstar.com/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1703154221030,"mac":1029015860}
www.saultstar.com/ Name: __adblocker
Value: false
.sharethrough.com/ Name: stx_user_id
Value: d2b7d6b3-725a-4940-bae1-76df15c35e57
.yahoo.com/ Name: A3
Value: d=AQABBC0ShGUCEMFRrgtUltgCc7QdQDGU0JgFEgEBAQFjhWWNZbti0CMA_eMAAA&S=AQAAAqvMZNCwr6XeDpHVFrg70EQ
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
www.saultstar.com/ Name: sailthru_visitor
Value: dd2ae80d-41b2-4bc3-9373-d4b01da125a6
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.rubiconproject.com/ Name: khaos
Value: LQF21RQD-T-B1QW
.amazon-adsystem.com/ Name: ad-id
Value: A5lL6EPFRUgkoMBJrByNMQg
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: uuid2
Value: 5148106858807832576
.lijit.com/ Name: ljt_reader
Value: H24vuPZHY6sbRTnHS_CcdBfQ
.casalemedia.com/ Name: CMID
Value: ZYQSLZvLl7V8PbUJjgqsXgAA
.casalemedia.com/ Name: CMPS
Value: 5227
.casalemedia.com/ Name: CMPRO
Value: 5227
.openx.net/ Name: i
Value: 10ad7b87-8597-0cbc-2038-83550ebc31b8|1703154221
www.saultstar.com/ Name: x-id
Value: {"data":{"adLight":false,"adLightDisabled":true,"id":"92vse9gb1vg26pec9xi53gqhg0v8ryhf","updated":1703154221929},"exp":604800000,"ts":1703154221929,"mac":1975352670}
fem.gprod.postmedia.digital/ Name: x-id
Value: {"data":{"adLight":false,"adLightDisabled":true,"id":"92vse9gb1vg26pec9xi53gqhg0v8ryhf","updated":1703154221929},"exp":604800000,"ts":1703154221930,"mac":1975353352}
.blismedia.com/ Name: b
Value: 6584122D2DAB8414788550E8BLIS
.creativecdn.com/ Name: u
Value: 9N0mKob26yWM44S4QtWs
.creativecdn.com/ Name: g
Value: 9N0mKob26yWM44S4QtWs_1703154221949
.creativecdn.com/ Name: ts
Value: 1703154221
.sitescout.com/ Name: ssi
Value: 4ed0372a-a458-4669-856d-ba1001dc00d5#1703154221955
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 24CFB76E-4F04-4690-9211-6A07901FE725
.quantserve.com/ Name: mc
Value: 6584122d-efa7b-ba269-79987
.adotmob.com/ Name: uid
Value: 09f1220400349d025395c1c8
.adotmob.com/ Name: uuid
Value: 09f1220400349d025395c1c8
.adotmob.com/ Name: partners
Value: IX%3A1703154221991
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUndgsx1JkOSyg4jHuG05G0dBCPRw575OBhud6uAG79LDaOMgEwOC7UfrNlogr8
.company-target.com/ Name: tuuid
Value: afea7fd7-e912-4080-892c-7d867dc70c9b
.company-target.com/ Name: tuuid_lu
Value: 1703154222|ix:0
.weborama.fr/ Name: AFFICHE_W
Value: ANRCwyLe0GIA19
.lijit.com/ Name: _ljtrtb_86
Value: DifhqhqJ9gQ-Tl4WO97X2V_dp4knFp5NiohxkKCJUrQ
.adform.net/ Name: uid
Value: 1492244624634415535
.bidr.io/ Name: bito
Value: AABVI07LCCQAABMhZqz8jQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.simpli.fi/ Name: suid
Value: 7DD430A8B53B4C809DD734663E0CCC03
.lijit.com/ Name: _ljtrtb_85
Value: AABVI07LCCQAABMhZqz8jQ
.mfadsrvr.com/ Name: tuuid
Value: a6c3e51b-5aaa-4810-a384-25f0c2621ff4
.mfadsrvr.com/ Name: c
Value: 1703154222
.mfadsrvr.com/ Name: tuuid_lu
Value: 1703154222
.audrte.com/ Name: arcki2
Value: 8a4X1Bz-9Q-QjmtOZWAGuT3LQ!20220908!1703154222158!ip#176.10.106.9
.audrte.com/ Name: arcki2_pubmatic
Value: 24CFB76E-4F04-4690-9211-6A07901FE725!20220908!1703154222158
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 34e3e55be909386652661fcad9f1744f
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDZJNU41NU1KtTSwNLYwMzM1MjMzTEtOTLFMMzQ3MUljAILUFiE9EA0FAEClCb8%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIbRHSA1JQAAAPHgEq"
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEBVdpQ15IFF3t565IaJmmhk&KRTB&23025-CAESEBVdpQ15IFF3t565IaJmmhk&KRTB&23386-CAESEBVdpQ15IFF3t565IaJmmhk
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1492244624634415535&KRTB&23263-1492244624634415535&KRTB&23481-1492244624634415535
pixel-eu.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.audrte.com/ Name: arcki2_ddp2
Value: 8a4X1Bz-9Q-QjmtOZWAGuT3LQ!20220908!1703154222238
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.jsrdn.com/ Name: u
Value: 5dc54775-598e-42df-b95f-253ed9c8958e
.tapad.com/ Name: TapAd_TS
Value: 1703154222279
.tapad.com/ Name: TapAd_DID
Value: 4e2227a3-74b5-4f95-8fe3-f5a374d9ba2e
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.audrte.com/ Name: arcki2_adform
Value: 1492244624634415535!20220908!1703154222318
.saultstar.com/ Name: _ga
Value: GA1.2.351675966.1703154222
.saultstar.com/ Name: _gid
Value: GA1.2.164849101.1703154222
.saultstar.com/ Name: _gat_UA-213173459-6
Value: 1
.mathtag.com/ Name: uuid
Value: e1136584-122e-4f00-b0ab-7f8ae3b8941f
.adnxs.com/ Name: anj
Value: dTM7k!M40DF7/.XF']wIg2E?de1Euo!]tbP6j2F-.aDyjByG0>mcCivfAt%m:8r[if^8HVD/9yTG^3rPQEVk`!#]2dd_3_>
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxRRjIxUlFELVQtQjFRVyIsImV4cGlyZXMiOiIyMDI0LTAzLTIwVDEwOjIzOjQyWiJ9fSwiYmlydGhkYXkiOiIyMDIzLTEyLTIxVDEwOjIzOjQyWiJ9
.saultstar.com/ Name: __gads
Value: ID=261c642ce3bc78d0:T=1703154221:RT=1703154221:S=ALNI_MbZqeWJXRgG5rLThGTHgGrdKm6Png
.saultstar.com/ Name: __gpi
Value: UID=00000d2457935757:T=1703154221:RT=1703154221:S=ALNI_MbuIQwLvDEY8Ya4hps_564xomTVgA
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:e1136584-122e-4f00-b0ab-7f8ae3b8941f
.lijit.com/ Name: _ljtrtb_16
Value: 4ed0372a-a458-4669-856d-ba1001dc00d5-6584122d-4348
.linkedin.com/ Name: bcookie
Value: "v=2&37576f25-c9a2-4b1a-8dd6-6e5da4f1e813"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDMxNTQyMjI7MjswMjG7NfGVPQYKX9dFLjDB9hYKZlHeYBnLmzb83Oh6Q4jj+g==
.linkedin.com/ Name: lidc
Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3284:u=1:x=1:i=1703154222:t=1703240622:v=2:sig=AQHw8-QFuq04pmEMTk1XiEaZdRzOfGr1"
.saultstar.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say%22%2C%22sref%22:%22%22%2C%22sts%22:1703154222424%2C%22slts%22:0}
.saultstar.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=2a8558f0-73cd-452d-85aa-c816aaf429da%22%2C%22session_count%22:1%2C%22last_session_ts%22:1703154222424}
.saultstar.com/ Name: _ga_72QH41ZTMR
Value: GS1.1.1703154222.1.0.1703154222.60.0.0
.saultstar.com/ Name: _ga_60TQYJ3HTT
Value: GS1.1.1703154222.1.0.1703154222.60.0.0
.primis.tech/ Name: csuuid
Value: 6584122e733bf
.saultstar.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1703154222%2C%22currentVisitStarted%22%3A1703154222%2C%22sessionId%22%3A%2244696e8d-3879-4425-9f09-15d4971a938a%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say%22%2C%22referrer%22%3A%22%22%7D
.saultstar.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1703154222%2C%22userId%22%3A%22b899d581-f489-4779-a92e-a0570a3f2cc8%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1703154222%2C%22timesVisited%22%3A1%7D
.saultstar.com/ Name: compass_uid
Value: b899d581-f489-4779-a92e-a0570a3f2cc8
.saultstar.com/ Name: _gcl_au
Value: 1.1.1646255699.1703154223
.connatix.com/ Name: cnx_userId
Value: cd6a37d2ba7f4355b7e9741edd5a5a92
.saultstar.com/ Name: _fbp
Value: fb.1.1703154222571.1954775357
events.newsroom.bi/ Name: 1528_u
Value: b899d581-f489-4779-a92e-a0570a3f2cc8
events.newsroom.bi/ Name: 1528_s
Value: 44696e8d-3879-4425-9f09-15d4971a938a
events.newsroom.bi/ Name: 1528_lv
Value: null
events.newsroom.bi/ Name: 1528_ut
Value: 0
.saultstar.com/ Name: mprtcl-v4_4662F03F
Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'04b00902-cad1-482a-640b-8c6343a5f9a6'|'das':'1f91ed92-3ec6-438a-87e1-92a33bdf9dba'|'csm':'WyI0NzA0NjYxMzY5MjkzNTI2NzgiXQ=='|'sid':'346A9D45-36DA-42B3-FAF9-D66A34A2D0CA'|'les':1703154222663|'ssd':1703154222176}|'l':1|'470466136929352678':{'fst':1703154222412|'ui':'eyIwIjoiOTJ2c2U5Z2IxdmcyNnBlYzl4aTUzZ3FoZzB2OHJ5aGYifQ=='}|'cu':'470466136929352678'}
.doubleclick.net/ Name: APC
Value: AfxxVi4_cH30IkU3_l-wOPBXXR9LDh1ehmtyFpfjwomfo_sibDMI2g
.viafoura.co/ Name: VfSess
Value: krgeqvgu58pled1vq57iuajb2d
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
ads.smartstream.tv/ Name: DID
Value: e17503c86d4dd9d0a5d7f4daa763ba47
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
cm.adsafety.net/ Name: UID
Value: CM120231221108b265751633741c747c
.adsafety.net/ Name: cm_uid
Value: CM120231221108b265751633741c747c
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvcUxNNW55Rjc3QWVEaVZSRC9nZitxK1JqRGxTSGpXakp6SDdMMDIvckpIMloxRWtOZU44Qnk3dERCK0hIUVFCTjFDOUNXejc0alBkUk93L3NZZGdNRHd2bTk3OG5qY2NOaTRvMDNiZjVSeHMvL21kWHhWMExMR1g2VUZLQ0pLbnM3aHVPQ1Z6dU9LbUFyOHppZ3ZJNVExb01RY1JZWkdWV25nMUhGQU5ybG05aFFXSnZzNFdnRHhuQ3FQK3VodGxHOThDQTVTeWV2SjdUMzgwbmdyVkJMR2V2ekNJT1NwMVpWTzd5OC9XTGc5WURhVFZZa0hCZ3BRZks5Z2NtTlJkRnFGL2dZOEdabjFpTlVWMGh5cTRXZ09ra05nSHk2dkZNdk5DZ08vakQyUlpMb0ZNY0ptQmZVcXdVa3NHVlBaU2R3PT0%3D
www.saultstar.com/ Name: _vfz
Value: www%2Esaultstar%2Ecom.00000000-0000-4000-8000-98f242814303.1703154223.1.medium=direct|source=|sharer_uuid=|terms=
.saultstar.com/ Name: _vfa
Value: www%2Esaultstar%2Ecom.00000000-0000-4000-8000-98f242814303.13bf4df9-794a-4e73-a406-152fde7cac5c.1703154223.1703154223.1703154223.1
.ads.stickyadstv.com/ Name: UID
Value: 1bd45b9a9adde4285e8a52f612e157e6
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZYQSLZvLl7V8PbUJjgqsXgAAFGsAAAAB
.saultstar.com/ Name: _vfb
Value: www%2Esaultstar%2Ecom.00000000-0000-4000-8000-98f242814303.2..1703154223....
.mediago.io/ Name: __mguid_
Value: f5ef61ca483ff5d02uyojv00lqf21t8a
.liadm.com/ Name: lidid
Value: 3108082c-6c2b-4cf0-b5de-cfeb937888f0
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 04cddd49-b820-4778-815a-649251fcbe37
.saultstar.com/ Name: cto_bundle
Value: TDWHtF9wdGs2Nm4xQ0s5cFNUdndrN2ZqUVAwMHMzZURtOUlBMjlMOFZ1eEdiYVlvcVNEWkRia0kwdDR5Umo2M3NSVGVDV0tOdzczWm82VXNaeHUzYkZvb3F2SVRueG16Wk9DRzhxRkMlMkJGaHNJdVRBS2N0U1ZBN1gyTFJRJTJGZEpkQkk1VHl3QmttNGppQjgzNGtuWTVRQSUyQmxPZnclM0QlM0Q
.viafoura.co/ Name: vfDeviceId
Value: afa2793e-5d06-4bb8-9fd6-d5173bd4b406
.go.sonobi.com/ Name: __uis
Value: a9777d28-0d97-41e0-8a64-eb8e03b1b80f
.go.sonobi.com/ Name: _usd_saultstar.com
Value: 566a910b-e35a-4eea-bb1c-256bb856f239
.go.sonobi.com/ Name: __uih
Value: 1
.turn.com/ Name: uid
Value: 8170217125147634428
.rezync.com/ Name: zync-uuid
Value: ca61c801-b422-425e-9ee9-9d7f73572182:1703154223.9806619
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjSzMDI2MDUzsxTiM9Q1yyjzCDIty_AvNw8FAPMGlPIlAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_w3KyRWAMAgFwIvt4OND2OxGIykkleucZx8xb8dMBj1DhIZYU3UX1Rsr1EKQciFYYX_Qs5LdUR87BT8gOgAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjSzMDI2MDUzsxTiM9Q1yyjzCDIty_AvNw8FAPMGlPIlAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNzEsOwjAMANG7eN2g2E6cz2WqkhopggbUtBsq7k6WIz3NBfNH921p2g7Ix37qBOVVR3XIF_T63fQJGTza4Jgjo0Ri60US_Cbo2nt9t7muw5RFsESL5u6IjCOvJqkmk9bwCOwDYaSMwTL6AfiWohXB8fkDoUklEA.ZYQSMA.X5KCkbe1HHg6Vt-zLLjUlnp2qRE
.rlcdn.com/ Name: rlas3
Value: KC0Rgp8nVJ55XaAxE3rYK3gaa2v6MFkJClkUrlriRnc=
.rlcdn.com/ Name: pxrc
Value: CLCkkKwGEgUI6AcQABIGCLrqARAA
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 156011:4
.pubmatic.com/ Name: DPSync3
Value: 1704326400%3A235_227_226_219_197_201_245_241
.pubmatic.com/ Name: SyncRTB3
Value: 1704412800%3A35%7C1703721600%3A223%7C1704326400%3A251_71_13_7_54_56_220_21_8_3
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5148106858807832576&KRTB&23339-5148106858807832576
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-Rvg8U0H_NgNdqGIGR68pBRH_Ml5d-j1eSPo-X7fc&KRTB&19420-Rvg8U0H_NgNdqGIGR68pBRH_Ml5d-j1eSPo-X7fc&KRTB&22979-Rvg8U0H_NgNdqGIGR68pBRH_Ml5d-j1eSPo-X7fc&KRTB&23462-Rvg8U0H_NgNdqGIGR68pBRH_Ml5d-j1eSPo-X7fc
.pubmatic.com/ Name: PugT
Value: 1703154223
.zeotap.com/ Name: zc
Value: c7867ade-eb17-4a30-4f9f-d175279c0f8e
.onaudience.com/ Name: cookie
Value: 24c363e30dd5089a
.onaudience.com/ Name: done_redirects147
Value: 1
.semasio.net/ Name: SEUNCY
Value: 15B91344CC54BF73
.go.sonobi.com/ Name: HAPLB8G
Value: s8524|ZYQSN
.lijit.com/ Name: ljtrtbexp
Value: eJxl0DkOgDAMBMC%2FpKbwFR98DfF3DqXASzlrRRv7GBVj5yBT1xTfhnQy%2FQLtQXC34dxfa8yix1WrUsXIV5JQ4t1J0FEwh8408PyYb3u34Hs8ytqBK%2BzxzG4J2BGOVu0%2F5wWlGUla
.quantserve.com/ Name: d
Value: EFgBFgHbKvijC_vLEJ9A
.openx.net/ Name: pd
Value: v2|1703154221.5|iyvQvNgun0.j8gmfcvSgqmuwksLwEiSmOgesfnswLw9
.lijit.com/ Name: _ljtrtb_43
Value: z3C_H8h3tU_UIOFKzieqSZh3sRLUcr4SwXL4fEkd
.lijit.com/ Name: _ljtrtb_94
Value: 6584122D2DAB8414788550E8BLIS
.bidswitch.net/ Name: c
Value: 1703154226
.bidswitch.net/ Name: tuuid_lu
Value: 1703154226
.bidswitch.net/ Name: tuuid
Value: f01d5a6e-8214-490c-8e61-0954ecef49c3
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1703154226
.sitescout.com/ Name: _ssuma
Value: eyI0OCI6MTcwMzE1NDIyNjY4NSwiMzkiOjE3MDMxNTQyMjE5ODEsIjE3IjoxNzAzMTU0MjI2NzUyLCI3IjoxNzAzMTU0MjIxOTgxfQ
.lijit.com/ Name: _ljtrtb_76
Value: afef9a1e-c6a4-0946-3d52-fd1b122a3d17
.lijit.com/ Name: _ljtrtb_92
Value: 5148106858807832576
.adx.opera.com/ Name: UID
Value: OPU3c6c278813bc4cdea7a6462599ad9b93
.eskimi.com/ Name: __eConsent
Value: 1
.eskimi.com/ Name: __eDId
Value: 6b7c0c78-ffce-47a3-a324-27a620b857fb
.lijit.com/ Name: _ljtrtb_83
Value: LQF21RQD-T-B1QW
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2fqa:175w~2fqa"
.contextweb.com/ Name: V
Value: y9bdgjZml1fN
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1oo5|7dW.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 2f2e240d0c58a8e7
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1WMuQ2AMBDAxABUmeNQ7pL7sg2EMBAlJWMwGhVUoJS2ZF_DiBoTciYSZbs7dtuD1lmwWkRYXgeZuIG35uCrbppYCY3KF6XJLYqgH-E_ZUI-e5YHtmPYbnoAAAA
.lijit.com/ Name: _ljtrtb_103
Value: OPU3c6c278813bc4cdea7a6462599ad9b93
.lijit.com/ Name: _ljtrtb_49
Value: y9bdgjZml1fN
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZYQSMgAIje0DIQBU
.dotomi.com/ Name: DotomiTest
Value: 6cadaa375721181d
.admanmedia.com/ Name: admtr
Value: 7d15ccd1-17f2-4e59-a227-d95803d49e1c
.admanmedia.com/ Name: ac_r
Value: CS139
.sportradarserving.com/ Name: zuuid
Value: 9da368c1-8ea5-4617-a99a-fd2fcfeae893
.sportradarserving.com/ Name: c
Value: 1703154227
.sportradarserving.com/ Name: zuuid_lu
Value: 1703154227
.pubmatic.com/ Name: SPugT
Value: 1703154226
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1703154227
.krushmedia.com/ Name: krm_usr
Value: 6aa2cf85-e4c2-5567-a579-204435430218
.krushmedia.com/ Name: krm_r
Value: 572
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qp5vj6H1hAWQrVTIkcAJPBTCyji7+n+ttIDplIcqSUbVQIlR94HgYHWh9A0c6Ll1O83Gp9oQyBDxsBQn6AvuCLFvZhcBZzmZDt9axJiCL5XdQ==
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-30806eae-d5f0-5df3-6aee-8b6003835e8e.kbVgAl32vpwLHeHLiSN9pOHeyewbzp%2BaQD4kofMz7Y4
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-30806eae-d5f0-5df3-6aee-8b6003835e8e.kbVgAl32vpwLHeHLiSN9pOHeyewbzp%2BaQD4kofMz7Y4
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AMIBurtXwXfNq7otgA4NejrAKagk.A5pYWou2H6%2FMfbNTNUMbR7xz06nCJs%2B%2BdVZWjCRrHzg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AMIBurtXwXfNq7otgA4NejrAKagk.A5pYWou2H6%2FMfbNTNUMbR7xz06nCJs%2B%2BdVZWjCRrHzg
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMYnSw-1x2Z3cCHQwvz-4Ps6bnYD3fndfzY5owXT8XkBEHwYBCCzpJCsBjABOgQ8w7t9QgTM8PAV.dmWNZujfyeapfNGa%2BKZ3yDDYBSd4cJP65lWA95uMcq0
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMYnSw-1x2Z3cCHQwvz-4Ps6bnYD3fndfzY5owXT8XkBEHwYBCCzpJCsBjABOgQ8w7t9QgTM8PAV.dmWNZujfyeapfNGa%2BKZ3yDDYBSd4cJP65lWA95uMcq0
.lijit.com/ Name: ljtrtb
Value: eJwtj0tvwjAQhP9LzrXkx9pe90YSUIEUmkIAcUGOnRAebQmt1Jaq%2F7221Ntodr7d2Z%2BEUZHcJ%2FOnSjjluEZkonbgfGO1VaC4NMZ6UxuR3CVMhSg0ngrNLbEgkYBShqBUntSWUcq8o9RLoiQC49wTEICBBBPIb1P7%2FXH7cmbtLHiGB08yQEYVSkSqUXCpVRhh7FSUI86ey5wsScrKdSQg2P%2Brc54P0qAgVJaSDjEtxouIypAZDNLVmOoiy8ogH7ttf8NjGafxg%2FzQdn3XT8y%2BJMszrOdGb%2Fhq5y9weh1d5Ozw1n2dptmkukYEYpebyHYP2ImPaleN56Pp7dD0i20n3p%2BLyl1h8bkpoB2efMjreMK2TWssa4hTFgg1oIjwkpPWszqUt8Iznfz%2BAS3QY4E%3D
.lijit.com/ Name: _ljtrtb_80
Value: LQF21RQD-T-B1QW
.ipredictive.com/ Name: cu
Value: b18b99e5-cbbf-4078-a1d2-817a462357b1|1703154227150
.tribalfusion.com/ Name: ANON_ID
Value: aDnsuBrwZaybQXwrSPTrCJNSRyKptvKgvxP4Zbrh0vmAppvU3KsB3BujBPPjusCADp384svVGUUVduT8Hj
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1e47fa13-08a2-46b9-8e53-fd58209a9b7a-003%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1e47fa13-08a2-46b9-8e53-fd58209a9b7a-003%22%7D

8 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Message:
Access to font at 'https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-regular.woff2' from origin 'https://www.saultstar.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-regular.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.saultstar.com/news/thessalon-band-office-blocking-election-appeal-process-officials-say
Message:
Access to font at 'https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-700.woff2' from origin 'https://www.saultstar.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-700.woff2
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZYQSLZvLl7V8PbUJjgqsXgAA%265227
Message:
Failed to load resource: net::ERR_SOCKET_NOT_CONNECTED
network error URL: https://www.getpublica.com/usermatch/did=6aa2cf85-e4c2-5567-a579-204435430218KrushID=6aa2cf85-e4c2-5567-a579-204435430218
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
a.audrte.com
a.jsrdn.com
a.sportradarserving.com
a.tribalfusion.com
a1110.casalemedia.com
a8fd85fde9378c09afa02287010769df.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.pubmatic.com
ads.rubiconproject.com
ads.smartstream.tv
ads.stickyadstv.com
ak.sail-horizon.com
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
api.fouanalytics.com
api.permutive.com
api.rlcdn.com
api.sail-personalize.com
api.viafoura.co
assets.ribn.com
auth.lrcontent.com
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.jsrdn.com
c1.adform.net
c2shb.pubgw.yahoo.com
capi.connatix.com
casale-match.dotomi.com
cdn-ima.33across.com
cdn.adsafeprotected.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.parsely.com
cdn.permutive.com
cdn.viafoura.net
ce.lijit.com
cm.adsafety.net
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
config.aps.amazon-adsystem.com
config.lrcontent.com
connect.facebook.net
contextual.media.net
cr.frontend.weborama.fr
creativecdn.com
cs.admanmedia.com
cs.krushmedia.com
csi.gstatic.com
d.turn.com
d14c63magvk61v.cloudfront.net
data.adsrvr.org
dcs-static.gprod.postmedia.digital
dis.criteo.com
dmp.adform.net
dsp-ap.eskimi.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
edge-auth.microsoft.com
eu-u.openx.net
eus.rubiconproject.com
events.newsroom.bi
events.qortex.ai
experiences.mrf.io
fastlane.rubiconproject.com
fem.gprod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
getpublica.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.jsrdn.com
i.liadm.com
i.viafoura.co
ib.adnxs.com
identity.mparticle.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
lexicon.33across.com
live.primis.tech
live.rezync.com
livecomments.viafoura.co
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
micro.rubiconproject.com
mug.criteo.com
mwzeom.zeotap.com
notifications.viafoura.co
onetag-geo.s-onetag.com
openx2-match.dotomi.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
placement-prd.jwpltx.com
postmedia-d.openx.net
postmedia.hub.loginradius.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
pubads.g.doubleclick.net
px.ads.linkedin.com
reachms.bfmio.com
region1.analytics.google.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.company-target.com
s.jsrdn.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
sdk.mrf.io
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
smartcdn.gprod.postmedia.digital
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tags.catapultx.com
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.getpublica.com
www.google-analytics.com
www.google.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
www.saultstar.com
x.bidswitch.net
aax-eu.amazon-adsystem.com
cdn.viafoura.net
csi.gstatic.com
livecomments.viafoura.co
match.adsby.bidtheatre.com
pagead2.googlesyndication.com
104.18.36.155
104.18.38.76
107.23.71.155
13.107.6.158
13.227.217.72
13.227.219.6
13.32.119.77
13.32.22.213
13.32.27.83
141.94.170.64
142.250.185.130
142.250.185.226
143.204.98.87
145.40.97.67
151.101.129.108
151.101.2.49
172.217.16.227
172.64.146.152
172.64.152.89
178.250.1.9
18.155.145.48
18.155.153.73
18.159.158.145
18.185.12.185
18.197.41.124
18.239.36.121
18.239.83.50
18.245.86.124
18.65.39.56
18.66.112.32
185.170.60.41
185.184.8.90
185.64.189.112
185.64.191.210
185.89.211.84
193.0.160.131
193.135.9.127
198.47.127.19
198.47.127.20
198.47.127.205
2.19.105.180
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
208.93.169.131
209.54.182.161
216.52.2.30
23.201.255.110
23.215.22.18
2404:6800:4002:82e::2003
2600:1f18:1aca:4281:5c29:1117:1290:d127
2600:1f18:44f0:4848:c843:e803:e83b:7cec
2600:9000:2093:9000:8:48e:53c0:93a1
2600:9000:20a0:e600:8:2ae1:d740:93a1
2600:9000:2190:d000:15:2b26:f200:93a1
2600:9000:223e:6800:0:2f8e:a8c0:93a1
2600:9000:236e:2600:1a:5235:f980:93a1
2600:9000:238d:9800:1:a3fa:7cc0:93a1
2602:803:c003:200::91
2606:4700:10::6816:1857
2606:4700:20::681a:3e
2606:4700:20::681a:ad1
2606:4700:20::ac43:44eb
2606:4700:3033::6815:325a
2606:4700:3037::ac43:9bd7
2606:4700:4400::ac40:91b1
2606:4700:4400::ac40:9256
2606:4700::6810:5514
2606:4700::6811:7711
2606:4700::6812:19ad
2606:4700::6812:5eb
2606:4700:e0::ac40:6020
2607:ae80:192:1::173
2607:f350:3:2569:0:10:0:200a
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2a00:1450:4001:800::200a
2a00:1450:4001:806::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2004
2a00:1450:400c:c06::9c
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3500:11::215:14d7
2a02:26f0:480:f::213:7edd
2a02:fa8:8806:21::1720
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::626
2a04:4e42:400::645
2a04:4e42:600::645
2a04:4e42::645
2a05:d018:d29:3601:d9af:10ed:ca45:5b1a
3.121.73.47
3.123.201.131
3.127.90.98
3.229.111.75
3.71.149.231
34.107.254.252
34.111.113.62
34.111.129.221
34.111.249.109
34.117.54.29
34.120.133.55
34.120.63.153
34.149.157.221
34.197.163.191
34.199.75.211
34.226.133.115
34.249.200.254
34.251.97.118
34.91.62.186
34.96.105.8
34.96.71.22
34.98.64.218
35.158.80.62
35.186.201.99
35.208.249.213
35.227.252.103
35.241.9.51
35.244.174.68
35.244.193.51
37.157.3.26
45.137.176.88
46.228.174.115
46.228.174.117
52.202.25.219
52.210.76.92
52.211.175.25
52.223.40.198
52.28.203.152
52.3.160.15
52.58.18.253
54.211.244.166
54.77.9.4
57.128.96.120
63.34.81.234
67.220.226.234
69.173.144.137
69.173.144.138
69.173.144.165
69.173.151.100
74.121.140.211
77.243.51.121
8.2.110.134
80.77.87.162
82.145.213.8
89.163.240.122
95.101.148.20
95.101.149.233
98.98.134.243
99.83.154.140
99.83.190.102
00a2339203c3a35bd9e2764adc0532bbc81f71eb710a11726941e584395be455
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0285656c0531ce023489eb405a9e7d895b12a4e7e8324722ddda4e79fd052f9c
03dd8d29c6c4d0b98973854eaf2ef5c6f588db30793ceddd074a907529ded75d
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
080bdef5c4640b636727d1e7784e20e41080302b01c332ab353b5e9f26181ce0
0819e080a58be70adb9bd9a450fa24e4dc454d4a1c50dd7ab841fff21ec6bee2
0a633cd18a8ef38d694ec323dfd22731854e161f2ebee27b2eb9870a7df78980
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dbbfd058984d216b2371b90276638dcf0b3c97d89dcf96b253b46ac849c46f2
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1026a9b2d37a5b89f843fa5ab325cda7fdf9cc197154354cb0d2cbb4668d34b2
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
1185218883cb5ec765c3292aaaccf15869b99c089b1c938266134666608a6ba1
12bd9c2bb0fa76dd7a89b810c0167d082a2317985b452372d9dca4d2bfdabff5
12ee0ac36f750e7fc45b846f57ed8257ab1c0711de18649a3848d92d6bb23335
131144d7a63b875b0d23632bc31613aaa0afb5078642d52afd62cbe3ccdeae96
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
14f0222e2679a5d08a8af2fec9ee923dbf2e9fb4c9f462a25dcf255f7bc75d02
156e7137e9f6b6117203c6436ff137e0873a0dc929dbf3dc55428eb9ddc5a9bf
15b54a90686829d59ef0c2bc6a9e2e82b6a11536be56acf2b4ff414b081c891d
185113239a6613ca82207e73bb41dcc84ce2274da2732f6ece828c207f2f060c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c08d6f369d197297afc660d549129cb33c10ee4821fc013206b8438177a313
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b4a45b9fcfe0184fe34be438e0e8fbf7405b77533ec8651a7fad8a68b69ea11
1b6ba926a5b6a1ab89ec3c6f01134a85c67cb61633cda0ba61ab2a68fd0a4ef2
1d2f9524396aa83fb3b0418871c66c2b274d52f03eccf99406fb1a7dbaa1ddad
1df64e2ca163666a77934a7d776f4ea0ec65236c76c9f8c110acd785e967f8cd
1ea2e7e876bcafb44eed4b87bfd0ca1a002aae1e693d5f8c4f669d5ed4d109b3
1fb82c9bb456f6d5336430ebb3d5b1e596ceb303ee99690f0c9187aa13a0cd43
20582a562e7f2dc93433aacd707d211c81695c576a4b6e54d95815fa6bf9a21b
2089f21e54c491ec6410f65c28d887855881a15f05cd38ea308de627c8023cfe
21241841fbfd49cf25d514ba29086ad36330dc7e2f1cf42be9c93e81b250877f
2196688d207f9a82188db611ae912978d9c8216c2b4315784871bce6d42846d8
24e2db472b47c82ae28a7dfeb21ee6133e43bdd4ff9adfc8f8e4d1096508ac6b
26565545186e94229fa5a7b4ccf77f1da9d1927143f91d06095ee7d249b01876
26b999061170bdf96251cff7ab6a43b5ba181f932ab665fecf223351041fa56c
2998625de812398464d7007ff065e3944469371e7a6e759e5b5ee079570850dc
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2a647bbfb5c6723ca10f9833ae08d3381b0061f982959571e56a55d7768cb7a5
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2e8db71249f82bb7584f1a2b6744275d18a4b5940ec8d48da133c65e81d5a23b
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3230fbae80cdf2aaf1c5a628f55217b2dd6ea98e157549140d4c0c54228bd502
35a2b85d7f2e1538d24526949815aa068a6e927045dc295ce9d4b0ba30b88104
36260e9cb231e00f7334eacc8a181329ba4c622cb50312342edb9e8512812cf7
3785065ccb1d6b6c3833e92be1772f67518de0360df6f5e9924b85a89e342702
37b1abfe0b6204def248ab0524c502537363014c1c885cec8c87c2800c1ec4c1
37f9b8c4f451c35a6bfa6f0053259ee5b69287dc9fc8b2fe366b7d25d312f1d9
3831d89c8363135cbc264c56381deb0f9d4f7b0de3b432c24cab8f3814b7c79c
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
39a292b9441c2ffd527adc375c9a4ceb5fa054ab0785aad6dfcc07fe3c533bd9
3aa9b65e588e13d287a8a34c5e204cedfda9c1f38193eda2abedf8d966524ddc
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e07509e7eb5c484b9a3fc7a73cc3eeb9def2b93d7720565da09df2835609df
42716b1e53a7779105575276cedc2e75677bc64e77b0a712bc0d48e2479abd98
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43a42702c59bc37d11cb776ffd904de25fe945c6028ef290dabfd0e977a88366
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47119823791aab6070737002c815249477ac964500c9d0c6ef94ee67c8acde72
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48df530b5926b5d54ac2434d9de70ddc96c9f1d5a03d0efbc104f40511b93f34
4942e6ba858aacd9cf2f14ebf4a12c8b3360d15443c69c563490933f57ca7749
496234f2d64e529b6616f30590621afa4c6892de3fb32bfadada2079842aa69a
4b0a031cd77f75c218ac849defd4547e2f847a61b88be317bf5460869c361d1d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b73da9e7f74a7ea075a3432685e97ba5209003bae4765a1dfb0cbbbfb726461
4c81a618f5d53d3380ec72a4c754c3e4fdda31319bb82126f5702f652101ccf6
4d07fb45f295358e44b45f21d0af5da1fb53b4dfcc329ed52e4696105926a66e
4d2ca649146edcfbd70eefad0c0a701b5e76fc71e46909f634a3a8d15cc7ae2f
4da5f3bc65d2847e85409fab61a326ac39ef0183df2f319554d268e089116735
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f46fc5838e2cd0dd3bee516215bb9601c235d7e5e391c419e073084e34e0df6
50ab3257bfa31658b7e93ae14baa36c0ed60e6ecf3f87a5c75cc289425938676
51946688449aa14768f363027735ac05ab6de381a9229f7ff92ac5a4d48510ff
5194c7838f6cd490276fa655094416eadff9c3729821076d1956a177561242fc
5283bd4d2d406ed63cc6c7e981da83fd5299886f59a2a48cf14d06ef6b674472
531dd530899d5c89c1c766c0ca463c5e319a84044ebde699ec95b633807025a5
539af1417d45cd20b630bad77d4e5804fbd01265998540ed0ec43fe52eac4318
5403d969babfd75e6b987904f4018aeaea8780076af8aae30c53170cd333bfe9
55110586d3719c3e8bdaa21f06e4cc1c0a7451abbae662344cbd4411536b585f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
58872cd025f6c0f8214a15cae9a40e5bfccac477ffd65d0b0e472c80f37e56a0
591b193315e5a62bc0cd6ff5924b299f0f0eaf521af38798304169b07ad4a75e
5a16b3e32a8432bd5ff4aff2814946b90ca1c2800967f9eeedab950a0513ca82
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5b349f9bb9034e3014cf0cd81256fd311b1ee8343a466ba4b952d2e5486376d5
5df866e196bcb462d516549dfeb2dd0c1f065e77d0c0b34176d198cea734d7fd
5ea71bd07e560ea69f4bf12e5e48de530ce4a977ee361ed45ddcb581b060fd6c
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e16263ed1227e721bffd26891b13a4d07c5140249fa78f297b51845ee169db
62e9757197eb6b9f43c4064f9b811c904cd9fac8e79e3c648f08815927c6d4a7
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63680c6a3dd302c0eaa4d475e9b6f360e6d1eba0b23943f6b4eeead3eda8b270
638cb5eb34ef72ab24ce3bf36f86c40620bb9e2dd838df4866521a18503097a4
6395e8bd3c20d6fa5091a8aa3115a117c563df4de3d633ddd3ac29c850ad7a82
659372fb0cc364e7bef6063bbfadc56f69af001b8e8a36c7ca9f703505d71064
673c1b7f2476fa567bf3c5bf34eae12d0af30f3fe87d312e6d20fd3dd9f41aa2
67c56a7d4e7226317f808ffc6ec2ab4b75e0b2d17ad5f9a6fce15bfb810e53da
6b5ddde2aa0abbf7f6cb0d7cfbd960793ca019aec48ce78e59078081ef2f4c23
6c0f3db561b25cd1fa72fe869dbf52d548424d98f50be345965b1a3ba0ed76aa
6f4abfb9b465e92c6c72bb5a73a64989553c203b7604db64fd6fd3ad98498597
6f733263ba0d482063be46904102884233d3e14ebc2818968db52579a7bdaf83
6f8f4831b541ee2739728a4ebc98838867cb66671c7fb85ff2e45ca29d7c40eb
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
73ce21104cbd5c5d38a7f58633f41f6aaf3cf9bb58d2166935871115df10086f
73f5cb8f7a137847e41aeb849588174535651b6e140d8b13575f46fff0c496a2
74e542c8ef37f1d21695f0d1e3fecac4859bf90e720bb1757e313b47abd6b6d5
75472c974f12419398c5bc9626059493af31bf12caf0a7df944e04fca74df593
75f88fef1586ba9682b5d93f1c09a5e6701e9e4b16315e900127abbcada9309e
773724843bd75b49829a530ab475834f054d84d669b2a20562f41c373bf692c8
774eed62c0a7e2e5f262380ba4fdf3adb04d1c01257da0bd71adf68fe006075c
77f014b24f1d51b9e8feb12df701a957c14c0be286d6c914975afd019d15a79a
7a9c46b0959c82edbb5bd561835579f816fcc2eadcc2217d415c66e88b8eb80d
7b95d72059f05e99ab9cf49c9cb4284e87582df8ff9e6a90bd81dd5fa8ae92c0
7bf5edfe696a9f13d76221774e4cd9b7798434413aa3a6a2ba712f27841672c3
7c8f24757683d5fece3f8af5853e19b1432c3d9110c3f6307b1ea434807eb4c7
7cd6cb4e754ea89844a32d4f25b09af63640baa770efb29ccae578db1d796e66
7da9a385c373f532f8c3124668d592ebf557e4c8d6c9b310ce884491f71b61be
7e32714149ac99fd78000ab6877c97a1841ce505d9ec12788853bacfb342d53f
7ea96a249420a3e81153fb29900b5ed466b8ac7fbe026ba000c5cc05e0550a75
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce
801def71cdaead05679d744a81a2aac2080b8eefdde3f4b2820535c40170b3df
80e5988b4d23efd6cee8e63fdce713d953c03e6768b91e08ccd654c539fb4921
81ca8de6889663c7eb7f708f31a60b6e2902189eb7b6babac00d356b55f24be3
82bc8f6f12ccdd394079a09114c502cd8d1ab0324fe62ad32466f44de149f907
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833f2dcdef413e55d70cd6db9cc8a80667ab100b200a8a2d4335ac24e117186c
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
86ccd74d72ddfde5285cf54118621f3d9952c3804f77f108c5917e44e9f60857
87b85c256b170188318d0d8c695f43153651f18ee7a4788101b65da65ae0b85d
8821eaa3b6441c63d8e78ade1a361d9e52f4b6bc11952ac5fc3fae0e54c0c69a
8923b4f2bb98765736f23c71a08a37e09f44734e5ebff0bd587f4db5ab1c9c8a
892f3faf807b13d5f33cd670397faadc6d579b10b5397a13873319919464fca9
89b06cb9e6c5bfc93050dadd54d6f6089b128062de8dd613faac989ba4877813
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f
8c9673e17c76de038743e8c40c755442e113a504a516229b1f0a8b5301562520
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e11b77475acb433c4a9ca0fc3fa63b3c0320a03ababb8fb4f2820aae804f488
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e
8f3579e3bc5e91b52c4574003c94ed5cb81835c7241feab7f4eddc0e7f45fcfc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f97917fa7f71af70afc082f4631725f58b7e1f1ed162fb4e6c1bafb36dc0f9b
92c904ce2b4f5484f644e242079ac8c459f2440e96d70e76e4378165ac38c7c3
934181308271f5b7ce0168538d1a901088657e1b406afa8c56fb9b99d39b931e
9514372ab8ac313ea8019966fdcfe91b201c3aa69f92de8346ab34af461bbad2
95c7a14ef44ce8b426afe46ec2e3f62c3191c5c209a619f25d970a7f1522a7e6
96e37388fe1c53ec1763fc1b8f03913c101cf1c4d82b8b65ee4d1d834449fdeb
97d2d059b018df2d5e0dedab47f242e427c537c972c2bd3b013e44b6ec569f00
98fee98ab91e6436e07c57bd9bdbed6a0c0b6bdb0744c190be256826a634c22f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9dd8c6a593a9818d005ac42deba1c7bb83ea5aa55c653836ebc8f72381011d0c
9eb0bdb9f0b16d16240dac041eba34b58c66d651528c68f8ca4db7a7ab8f87eb
9eee5a5db2e54a56ce380a211a5f628783f027d2f81351db57468c44d240a8d2
9ef103475979f7a18eed5f87c809bbbe5f716778af5f3da870172f0e19ed614f
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a74f8d4fada631ed9dcd4fc5db831ef91c85d60bd1693c361eafdb5b5c6fa787
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
a8ed5a17cc40a3e61b27ffc7085528079e8c2591633b0433ca7ae3fdee18cc30
a98e82cd513deb7765cdb256c87b17b8baeeea85cf944f6375103a6dd41b79f1
aac34d8c2d9f201d0ecead6f52fc8a121dbff6efefa42591d746de3f90142d1e
ab4735dc23fbc670b1eefef1092a13b04b43264fbe6370a4f4d3923665d5cc1f
ac75ea020e812fb9df0319a2582db28ee65d8d96cec20ab337f0d3add44518f9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af7817454f184febcf58eabfb75d78ba890523372975c993861c6bbff4d66c2c
af979786c73f4c25357e6528bb264f3dffae203ec6ff1adced8b57c3532f6d4b
afc743ae9a3466a4def62d091d9c2242310eeca63f91c1a7e080acead8bf2bbd
aff6c2743f2252279f0f406b7d452f213f551dfacc1f66b117822458796bbdc6
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1631a16b9a272828ad99cdb2ff9beb5ca3f1bcfe33741fc51fb9fb1e764e227
b258841f268e6ee4ab1da71cb3ff38c7de3c57e5950c6dc4b9f6ec73383b1a42
b2d2f5d052658ef5589fe450a8654dbeb88d97511ce36f21f1c3bb3b38fa3c24
b4f1b9a886df0134481ed0c314df3e9aa6328ad3ccaf8ab6fbdd5b9af6e32b84
b5583a6022f454f9db946c6c1a4b61524beca477719549f149988dfee3d10e8c
b5b33bd8799b18cf38e5ed334cf7e53cfbbd251844251322a041d640b85d80c6
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d
b74d9f6fbb6cf4307e1b2eed938b6a3c343893863d7cfa43aea16832e5ca89ca
b874fd980c44f48cae413f6d415eb57528e3faa2f898a53d2fdefcb98eb2e8c3
ba7e0e72735ea304bac8a43e87c2da1b7ee2d6705e8548a2fde134beb08d7b48
baebdfcea04cb3ef643935edd933754294f292f44426f3f4b015053ca749c288
bd42ab1e963caae23b78541c50e8b5d8146d0c6b2151fcfcfa938c17c417f68e
bebc691e1da8b3f1666256854df12d7297ab623ad436a3fe0b13cc03440847d6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3a1e19ae447c458c806cec0f399a8b654602801a1b68e7c0341562c22b90f7e
c615104d3516e49abe78a9102737c6aa04056c6a8090e5746a38921d3b3811ab
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
c82a1f58bd36809c7a40324d2b34cbe9b3c2925c0cfe9aeb499dd33c048542ed
ca8e011c30e88f7508e3aa362170192447703c3054a19d3df50335a6d9576640
cae693444d5c4b70988da3ee41b0c3809de3f7701f474183ed8a446be6c970a5
cef1f3b034ff50600eaf24a55d990182b946c330400464e5c6114db803630b13
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
cf9563db7498f5d8616e581d56c1c9eb63f3afe652bfdada5677e6cd65d165f8
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8
d09a9b7b5a899a5e61dfd84dee7200b59666a37c0abd1af50366d23575d7a2da
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d2205de48460a9aeb813fb4d63585bfc0040ec69faf47ea909f200055d1d0854
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428
d2ffea20b89ec58766b0a7476601a4f5b97ccf430aa8cd574a1fbb5935ff0416
d4773994129007749a96cf0620485bad12bf57f3b75818bd5a76494b195cc2b1
d4892db659718f9033cdbb97f748925761ea07b4614ebc5503057270de8b63c4
d7298573933722e14c95aeac5f8dc3e4c2532f6b0a49c5ae0e5ceee204cda29d
d72f06af0711b02ad85c651465a9b3a66d6c38565ccde841667b881f28dbe49c
d81cea0747b72749235dbf26147ef5f8391f9b5c30497b6fb2d1881486512d4d
dba12b6a8cb3ac7768d4b13e7d346ba129bd7d4f6932ea695e4691eeee6c3ce2
dcb5420dbe7c1f1990d3c691ed99327aca0d45c90183a612b6e6032511686561
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcf6c395a8b1b640c5ea30f0879b920fdef1ca1d2fcb14d86498125195f895ca
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de60ce74dc51181fe850f249ae75cc015cbf18c96b9e44f5a40e9cc56b0ba85b
df1a7e1d5aa9cdec0fb2502ba9fb2df51b420be8f48e6a22fec8b8131811b9ee
e068ed36b40d6e523255e13ab786d4bc18777f1f59d9d396d81e0b6a0b61dcb1
e1068d8250da38213c867fca5b86b32fba9485824eae22362ae681635d78e187
e112118fc89c416775bdcda53b444309dadf33006f364c6d576a09574684edce
e13822da2ca587d1d53b050cb267bbfea098e785e496dfb833bf4ae38555a087
e2d69fdfdc7b7331b09ae4de0fd17999ba57ba65ef0e61a7f957250702e72421
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e486df7ba45e08e0e3f628f3762298333b7eab804ec4bd409bac2019dd1c5fac
e552b7ac693a2a9735c6ad91ffe028b30bc282b7bf36d1c17fdd0eae3771a00a
e562110b1ca8a71f0182c3420de858d17f37b66ec64b08c51eb7a5f2b5b5f3f8
e6214b2559f67192d41d07d928357497936f068d2953d63646bbfe104b1d68c5
e6afa2c25506bf723578e6e6525240047b85298e6d156f99e9a8ee3ef88d338b
e6dc3adacaa8ab677cb08b085bcf76ca35b8e3d77f7b336b799ea903c2ba26de
e96d6e5003cd36107aab8953b10c3a6d4b02586ff44a68afcb1896a3927990d6
eaa1fe6daa6d6efa271e07a942dd6cd521cf367b0f2a1470512f43dc315ad50c
eb26c2aa57bcf66f5127a3e87a7c44fed3bbc196f64be318cbb01dbac9b103c8
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1444849498b2c6eb6026a5e851aedb0d7df9bae8a4de4dbd3b4b2f46139a67e
f18ad02fab1aef3c3b4132bf5341d739be3b1b425cc9fd3d64d5bab2f52c6287
f27c3cf075cdc6041233d4196bb490f3f9ea6fe5d5f43b1d782b805be818015b
f46cb63f713050909f605ef0442f217ac42a6119e6cd5a32245e423b5dc1603e
f4bc87a7be38d9eec90a5616b6dea993707f33d17f02afb3593b97603aef4505
f4cc6338ed06c4e4b1f448c9ac312d0b431add3d72600816b11635880a918f5d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6a0507299d3304ad2618b2f22e77fc880d6d5c2b8e6c86bd16ada2eccc99e81
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
f8309299fec7e8c3dcb0ad264f831b568bbca033ed72d6dfa185502ec4689e25
f8859622b014c35916f294efc76fdb684a5681149809636416851b765d4eaf39
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
feb2160dccd8b0345096a272f9753c529fa2f32b843400805851dc714372d9d5